summaryrefslogtreecommitdiff
path: root/src/usr.bin/openssl (follow)
Commit message (Collapse)AuthorAgeFilesLines
* openssl: list SHA-3 digests in help outputkenjiro9 days1-1/+5
| | | | | | | | Register sha3-{224,256,384,512} as dgst commands so they appear in openssl help. Without this, SHA-3 support is easy to miss and looks unsupported from the command line. ok tb jsing
* openssl dgst: drop unused cfg.mkenjiro9 days1-5/+2
| | | | | | | Remove an unused intermediate EVP_MD pointer and assign digests directly to cfg.md. ok tb joel
* Reimplement ASN1_PRINTABLE_type() dance in ca.ctb2025-12-211-13/+55
| | | | | | | | | | | | | | | | | | In ca.c, there is some minimal validation of strings in the subject of a certificate. ASN1_PRINTABLE_type() is silly API that only exists for this one call. I want to remove a_print.c in the next major bump. ASN1_PRINTABLE_type() returns V_ASN1_PRINTABLESTRING if all characters belong to the specific subset of ASCII listed in X.680, 41.4, Table 10. Otherwise it returns V_ASN1_T61STRING or V_ASN1_IA5STRING depending on whether there is a character with the high bit set or not. With this in mind, the logic in ca.c comes down to this: blindly allow UTF-8, BMP and T61 strings. All other strings get rejected if the high bit of some character is set, or if the string is printable and there is a non-printable character. ok jsing kenjiro
* openssl: Remove -{,un}compress from cms "app"tb2025-12-202-40/+10
| | | | | | | | We haven't supported compiling against zlib in a very long time. These are the only two calls to CMS_{,un}compress(3) in the ecosystem. I am going to remove these two API stubs in the next major bump. ok jsing kenjiro
* speed: make hmac(sha256) the default hmackenjiro2025-12-131-4/+4
| | | | | | MD5 is obsolete. Use a sha256 hash for the HMAC benchmark. ok tb@ beck@
* Remove unused algorithms from speed.ckenjiro2025-12-111-7/+4
| | | | | | | | | | | | | | | Removed unused algorithms (MD2, SEED, RC5) from the algorithm enum and the `names[]` table. The current results for these algorithms were always: md2 0.00 0.00 0.00 0.00 0.00 seed cbc 0.00 0.00 0.00 0.00 0.00 rc5-32/12 cbc 0.00 0.00 0.00 0.00 0.00 indicating that they are no longer unused. ok tb@
* Convert D_, R_ macro indices to enums in speed.ckenjiro2025-12-111-49/+59
| | | | | | | | | Replaced many `#define` based index constants with enums by adding ALGOR_NUM, DSA_NUM, RSA_NUM, and EC_NUM to the enum definitions. This makes it easier to add or remove new entries. ok tb@
* speed: remove unused counters and dead parameterskenjiro2025-12-111-92/+77
| | | | | | | | | | | | | | In the speed implementation, a number of unused variables and parameters (save_count, c[][], rsa_c, dsa_c, ecdsa_c, ecdh_c, and the num argument of print_message()/pkey_print_message()) were still left behind. These values are no longer referenced and cannot affect the time-based benchmark logic, so remove them. Functional behaviour of speed remains unchanged. ok tb@
* openssl cms: switch to ASN1_STRING_get0_data()tb2025-11-271-3/+3
| | | | | | | The deprecated ASN1_STRING_data() will be removed in a future release. This is one small step towards that. ok kenjiro
* openssl pkcs12: stop reaching into ASN1_STRINGtb2025-11-271-18/+17
| | | | | | | Buy a t: rename hex_prin() to hex_print() and accept an ASN1_STRING so that we only need to use accessors once. Also avoid a printf %s NULL. ok kenjiro
* openssl ca: mechanical change to stop reaching into ASN1_STRINGtb2025-11-271-21/+26
| | | | ok kenjiro
* openssl asn1pars: don't reach into ASN1_STRINGtb2025-11-271-4/+4
| | | | ok kenjiro
* openssl ts: simplify create_nonce()tb2025-11-211-17/+7
| | | | | | | | Just your average dumb TS code. Instead of handrolling a random ASN.1 integer generator, we can use BN_rand() and convert the resulting bn to an ASN1_INTEGER. All this then also works without reaching into ASN1_STRING. ok kenjiro
