OpenSSL CVS Repository
http://cvs.openssl.org/
____________________________________________________________
________________
Server: cvs.openssl.org Name: Dr.
Stephen Henson
Root: /v/openssl/cvs Email: steve openssl.org
Module: openssl Date:
19-Sep-2007 02:02:52
Branch: OpenSSL-fips-0_9_8-stable Handle:
2007091901015851
Modified files: (Branch:
OpenSSL-fips-0_9_8-stable)
openssl Configure Makefile.shared TABLE
openssl/apps dgst.c
openssl/crypto/aes aes_ige.c
openssl/crypto/bio b_print.c b_sock.c bio.h
openssl/crypto/bn bn_mont.c bn_prime.c bn_prime.h
bn_prime.pl
openssl/crypto/des set_key.c
openssl/crypto/pqueue pq_compat.h
openssl/doc/apps enc.pod openssl.pod rsautl.pod
openssl/ssl d1_srvr.c
Log:
Include some fixes from 0.9.8-stable branch.
Summary:
Revision Changes Path
1.488.2.35.2.26+16 -3 openssl/Configure
1.47.2.10.2.8+2 -2 openssl/Makefile.shared
1.184.2.15.2.12+58 -4 openssl/TABLE
1.35.2.3.2.3+13 -9 openssl/apps/dgst.c
1.1.2.2.2.3 +7 -3 openssl/crypto/aes/aes_ige.c
1.39.4.1 +2 -2 openssl/crypto/bio/b_print.c
1.38.2.1.2.1+1 -9 openssl/crypto/bio/b_sock.c
1.67.2.3.2.1+8 -8 openssl/crypto/bio/bio.h
1.36.2.4.2.4+2 -0 openssl/crypto/bn/bn_mont.c
1.33.2.2.2.1+2 -2 openssl/crypto/bn/bn_prime.c
1.4.24.1 +3 -1 openssl/crypto/bn/bn_prime.h
1.4.4.1 +3 -1 openssl/crypto/bn/bn_prime.pl
1.20.4.4 +1 -1 openssl/crypto/des/set_key.c
1.1.2.5.2.1 +1 -1
openssl/crypto/pqueue/pq_compat.h
1.6.2.2.2.1 +8 -0 openssl/doc/apps/enc.pod
1.16.4.1 +16 -0 openssl/doc/apps/openssl.pod
1.3.16.1 +1 -1 openssl/doc/apps/rsautl.pod
1.2.2.6.2.1 +5 -0 openssl/ssl/d1_srvr.c
____________________________________________________________
________________
patch -p0 <<' .'
Index: openssl/Configure
============================================================
================
$ cvs diff -u -r1.488.2.35.2.25 -r1.488.2.35.2.26
Configure
--- openssl/Configure 16 Sep 2007 18:44:35
-0000 1.488.2.35.2.25
+++ openssl/Configure 19 Sep 2007 00:01:58
-0000 1.488.2.35.2.26
-1227,9 +1227,13
#
if ($target =~ /-icc$/) # Intel C compiler
{
- my($iccver)=`$cc -V 2>&1`;
- if ($iccver =~ /Version ([0-9]+)./) { $iccver=$1; }
- else { $iccver=0; }
+ my $iccver=0;
+ if (open(FD,"$cc -V 2>&1 |"))
+ {
+ while(<FD>) { $iccver=$1 if (/Version
([0-9]+)./); }
+ close(FD);
+ }
+
if ($iccver>=8)
{
# Eliminate unnecessary dependency from libirc.a. This
is
-1237,6 +1241,15
# apps/openssl can end up in endless loop upon
startup...
$cflags.=" -Dmemcpy=__builtin_memcpy
-Dmemset=__builtin_memset";
}
+ if ($iccver>=9)
+ {
+ $cflags.=" -i-static";
+ $cflags=~s/-no_cpprt/-no-cpprt/;
+ }
+ if ($iccver>=10)
+ {
+ $cflags=~s/-i-static/-static-intel/;
+ }
}
# Unlike other OSes (like Solaris, Linux, Tru64, IRIX)
BSD run-time
.
patch -p0 <<' .'
