(39bed15e) · Commits · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP OpenSSL · GitLab

Commit 39bed15e authored May 24, 2001 by Dr. Stephen Henson

Add missing variable length cipher flag for Blowfish.

Only use trust settings if either trust or reject settings
are present, otherwise use compatibility mode. This stops
root CAs being rejected if they have alias of keyid set.

parent 4b04466f

CHANGES

+7 −0

Original line number	Diff line number	Diff line
		@@ -4,6 +4,13 @@

		Changes between 0.9.6a and 0.9.6b [XX xxx XXXX]

		*) Fix for compatibility mode trust settings: ignore trust settings
		unless some valid trust or reject settings are present.
		[Steve Henson]

		*) Fix for blowfish EVP: its a variable length cipher.
		[Steve Henson]

		*) Fix various bugs related to DSA S/MIME verification. Handle missing
		parameters in DSA public key structures and return an error in the
		DSA routines if parameters are absent.

crypto/evp/e_bf.c

+1 −1

Original line number	Diff line number	Diff line
		@@ -67,7 +67,7 @@ static int bf_init_key(EVP_CIPHER_CTX ctx, const unsigned char key,
		const unsigned char *iv, int enc);

		IMPLEMENT_BLOCK_CIPHER(bf, bf_ks, BF, bf_ks, NID_bf, 8, 16, 8,
		0, bf_init_key, NULL,
		EVP_CIPH_VARIABLE_LENGTH, bf_init_key, NULL,
		EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv, NULL)

		static int bf_init_key(EVP_CIPHER_CTX ctx, const unsigned char key,

crypto/x509/x509_trs.c

+2 −1

Original line number	Diff line number	Diff line
		@@ -228,7 +228,8 @@ int X509_TRUST_get_trust(X509_TRUST *xp)

		static int trust_1oidany(X509_TRUST trust, X509 x, int flags)
		{
		if(x->aux) return obj_trust(trust->arg1, x, flags);
		if(x->aux && (x->aux->trust \|\| x->aux->reject))
		return obj_trust(trust->arg1, x, flags);
		/* we don't have any trust settings: for compatibility
		* we return trusted if it is self signed
		*/