* openssl certhash: add digest param to certhash_directoryjoshua2025-07-271-13/+9
| | | | | | | This will allow us to call certhash_directory with other digests as required to implement the openssl rehash command, which uses SHA1 or MD5. ok jsing tb
* KNF for variations of get_cipher_by_name()tb2025-06-073-6/+9
|
* openssl.1: update defaults for cms and smimetb2025-06-071-4/+4
|
* openssl smime: switch default encryption from 40-bit RC2 to AES-256tb2025-06-071-11/+5
| | | | | | | | | The old default is still available with rc2-40. https://github.com/pyca/cryptography/issues/12949 https://github.com/libressl/portable/issues/1168 ok kenjiro
* openssl cms: switch default encryption from triple DES to AES-256tb2025-06-071-11/+5
| | | | | | | | | The old default is still available with "des3" https://github.com/pyca/cryptography/issues/12949 https://github.com/libressl/portable/issues/1168 ok kenjiro
* openssl speed: clean up time_fjoshua2025-05-251-79/+76
| | | | | | | | | Rename Time_F to time_f and tidy up implementation and usage. time_f still uses app_timer_{user,real}, which I will clean up in a future commit. ok jsing
* openssl speed: remove whirlpooljoshua2025-05-252-41/+12
| | | | | | | | whirlpool was previously removed from libcrypto, and OPENSSL_NO_WHIRLPOOL will always be defined. Remove whirlpool support from the openssl speed command entirely. ok jsing tb
* openssl pkcs8: zap an outdated lietb2025-05-241-4/+1
|
* openssl speed: remove MAX_BLOCK_SIZE definejoshua2025-05-241-8/+2
| | | | ok jsing
* openssl speed: move key{16,24,32} above speed_mainjoshua2025-05-241-33/+25
| | | | | | Also, reuse the same keys for Camellia instead of having duplicates. ok jsing tb
* Update and improve documentation for pkcs8 -v2tb2025-05-241-12/+8
| | | | with input from jsing
* Switch default to PBES2 for openssl pkcs8 -topk8tb2025-05-241-3/+3
| | | | | | | | | | | | | | | | | | | | We currently use the glorious default of NID_pbeWithMD5AndDES_CBC which we inherited from OpenSSL. This could have been worse - there is also NID_pbeWithMD2AndDES_CBC... The way this diff works is that the undocumented PKCS8_encrypt() API uses the PKCS#5v2 code path when it's passed a NID of -1 and requires a cipher to succeed, otherwise it uses the PKCS#5v1.5 path. So pass in a sensible cipher, namely AES-CBC-256, and let layers of muppetry cascade to doing something resembling the right thing. This still uses the default of hmacWithSHA1 and a somewhat short salt, which will be improved in a subsequent commit. https://github.com/pyca/cryptography/issues/12949 https://github.com/libressl/portable/issues/1168 ok kenjiro joshua jsing
* openssl speed: use single md buffer for digestsjoshua2025-05-241-31/+10
| | | | ok jsing tb
* cms: disallow AEAD ciphers and AES XTStb2025-05-101-3/+21
| | | | | | | | | | | | | | | | The CMS code doesn't support RFC 5083/5084 authenticated enveloped data and outputs garbage that even itself can't decrypt for a reason that I have not tried to pinpoint. So refuse using AEAD ciphers and AES XTS for enveloped data from the cms "app" and throw an error pointing out that this isn't supported. OpenSSL have since added incorrect support for AuthEnvelopedData (ASN.1 and code review are hard), so doing this right will need both correct and interoperable code, which I doubt anyone will bother to write anytime soon. Reported by Ben Cooper in https://github.com/libressl/portable/issues/1157 ok beck jsing
* openssl ocsp: switch from X509V3error() to perror()tb2025-05-091-6/+6
| | | | ok jsing
* Fix x509's -nameopt default and spell an option correctlykn2025-04-191-4/+4
| | | | Feedback OK tb
* Update openssl.1 for msie_hack removaltb2025-04-141-21/+4
| | | | ok jmc jsing
* Remove openssl ca -msie_hacktb2025-04-141-31/+2
| | | | | | The nineties called and wanted their garbage back. ok jsing