Index: openssl/Makefile.shared
============================================================
================
$ cvs diff -u -r1.47.2.10.2.7 -r1.47.2.10.2.8
Makefile.shared
--- openssl/Makefile.shared 26 Aug 2007 14:57:09
-0000 1.47.2.10.2.7
+++ openssl/Makefile.shared 19 Sep 2007 00:02:02
-0000 1.47.2.10.2.8
-466,7 +466,7
ALLSYMSFLAGS='-Wl,-Fl';
NOALLSYMSFLAGS='';
expr $(PLATFORM) : 'hpux64' > /dev/null &&
ALLSYMSFLAGS='-Wl,+forceload';
- SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS)
-Wl,-B,symbolic,+vnocompatwarnings,-z,+s,+h,$$SHLIB$$SHLIB_S
OVER$$SHLIB_SUFFIX";
+ SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS)
-Wl,-B,symbolic,+vnocompatwarnings,-z,+s,+h,$$SHLIB$$SHLIB_S
OVER$$SHLIB_SUFFIX,+cdp,../:,+cdp,./:";
fi;
rm -f $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX || :;
$(LINK_SO_O) && chmod a=rx
$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX
-479,7 +479,7
ALLSYMSFLAGS='-Wl,-Fl';
NOALLSYMSFLAGS='';
expr $(PLATFORM) : 'hpux64' > /dev/null &&
ALLSYMSFLAGS='-Wl,+forceload';
- SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS)
-Wl,-B,symbolic,+vnocompatwarnings,-z,+s,+h,$$SHLIB$$SHLIB_S
OVER$$SHLIB_SUFFIX";
+ SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS)
-Wl,-B,symbolic,+vnocompatwarnings,-z,+s,+h,$$SHLIB$$SHLIB_S
OVER$$SHLIB_SUFFIX,+cdp,../:,+cdp,./:";
fi;
rm -f $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX || :;
$(LINK_SO_A) && chmod a=rx
$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX
.
patch -p0 <<' .'
Index: openssl/TABLE
============================================================
================
$ cvs diff -u -r1.184.2.15.2.11 -r1.184.2.15.2.12 TABLE
--- openssl/TABLE 27 Aug 2007 16:26:37
-0000 1.184.2.15.2.11
+++ openssl/TABLE 19 Sep 2007 00:02:03
-0000 1.184.2.15.2.12
-947,7 +947,7
*** darwin-i386-cc
$cc = cc
-$cflags = -O3 -fomit-frame-pointer -fno-common
+$cflags = -arch i386 -O3 -fomit-frame-pointer
-fno-common
$unistd =
$thread_cflag = -D_REENTRANT
$sys_id = MACOSX
-967,14 +967,14
$dso_scheme = dlfcn
$shared_target= darwin-shared
$shared_cflag = -fPIC -fno-common
-$shared_ldflag = -dynamiclib
+$shared_ldflag = -arch i386 -dynamiclib
$shared_extension = .$(SHLIB_MAJOR).$(SHLIB_MINOR).dylib
$ranlib =
$arflags =
*** darwin-ppc-cc
$cc = cc
-$cflags = -O3 -DB_ENDIAN
+$cflags = -arch ppc -O3 -DB_ENDIAN
$unistd =
$thread_cflag = -D_REENTRANT
$sys_id = MACOSX
-994,7 +994,61
$dso_scheme = dlfcn
$shared_target= darwin-shared
$shared_cflag = -fPIC -fno-common
-$shared_ldflag = -dynamiclib
+$shared_ldflag = -arch ppc -dynamiclib
+$shared_extension = .$(SHLIB_MAJOR).$(SHLIB_MINOR).dylib
+$ranlib =
+$arflags =
+
+*** darwin64-ppc-cc
+$cc = cc
+$cflags = -arch ppc64 -O3 -DB_ENDIAN
+$unistd =
+$thread_cflag = -D_REENTRANT
+$sys_id = MACOSX
+$lflags = -Wl,-search_paths_first%
+$bn_ops = SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK
DES_UNROLL BF_PTR
+$cpuid_obj = ppccpuid_osx64.o
+$bn_obj = osx_ppc64.o osx_ppc64-mont.o
+$des_obj =
+$aes_obj =
+$bf_obj =
+$md5_obj =
+$sha1_obj = sha1-ppc_osx64.o sha256-ppc_osx64.o
sha512-ppc_osx64.o
