Skip to content
CHANGES 94 KiB
Newer Older
 OpenSSL CHANGES
 Changes between 0.9.4 and 0.9.5  [xx XXX 1999]

  *) Add a bunch of DER and PEM functions to handle PKCS#8 format private
     keys. Add some short names for PKCS#8 PBE algorithms and allow them
     to be specified on the command line for the pkcs8 and pkcs12 utilities.
     Update documentation.
     [Steve Henson]

  *) Support for ASN1 "NULL" type. This could be handled before by using
     ASN1_TYPE but there wasn't any function that would try to read a NULL
     and produce an error if it couldn't. For compatibility we also have
     ASN1_NULL_new() and ASN1_NULL_free() functions but these are faked and
     don't allocate anything because they don't need to.
     [Steve Henson]

  *) Initial support for MacOS is now provided. Examine INSTALL.MacOS
     for details.
     [Andy Polyakov, Roy Woods <roy@centicsystems.ca>]

  *) Rebuild of the memory allocation routines used by OpenSSL code and
     possibly others as well.  The purpose is to make an interface that
     provide hooks so anyone can build a separate set of allocation and
     deallocation routines to be used by OpenSSL, for example if memory
     pool implementations, or something else.  The same is provided for
     memory debugging code.  OpenSSL already comes with code that finds
     memory leaks, but this gives people a chance to debug other memory
     problems.
     With these changes, a new set of functions and macros have appeared:

       CRYPTO_set_mem_debug_functions()		[F]
       CRYPTO_get_mem_debug_functions()		[F]
       CRYPTO_dbg_set_options()			[F]
       CRYPTO_dbg_get_options()			[F]
       CRYPTO_melloc_debug_init()		[M]

     The memory debug functions are NULL by default, unless the library
     is compiled with CRYPTO_MDEBUG or friends is defined.  If someone
     wants to debug memory anyway, CRYPTO_malloc_debug_init() or
     CRYPTO_set_mem_debug_functions() must be used.

     Also, things like CRYPTO_set_mem_functions will always give the
     expected result (the new set of functions is used for allocation
     and deallocation) at all times, regardless of platform and compiler
     options.

     To finish it up, some functions that were never use in any other
     way than through macros have a new API and new semantic:

       CRYPTO_dbg_malloc()
       CRYPTO_dbg_realloc()
       CRYPTO_dbg_free()

     All macros of value have retained their old syntax.
  *) Some S/MIME fixes. The OID for SMIMECapabilities was wrong, the
     ordering of SMIMECapabilities wasn't in "strength order" and there
     was a missing NULL in the AlgorithmIdentifier for the SHA1 signature
     algorithm.
     [Steve Henson]

  *) Some ASN1 types with illegal zero length encoding (INTEGER,
     ENUMERATED and OBJECT IDENTIFIER) choked the ASN1 routines.
     [Frans Heymans <fheymans@isaserver.be>, modified by Steve Henson]

  *) Merge in my S/MIME library for OpenSSL. This provides a simple
     S/MIME API on top of the PKCS#7 code, a MIME parser (with enough
     functionality to handle multipart/signed properly) and a utility
     called 'smime' to call all this stuff. This is based on code I
     originally wrote for Celo who have kindly allowed it to be
     included in OpenSSL.
     [Steve Henson]

  *) Add variants des_set_key_checked and des_set_key_unchecked of
     des_set_key (aka des_key_sched).  Global variable des_check_key
     decides which of these is called by des_set_key; this way
     des_check_key behaves as it always did, but applications and
     the library itself, which was buggy for des_check_key == 1,
     have a cleaner way to pick the version they need.
     [Bodo Moeller]

  *) New function PKCS12_newpass() which changes the password of a
     PKCS12 structure.
     [Steve Henson]

  *) Modify X509_TRUST and X509_PURPOSE so it also uses a static and
     dynamic mix. In both cases the ids can be used as an index into the
     table. Also modified the X509_TRUST_add() and X509_PURPOSE_add()
     functions so they accept a list of the field values and the
     application doesn't need to directly manipulate the X509_TRUST
     structure.
     [Steve Henson]

  *) Modify the ASN1_STRING_TABLE stuff so it also uses bsearch and doesn't
     need initialising.
     [Steve Henson]

  *) Modify the way the V3 extension code looks up extensions. This now
     works in a similar way to the object code: we have some "standard"
     extensions in a static table which is searched with OBJ_bsearch()
     and the application can add dynamic ones if needed. The file
     crypto/x509v3/ext_dat.h now has the info: this file needs to be
     updated whenever a new extension is added to the core code and kept
     in ext_nid order. There is a simple program 'tabtest.c' which checks
     this. New extensions are not added too often so this file can readily
     be maintained manually.

