root
/
openssl
mirror of https://github.com/openssl/openssl.git
1
0
Fork 0
Code Issues Actions 7 Packages Projects Releases Wiki Activity
11,896 Commits 32 Branches 398 Tags 545 MiB
Commit Graph

78 Commits

Author SHA1 Message Date
Dr. Stephen Henson 546b1b4384 Set Enveloped data version to 2 if ktri version not zero. 2014-05-06 13:59:05 +01:00
Dr. Stephen Henson 4cfeb00be9 make depend 2014-02-19 20:09:08 +00:00
Dr. Stephen Henson 5a7652c3e5 Remove duplicate statement. 2014-02-15 01:27:56 +00:00
Dr. Stephen Henson 847865d0f9 Add suppot for ASCII with CRLF canonicalisation. 2014-02-13 14:35:56 +00:00
Dr. Stephen Henson cd30f03ac5 Canonicalise input in CMS_verify. 
If content is detached and not binary mode translate the input to
CRLF format. Before this change the input was verified verbatim
which lead to a discrepancy between sign and verify.
 2013-12-22 00:35:29 +00:00
Dr. Stephen Henson da15c61608 Add CMS_SignerInfo_get0_signature function. 
Add function to retrieve the signature from a CMS_SignerInfo structure:
applications can then read or modify it.
 2013-11-09 15:09:23 +00:00
Dr. Stephen Henson dc1ce3bc64 Add KDF for DH. 
Add X9.42 DH KDF. Move sharedinfo generation code to CMS library as the
same structure is used by DH and ECDH.

Move ASN1_OBJECT typedef to ossl_typ.h so it can be picked up by dh headers
without the need to use ASN1.
 2013-08-05 15:45:01 +01:00
Dr. Stephen Henson 17c2764d2e CMS support for key agreeement recipient info. 
Add hooks to support key agreement recipient info type (KARI) using
algorithm specific code in the relevant public key ASN1 method.
 2013-07-17 21:45:00 +01:00
Dr. Stephen Henson ff7b6ce9db Set CMS EnvelopedData version correctly. 2013-07-17 21:45:00 +01:00
Dr. Stephen Henson e0f7cfda68 Initialise CMS signature buffer length properly. 2013-07-02 22:12:19 +01:00
Dr. Stephen Henson e365352d6a CMS public key parameter support. 
Add support for customisation of CMS handling of signed and enveloped
data from custom public key parameters.

This will provide support for RSA-PSS and RSA-OAEP but could also be
applied to other algorithms.
 2013-06-21 21:33:00 +01:00
Dr. Stephen Henson e1f1d28f34 Add function CMS_RecipientInfo_encrypt 
Add CMS_RecipientInfo_encrypt: this function encrypts an existing content
encryption key to match the key in the RecipientInfo structure: this is
useful if a new recpient is added to and existing enveloped data structure.

Add documentation.
 2013-02-26 16:59:56 +00:00
Dr. Stephen Henson 1703627ba8 Don't include comp.h in cmd_cd.c if OPENSSL_NO_COMP set 2013-01-23 01:09:38 +00:00
Ben Laurie 5762f7778d Fix warning. 2012-05-10 20:29:00 +00:00
Dr. Stephen Henson 225055c30b Reported by: Solar Designer of Openwall 
Make sure tkeylen is initialised properly when encrypting CMS messages.
 2012-05-10 13:46:09 +00:00
Dr. Stephen Henson 146b52edd1 Fix for CMS/PKCS7 MMA. If RSA decryption fails use a random key and 
continue with symmetric decryption process to avoid leaking timing
information to an attacker.

Thanks to Ivan Nestlerode <inestlerode@us.ibm.com> for discovering
this issue. (CVE-2012-0884)
 2012-03-12 16:31:39 +00:00
Ben Laurie ae55176091 Fix some warnings caused by __owur. Temporarily (I hope) remove the more 
aspirational __owur annotations.
 2011-11-14 00:36:10 +00:00
Dr. Stephen Henson df6de39fe7 Change AR to ARX to allow exclusion of fips object modules 2011-01-26 16:08:08 +00:00
Dr. Stephen Henson eb1c48be6f Add new type ossl_ssize_t instead of ssize_t and move definitions to 
e_os2.h, this should fix WIN32 compilation issues and hopefully avoid
conflicts with other headers which may workaround ssize_t in different ways.
 2010-07-26 18:15:59 +00:00
Dr. Stephen Henson 3cbb15ee81 add CVE-2010-0742 and CVS-2010-1633 fixes 2010-06-01 14:39:01 +00:00
Dr. Stephen Henson 31d66c2a98 update cms code to use X509_ALGOR_set_md instead of internal function 2010-03-11 13:29:39 +00:00
Dr. Stephen Henson 2712a2f625 tolerate broken CMS/PKCS7 implementations using signature OID instead of digest 2010-02-02 14:30:39 +00:00
Dr. Stephen Henson 031c78901b make update 2010-01-15 15:24:19 +00:00
Dr. Stephen Henson d2a53c2238 Experimental CMS password based recipient Info support. 2009-11-26 18:57:39 +00:00
Dr. Stephen Henson d71061122c PR: 2058 
Submitted by: Julia Lawall <julia@diku.dk>
Approved by: steve@openssl.org