+$cast_obj =
+$rc4_obj =
+$rmd160_obj =
+$rc5_obj =
+$dso_scheme =
+$shared_target=
+$shared_cflag = dlfcn
+$shared_ldflag = darwin-shared
+$shared_extension = -fPIC -fno-common
+$ranlib = -arch ppc64 -dynamiclib
+$arflags = .$(SHLIB_MAJOR).$(SHLIB_MINOR).dylib
+
+*** darwin64-x86_64-cc
+$cc = cc
+$cflags = -arch x86_64 -O3 -fomit-frame-pointer
-DL_ENDIAN -DMD32_REG_T=int -Wall
+$unistd =
+$thread_cflag = -D_REENTRANT
+$sys_id = MACOSX
+$lflags = -Wl,-search_paths_first%
+$bn_ops = SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK
BF_PTR2 DES_INT DES_UNROLL
+$cpuid_obj =
+$bn_obj =
+$des_obj =
+$aes_obj =
+$bf_obj =
+$md5_obj =
+$sha1_obj =
+$cast_obj =
+$rc4_obj =
+$rmd160_obj =
+$rc5_obj =
+$dso_scheme = dlfcn
+$shared_target= darwin-shared
+$shared_cflag = -fPIC -fno-common
+$shared_ldflag = -arch x86_64 -dynamiclib
$shared_extension = .$(SHLIB_MAJOR).$(SHLIB_MINOR).dylib
$ranlib =
$arflags =
.
patch -p0 <<' .'
Index: openssl/apps/dgst.c
============================================================
================
$ cvs diff -u -r1.35.2.3.2.2 -r1.35.2.3.2.3 dgst.c
--- openssl/apps/dgst.c 6 Apr 2007 00:30:14
-0000 1.35.2.3.2.2
+++ openssl/apps/dgst.c 19 Sep 2007 00:02:10
-0000 1.35.2.3.2.3
-256,29 +256,33
BIO_printf(bio_err,"-engine e use engine e,
possibly a hardware device.n");
#endif
- BIO_printf(bio_err,"-%3s to use the %s message
digest algorithm (default)n",
+ BIO_printf(bio_err,"-%-14s to use the %s message
digest algorithm (default)n",
LN_md5,LN_md5);
- BIO_printf(bio_err,"-%3s to use the %s message
digest algorithmn",
+ BIO_printf(bio_err,"-%-14s to use the %s message
digest algorithmn",
LN_md4,LN_md4);
- BIO_printf(bio_err,"-%3s to use the %s message
digest algorithmn",
+ BIO_printf(bio_err,"-%-14s to use the %s message
digest algorithmn",
LN_md2,LN_md2);
#ifndef OPENSSL_NO_SHA
- BIO_printf(bio_err,"-%3s to use the %s message
digest algorithmn",
+ BIO_printf(bio_err,"-%-14s to use the %s message
digest algorithmn",
LN_sha1,LN_sha1);
- BIO_printf(bio_err,"-%3s to use the %s message
digest algorithmn",
+ BIO_printf(bio_err,"-%-14s to use the %s message
digest algorithmn",
LN_sha,LN_sha);
#ifndef OPENSSL_NO_SHA256
- BIO_printf(bio_err,"-%3s to use the %s message
digest algorithmn",
+ BIO_printf(bio_err,"-%-14s to use the %s message
digest algorithmn",
+ LN_sha224,LN_sha224);
+ BIO_printf(bio_err,"-%-14s to use the %s message
digest algorithmn",
LN_sha256,LN_sha256);
#endif
#ifndef OPENSSL_NO_SHA512
- BIO_printf(bio_err,"-%3s to use the %s message
digest algorithmn",
+ BIO_printf(bio_err,"-%-14s to use the %s message
digest algorithmn",
+ LN_sha384,LN_sha384);
+ BIO_printf(bio_err,"-%-14s to use the %s message
digest algorithmn",
LN_sha512,LN_sha512);
#endif
#endif
- BIO_printf(bio_err,"-%3s to use the %s message
digest algorithmn",
+ BIO_printf(bio_err,"-%-14s to use the %s message
digest algorithmn",
LN_mdc2,LN_mdc2);
- BIO_printf(bio_err,"-%3s to use the %s message
digest algorithmn",
+ BIO_printf(bio_err,"-%-14s to use the %s message
digest algorithmn",
LN_ripemd160,LN_ripemd160);
err=1;
goto end;
.
