- Mar 06, 2010
-
-
Dr. Stephen Henson authored
Uses ASN1 module in Martin Kaiser's PSS patch.
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
now print out signatures instead of the standard hex dump. More complex signatures (e.g. PSS) can print out more meaningful information. Sample DSA version included that prints out the signature parameters r, s. [Note EVP_PKEY_ASN1_METHOD is an application opaque structure so adding new fields in the middle has no compatibility issues]
-
- Mar 05, 2010
-
-
Dr. Stephen Henson authored
found in an ENGINE.
-
Dr. Stephen Henson authored
an algorithm from the supplied engine instead of just the default one.
-
- Mar 03, 2010
-
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
PR#1999 broke fork detection by assuming HAVE_FORK was set for all platforms. Include original HAVE_FORK detection logic while allowing it to be overridden on specific platforms with -DHAVE_FORK=1 or -DHAVE_FORK=0
-
Dr. Stephen Henson authored
Fix for CVE-2010-0433 where some kerberos enabled versions of OpenSSL could be crashed if the relevant tables were not present (e.g. chrooted).
-
Dr. Stephen Henson authored
-
- Mar 02, 2010
-
-
Andy Polyakov authored
subject to change...
-
Andy Polyakov authored
-
Andy Polyakov authored
Submitted by: Andreas Krebbel
-
- Mar 01, 2010
-
-
Dr. Stephen Henson authored
Submitted by: "Kennedy, Brendan" <brendan.kennedy@intel.com> Handle error codes correctly: cryptodev returns 0 for success whereas OpenSSL returns 1.
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
-
- Feb 28, 2010
-
-
Ben Laurie authored
warnings hard to fix without major surgery).
-
Dr. Stephen Henson authored
-
- Feb 27, 2010
-
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
1.0.0. Original fix was on 2007-Mar-09 and had the log message: "Fix kerberos ciphersuite bugs introduced with PR:1336."
-
- Feb 26, 2010
-
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
CFB mode does *not* have to be a multiple of the block length and several other specifications (e.g. PKCS#11) do not require this.
-
Dr. Stephen Henson authored
-
- Feb 25, 2010
-
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
certificate is explicitly trusted (using -addtrust option to x509 utility for example) the verification is sucessful even if the chain is not complete.
-
Dr. Stephen Henson authored
allow setting of verify names in command line utilities and print out verify names in verify utility
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
as issuer and subject names. Although this is an incompatible change it should have little impact in pratice because self-issued certificates that are not self-signed are rarely encountered.
-
- Feb 24, 2010
-
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
-
- Feb 23, 2010
-
-
Andy Polyakov authored
-
Andy Polyakov authored
-
Andy Polyakov authored
-
Dr. Stephen Henson authored
X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT error codes were reversed in the verify application documentation.
-