* save_index: fix some code quality issuestb2025-03-181-13/+16
| | | | | | | | | Error check BIO_new() both times it is used, drop unused j variable, Error check BIO_printf() call and turn the whole thing into single exit. Prompted by a diff by Niels Dossche ok jsing
* apps.c: don't leak out in error pathtb2025-03-171-1/+2
| | | | From Niels Dossche
* openssl ca: use BN_bn2hex() rather than reimplementing ittb2025-02-251-28/+18
| | | | ok jsing
* openssl x509: zap extra whitespace in usagetb2025-01-191-2/+2
|
* Remove -C option from "apps"tb2025-01-196-436/+12
| | | | | | | | As far as I can tell, this way of generating "C code" was only used to add stuff to pretty regress and even prettier speed "app" and otherwise it just served to make the library maintainer's lives even more miserable. ok jsing
* ecparam: remove GF2m remnanttb2025-01-191-14/+4
| | | | | | | | This removes the last in-tree dependency on EC_METHOD_get_field_type() and EC_GROUP_method_of() and removes some dead code which would generate code that wouldn't compile if it was reachable. ok jsing
* termianted -> terminatedtb2025-01-031-2/+2
|
* Remove some gloriously outdated commentstb2025-01-021-5/+1
| | | | | | | /*#define SSL_HOST_NAME "www.netscape.com" */ /*#define SSL_HOST_NAME "193.118.187.102" */ and /*#define TEST_CERT "client.pem" *//* no default cert. */
* Merge testdsa.h and tesrsa.h into speed.ctb2025-01-023-781/+712
| | | | | | | | | | | | Having constant arrays in a header is just stupid (whether the constants are static or not), and most of the contents of these two headers clearly belongs into a C file. Since the garbage pile that is speed.c was not ugly enough, merge all of it there, since it is the only consumer. discussed with jsing PS: still waiting for that elusive volunteer who reworks libdes's speed.c into something resembling C code.
* Remove some pointless header guards. The headers are in scope.tb2025-01-021-7/+1
|
* Merge s_apps.h into apps.htb2025-01-028-169/+47
| | | | discussed with jsing
* openssl(1) doesn't need 5 .h files: merge timeouts.h into apps.htb2025-01-024-72/+7
| | | | | | This is an extra header for two stupid constants... discussed with jsing
* openssl(1) doesn't need 6 .h files: fold progs.h into apps.htb2025-01-028-59/+52
| | | | discussed with jsing
* Plug a bunch of leaks in the PKCS 12 codetb2024-12-261-8/+24
| | | | | | | The competition whether the code or the standard it implements is worse is still ongoing, and still has two strong competitors... ok jsing
* Error check sk_push() in crl2p7tb2024-12-261-23/+21
| | | | | | | also remove a few NULL checks before free and drop a cryptic comment about not needing to free x - hard to free what's not there... ok jsing
* ciphers: remove tls1 and tls1_1 leftoverstb2024-12-111-16/+2
| | | | | | The options were already removed from the manual in 91e7614a. From Renaud Allard (hand-applied since patch was mangled)
* Fix up authority and subject key identifiers in force pubkey modetb2024-12-041-8/+133
| | | | | | | | | | | | Upstream decided that this nonsense was worth an ABI break and added stuff to the X509_CTX so they could hang the issuer's public key off it so that they could adjust the key identifiers as needed. Let's avoid that and do it the slightly less nasty way by updating the AKI and SKI as needed. We only do this when force pubkey is in place so we don't change the semantics of the batshit crazy config language that nobody understands. ok job
* openssl speed: stop trying to use small curvestb2024-11-301-25/+11
| | | | | | | secp160r1 and nistp192 are no longer available in libcrypto. Should have been committed along with disabling these curves, but was missed. ok jsing
* sync x509v3_add_value with x509_utl.ctb2024-08-311-19/+32
|
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2026-01-11 03:06:06 +0000