patch -p0 <<' .'
Index: openssl/crypto/aes/aes_ige.c
============================================================
================
$ cvs diff -u -r1.1.2.2.2.2 -r1.1.2.2.2.3 aes_ige.c
--- openssl/crypto/aes/aes_ige.c 20 Jun 2007 17:49:41
-0000 1.1.2.2.2.2
+++ openssl/crypto/aes/aes_ige.c 19 Sep 2007 00:02:15
-0000 1.1.2.2.2.3
-62,9 +62,11
/* XXX: probably some better way to do this */
#if defined(__i386__) || defined(__x86_64__)
#define UNALIGNED_MEMOPS_ARE_FAST 1
+#else
+#define UNALIGNED_MEMOPS_ARE_FAST 0
#endif
-#ifdef UNALIGNED_MEMOPS_ARE_FAST
+#if UNALIGNED_MEMOPS_ARE_FAST
#define load_block(d, s) (d) = *(const aes_block_t
*)(s)
#define store_block(d, s) *(aes_block_t *)(d) =
(s)
#else
-89,7 +91,8
if (AES_ENCRYPT == enc)
{
- if (in != out)
+ if (in != out &&
+ (UNALIGNED_MEMOPS_ARE_FAST ||
((size_t)in|(size_t)out|(size_t)ivec)%sizeof(long)==0))
{
aes_block_t *ivp = (aes_block_t *)ivec;
aes_block_t *iv2p = (aes_block_t *)(ivec +
AES_BLOCK_SIZE);
-143,7 +146,8
}
else
{
- if(in != out)
+ if (in != out &&
+ (UNALIGNED_MEMOPS_ARE_FAST ||
((size_t)in|(size_t)out|(size_t)ivec)%sizeof(long)==0))
{
aes_block_t *ivp = (aes_block_t *)ivec;
aes_block_t *iv2p = (aes_block_t *)(ivec +
AES_BLOCK_SIZE);
.
patch -p0 <<' .'
Index: openssl/crypto/bio/b_print.c
============================================================
================
$ cvs diff -u -r1.39 -r1.39.4.1 b_print.c
--- openssl/crypto/bio/b_print.c 5 May 2005 20:57:37
-0000 1.39
+++ openssl/crypto/bio/b_print.c 19 Sep 2007 00:02:20
-0000 1.39.4.1
-79,7 +79,7
#include <openssl/bn.h> /* To get BN_LLONG
properly defined */
#include <openssl/bio.h>
-#ifdef BN_LLONG
+#if defined(BN_LLONG) || defined(SIXTY_FOUR_BIT)
# ifndef HAVE_LONG_LONG
# define HAVE_LONG_LONG 1
# endif
-117,7 +117,7
#if HAVE_LONG_LONG
# if defined(OPENSSL_SYS_WIN32) &&
!defined(__GNUC__)
-# define LLONG _int64
+# define LLONG __int64
# else
# define LLONG long long
# endif
.
patch -p0 <<' .'