     There are two big advantages in doing things this way. The extensions
     can be looked up immediately and no longer need to be "added" using
     X509V3_add_standard_extensions(): this function now does nothing.
     [Side note: I get *lots* of email saying the extension code doesn't
      work because people forget to call this function]
     Also no dynamic allocation is done unless new extensions are added:
     so if we don't add custom extensions there is no need to call
     X509V3_EXT_cleanup().
     [Steve Henson]

  *) Modify enc utility's salting as follows: make salting the default. Add a
     magic header, so unsalted files fail gracefully instead of just decrypting
     to garbage. This is because not salting is a big security hole, so people
     should be discouraged from doing it.
     [Ben Laurie]

  *) Fixes and enhancements to the 'x509' utility. It allowed a message
     digest to be passed on the command line but it only used this
     parameter when signing a certificate. Modified so all relevant
     operations are affected by the digest parameter including the
     -fingerprint and -x509toreq options. Also -x509toreq choked if a
     DSA key was used because it didn't fix the digest.
     [Steve Henson]

  *) Initial certificate chain verify code. Currently tests the untrusted
     certificates for consistency with the verify purpose (which is set
     when the X509_STORE_CTX structure is set up) and checks the pathlength.

     There is a NO_CHAIN_VERIFY compilation option to keep the old behaviour:
     this is because it will reject chains with invalid extensions whereas
     every previous version of OpenSSL and SSLeay made no checks at all.

     Trust code: checks the root CA for the relevant trust settings. Trust
     settings have an initial value consistent with the verify purpose: e.g.
     if the verify purpose is for SSL client use it expects the CA to be
     trusted for SSL client use. However the default value can be changed to
     permit custom trust settings: one example of this would be to only trust
     certificates from a specific "secure" set of CAs.

     Also added X509_STORE_CTX_new() and X509_STORE_CTX_free() functions
     which should be used for version portability: especially since the
     verify structure is likely to change more often now.
     SSL integration. Add purpose and trust to SSL_CTX and SSL and functions
     to set them. If not set then assume SSL clients will verify SSL servers
     and vice versa.

     Two new options to the verify program: -untrusted allows a set of
     untrusted certificates to be passed in and -purpose which sets the
     intended purpose of the certificate. If a purpose is set then the
     new chain verify code is used to check extension consistency.
     [Steve Henson]

  *) Support for the authority information access extension.
  *) Modify RSA and DSA PEM read routines to transparently handle
     PKCS#8 format private keys. New *_PUBKEY_* functions that handle
     public keys in a format compatible with certificate
     SubjectPublicKeyInfo structures. Unfortunately there were already
     functions called *_PublicKey_* which used various odd formats so
     these are retained for compatibility: however the DSA variants were
     never in a public release so they have been deleted. Changed dsa/rsa
     utilities to handle the new format: note no releases ever handled public
     keys so we should be OK.

     The primary motivation for this change is to avoid the same fiasco
     that dogs private keys: there are several incompatible private key
     formats some of which are standard and some OpenSSL specific and
     require various evil hacks to allow partial transparent handling and
     even then it doesn't work with DER formats. Given the option anything
     other than PKCS#8 should be dumped: but the other formats have to
     stay in the name of compatibility.

     With public keys and the benefit of hindsight one standard format 
     is used which works with EVP_PKEY, RSA or DSA structures: though
     it clearly returns an error if you try to read the wrong kind of key.

     Added a -pubkey option to the 'x509' utility to output the public key.
     Also rename the EVP_PKEY_get_*() to EVP_PKEY_rget_*() and add
     EVP_PKEY_rset_*() functions that do the same as the EVP_PKEY_assign_*()
     except they up the reference count of the added key (they don't "swallow"
     the supplied key).
     [Steve Henson]

  *) Fixes to crypto/x509/by_file.c the code to read in certificates and
     CRLs would fail if the file contained no certificates or no CRLs:
     added a new function to read in both types and return the number
Loading full blame...