Correct EVP_DigestVerifyFinal error handling.
 2009-09-30 23:49:11 +00:00
Dr. Stephen Henson b6dcdbfc94 Audit libcrypto for unchecked return values: fix all cases enountered 2009-09-23 23:43:49 +00:00
Dr. Stephen Henson a25f33d28a Submitted by: Julia Lawall <julia@diku.dk> 
The functions ENGINE_ctrl(), OPENSSL_isservice(), EVP_PKEY_sign(),
CMS_get1_RecipientRequest() and RAND_bytes() can return <=0 on error fix
so the return code is checked correctly.
 2009-09-13 11:29:29 +00:00
Dr. Stephen Henson 73ba116e96 Update from stable branch. 2009-03-25 12:54:14 +00:00
Dr. Stephen Henson 54571ba004 Use correct ctx name. 2009-03-15 14:03:47 +00:00
Dr. Stephen Henson 237d7b6cae Fix from stable branch. 2009-03-15 13:37:34 +00:00
Dr. Stephen Henson d0c3628834 Set memory BIOs up properly when stripping text headers from S/MIME messages. 2008-11-21 18:18:13 +00:00
Dr. Stephen Henson 6d6c47980e Correctly handle errors in CMS I/O code. 2008-08-05 15:55:53 +00:00
Dr. Stephen Henson 19048b5c8d New function CMS_add1_crl(). 2008-05-02 17:27:01 +00:00
Dr. Stephen Henson e6ef05d5f3 Make certs argument work in CMS_sign() add test case. 
PR:1664
 2008-04-18 11:18:20 +00:00
Dr. Stephen Henson 852bd35065 Fix prototype for CMS_decrypt(), don't free up detached content. 2008-04-11 23:45:52 +00:00
Dr. Stephen Henson a5db50d005 Revert argument swap change... oops CMS_uncompress() was consistent... 2008-04-11 23:23:18 +00:00
Dr. Stephen Henson 529d329ce1 Make CMS_uncompress() argument order consistent with other functions. 2008-04-11 17:34:13 +00:00
Dr. Stephen Henson c02b6b6b21 Fix for compression and updated CMS_final(). 2008-04-11 17:07:01 +00:00
Dr. Stephen Henson e0fbd07309 Add additional parameter to CMS_final() to handle detached content. 2008-04-10 11:22:14 +00:00
Dr. Stephen Henson eaee098e1f Ignore nonsensical flags for signed receipts. 2008-04-10 11:12:42 +00:00
Dr. Stephen Henson 853eae51e0 Implement CMS_NOCRL. 2008-04-07 11:00:44 +00:00
Dr. Stephen Henson ff80280b01 Set contentType attribute just before signing to allow encapsulated content 
type to be set at any time in applications.
 2008-04-06 16:29:47 +00:00
Dr. Stephen Henson e45641bd17 Fix typo and add header files to err library. 2008-04-06 15:53:29 +00:00
Dr. Stephen Henson d5a37b0293 Give consistent return value and add error code for duplicate certificates. 2008-04-06 15:41:25 +00:00
Dr. Stephen Henson a5cdb7d5bd Avoid warnings. 2008-04-01 16:29:42 +00:00
Dr. Stephen Henson 2e86f0d8d7 Use correct headers for signed receipts. Use consistent naming. 
Update cms-test.pl to support OpenSSL 0.9.8.
 2008-03-31 15:03:55 +00:00
Dr. Stephen Henson e2a29d49ca Update dependencies. 2008-03-29 21:11:25 +00:00
Dr. Stephen Henson b99674103d Remove unnecessary header. 2008-03-29 21:08:37 +00:00
Dr. Stephen Henson 36309aa2be Signed receipt generation code. 2008-03-28 19:43:16 +00:00
Dr. Stephen Henson eb9d8d8cd4 Support for verification of signed receipts. 2008-03-28 13:15:39 +00:00