Index: openssl/crypto/bio/b_sock.c
============================================================
================
$ cvs diff -u -r1.38.2.1 -r1.38.2.1.2.1 b_sock.c
--- openssl/crypto/bio/b_sock.c 13 Jun 2005 03:21:00
-0000 1.38.2.1
+++ openssl/crypto/bio/b_sock.c 19 Sep 2007 00:02:21
-0000 1.38.2.1.2.1
-456,9 +456,6
{
int err;
-#ifdef SIGINT
- signal(SIGINT,(void (*)(int))BIO_sock_cleanup);
-#endif
wsa_init_done=1;
memset(&wsa_state,0,sizeof(wsa_state));
if (WSAStartup(0x0101,&wsa_state)!=0)
-484,11 +481,6
if (!wsa_init_done)
{
-
-# ifdef SIGINT
- signal(SIGINT,(void (*)(int))BIO_sock_cleanup);
-# endif
-
wsa_init_done=1;
wVerReq = MAKEWORD( 2, 0 );
err = WSAStartup(wVerReq,&wsaData);
-511,7 +503,7
{
wsa_init_done=0;
#ifndef OPENSSL_SYS_WINCE
- WSACancelBlockingCall();
+ WSACancelBlockingCall(); /* Winsock 1.1 specific */
#endif
WSACleanup();
}
.
patch -p0 <<' .'
Index: openssl/crypto/bio/bio.h
============================================================
================
$ cvs diff -u -r1.67.2.3 -r1.67.2.3.2.1 bio.h
--- openssl/crypto/bio/bio.h 8 Feb 2007 19:08:20
-0000 1.67.2.3
+++ openssl/crypto/bio/bio.h 19 Sep 2007 00:02:23
-0000 1.67.2.3.2.1
-129,8 +129,8
/* dgram BIO stuff */
#define BIO_CTRL_DGRAM_CONNECT 31 /* BIO dgram
special */
#define BIO_CTRL_DGRAM_SET_CONNECTED 32 /* allow for an
externally
- * connected socket to be
- * passed in */
+ * connected socket to be
+ * passed in */
#define BIO_CTRL_DGRAM_SET_RECV_TIMEOUT 33 /* setsockopt,
essentially */
#define BIO_CTRL_DGRAM_GET_RECV_TIMEOUT 34 /* getsockopt,
essentially */
#define BIO_CTRL_DGRAM_SET_SEND_TIMEOUT 35 /* setsockopt,
essentially */
-146,14 +146,14
#define BIO_CTRL_DGRAM_QUERY_MTU 40 /* as kernel
for current MTU */
#define BIO_CTRL_DGRAM_GET_MTU 41 /* get
cached value for MTU */
#define BIO_CTRL_DGRAM_SET_MTU 42 /* set
cached value for
- * MTU. want to use this
- * if asking
the kernel
- * fails */
+ * MTU. want to use this
+ * if asking the kernel
+ * fails */
#define BIO_CTRL_DGRAM_MTU_EXCEEDED 43 /* check
whether the MTU
- * was exceed in the
- * previous write
- * operation */
+ * was exceed in the
+ * previous write
+ * operation */
#define BIO_CTRL_DGRAM_SET_PEER 44 /*
Destination for the data */
.
patch -p0 <<' .'
Index: openssl/crypto/bn/bn_mont.c
============================================================
================
$ cvs diff -u -r1.36.2.4.2.3 -r1.36.2.4.2.4 bn_mont.c
--- openssl/crypto/bn/bn_mont.c 24 Jul 2007 15:07:51
-0000 1.36.2.4.2.3
+++ openssl/crypto/bn/bn_mont.c 19 Sep 2007 00:02:26
-0000 1.36.2.4.2.4
-299,6 +299,8
}
for (ri+=4; i<ri; i++)
rp[i]=nrp[i], ap[i]=0;
+ bn_correct_top(r);
+ bn_correct_top(ret);
# else
if (bn_wexpand(ret,al) == NULL) goto err;
ret->top=al;
.
patch -p0 <<' .'
Index: openssl/crypto/bn/bn_prime.c
============================================================
================
$ cvs diff -u -r1.33.2.2 -r1.33.2.2.2.1 bn_prime.c
--- openssl/crypto/bn/bn_prime.c 18 Sep 2006 14:01:39
-0000 1.33.2.2
+++ openssl/crypto/bn/bn_prime.c 19 Sep 2007 00:02:27
-0000 1.33.2.2.2.1
-377,14 +377,14
static int probable_prime(BIGNUM *rnd, int bits)
{
int i;
- BN_ULONG mods[NUMPRIMES];
+ prime_t mods[NUMPRIMES];
BN_ULONG delta,maxdelta;
again:
if (!BN_rand(rnd,bits,1,1)) return(0);
/* we now have a random number 'rand' to test. */
for (i=1; i<NUMPRIMES; i++)
- mods[i]=BN_mod_word(rnd,(BN_ULONG)primes[i]);
+ mods[i]=(prime_t)BN_mod_word(rnd,(BN_ULONG)primes[i]);
maxdelta=BN_MASK2 - primes[NUMPRIMES-1];
delta=0;
loop: for (i=1; i<NUMPRIMES; i++)
.
patch -p0 <<' .'
Index: openssl/crypto/bn/bn_prime.h
============================================================
================
$ cvs diff -u -r1.4 -r1.4.24.1 bn_prime.h
--- openssl/crypto/bn/bn_prime.h 16 Feb 2000 13:24:06
-0000 1.4
+++ openssl/crypto/bn/bn_prime.h 19 Sep 2007 00:02:29
-0000 1.4.24.1
-58,10 +58,12
#ifndef EIGHT_BIT
#define NUMPRIMES 2048
+typedef unsigned short prime_t;
#else
#define NUMPRIMES 54
+typedef unsigned char prime_t;
#endif
-static const unsigned int primes[NUMPRIMES]=
+static const prime_t primes[NUMPRIMES]=
{
2, 3, 5, 7, 11, 13, 17, 19,
23, 29, 31, 37, 41, 43, 47, 53,
.
patch -p0 <<' .'
Index: openssl/crypto/bn/bn_prime.pl
============================================================
================
$ cvs diff -u -r1.4 -r1.4.4.1 bn_prime.pl
--- openssl/crypto/bn/bn_prime.pl 25 Sep 2003 13:57:58
-0000 1.4
+++ openssl/crypto/bn/bn_prime.pl 19 Sep 2007 00:02:30
-0000 1.4.4.1
-101,10 +101,12
printf "#ifndef EIGHT_BITn";
printf "#define NUMPRIMES %dn",$num;
+printf "typedef unsigned short prime_t;n";
printf "#elsen";
printf "#define NUMPRIMES %dn",$eight;
+printf "typedef unsigned char prime_t;n";
printf "#endifn";
-print "static const unsigned int
primes[NUMPRIMES]=nt{nt";
+print "static const prime_t
primes[NUMPRIMES]=nt{nt";
$init=0;
for ($i=0; $i <= $#primes; $i++)
{
.
patch -p0 <<' .'
Index: openssl/crypto/des/set_key.c
============================================================
================
$ cvs diff -u -r1.20.4.3 -r1.20.4.4 set_key.c
--- openssl/crypto/des/set_key.c 11 Jul 2007 11:53:19
-0000 1.20.4.3
+++ openssl/crypto/des/set_key.c 19 Sep 2007 00:02:35
-0000 1.20.4.4
-116,7 +116,7
* (and actual cblock values).
*/
#define NUM_WEAK_KEY 16
-static DES_cblock weak_keys[NUM_WEAK_KEY]={
+static const DES_cblock weak_keys[NUM_WEAK_KEY]={
/* weak keys */
{0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01},
{0xFE,0xFE,0xFE,0xFE,0xFE,0xFE,0xFE,0xFE},
.
patch -p0 <<' .'
Index: openssl/crypto/pqueue/pq_compat.h
============================================================
================
$ cvs diff -u -r1.1.2.5 -r1.1.2.5.2.1 pq_compat.h
--- openssl/crypto/pqueue/pq_compat.h 29 Jun 2005 18:48:12
-0000 1.1.2.5
+++ openssl/crypto/pqueue/pq_compat.h 19 Sep 2007 00:02:40
-0000 1.1.2.5.2.1
-57,7 +57,7
*
*/
-#include "opensslconf.h"
+#include <openssl/opensslconf.h>
#include <openssl/bn.h>
/*
.
patch -p0 <<' .'
Index: openssl/doc/apps/enc.pod
============================================================
================
$ cvs diff -u -r1.6.2.2 -r1.6.2.2.2.1 enc.pod
--- openssl/doc/apps/enc.pod 15 Sep 2005 19:12:01
-0000 1.6.2.2
+++ openssl/doc/apps/enc.pod 19 Sep 2007 00:02:44
-0000 1.6.2.2.2.1
-227,6 +227,14
rc5-ecb RC5 cipher in ECB mode
rc5-ofb RC5 cipher in OFB mode
+ aes-[128|192|256]-cbc 128/192/256 bit AES in CBC mode
+ aes-[128|192|256] Alias for aes-[128|192|256]-cbc
+ aes-[128|192|256]-cfb 128/192/256 bit AES in 128 bit CFB
mode
+ aes-[128|192|256]-cfb1 128/192/256 bit AES in 1 bit CFB
mode
+ aes-[128|192|256]-cfb8 128/192/256 bit AES in 8 bit CFB
mode
+ aes-[128|192|256]-ecb 128/192/256 bit AES in ECB mode
+ aes-[128|192|256]-ofb 128/192/256 bit AES in OFB mode
+
=head1 EXAMPLES
Just base64 encode a binary file:
.
patch -p0 <<' .'
Index: openssl/doc/apps/openssl.pod
============================================================
================
$ cvs diff -u -r1.16 -r1.16.4.1 openssl.pod
--- openssl/doc/apps/openssl.pod 4 Jan 2004 18:59:14
-0000 1.16
+++ openssl/doc/apps/openssl.pod 19 Sep 2007 00:02:45
-0000 1.16.4.1
-227,6 +227,22
SHA-1 Digest
+=item B<sha224>
+
+SHA-224 Digest
+
+=item B<sha256>
+
+SHA-256 Digest
+
+=item B<sha384>
+
+SHA-384 Digest
+
+=item B<sha512>
+
+SHA-512 Digest
+
=back
=head2 ENCODING AND CIPHER COMMANDS
.
patch -p0 <<' .'
Index: openssl/doc/apps/rsautl.pod
============================================================
================
$ cvs diff -u -r1.3 -r1.3.16.1 rsautl.pod
--- openssl/doc/apps/rsautl.pod 25 Apr 2001 15:24:47
-0000 1.3
+++ openssl/doc/apps/rsautl.pod 19 Sep 2007 00:02:46
-0000 1.3.16.1
-152,7 +152,7
The certificate public key can be extracted with:
- openssl x509 -in test/testx509.pem -pubout -noout
>pubkey.pem
+ openssl x509 -in test/testx509.pem -pubkey -noout
>pubkey.pem
The signature can be analysed with:
.
patch -p0 <<' .'
Index: openssl/ssl/d1_srvr.c
============================================================
================
$ cvs diff -u -r1.2.2.6 -r1.2.2.6.2.1 d1_srvr.c
--- openssl/ssl/d1_srvr.c 5 Dec 2005 17:32:19
-0000 1.2.2.6
+++ openssl/ssl/d1_srvr.c 19 Sep 2007 00:02:49
-0000 1.2.2.6.2.1
-1009,6 +1009,7
STACK_OF(X509_NAME) *sk=NULL;
X509_NAME *name;
BUF_MEM *buf;
+ unsigned int msg_len;
if (s->state == SSL3_ST_SW_CERT_REQ_A)
{
-1086,6 +1087,10
#endif
/* XDTLS: set message header ? */
+ msg_len = s->init_num - DTLS1_HM_HEADER_LENGTH;
+ dtls1_set_message_header(s, s->init_buf->data,
+ SSL3_MT_CERTIFICATE_REQUEST, msg_len, 0, msg_len);
+
/* buffer the message to handle re-xmits */
dtls1_buffer_message(s, 0);
.
____________________________________________________________
__________
OpenSSL Project http://www.openssl.org
CVS Repository Commit List
openssl-cvsopenssl.org
Automated List Manager
majordomoopenssl.org
|
