Lines Matching +refs:temp +refs:option +refs:key
77 However the DH_check() function checks numerous aspects of the key or
82 key/parameters with a modulus over this size will simply cause DH_check() to
222 * Ensured that the key share group sent or accepted for the key exchange
269 * Fix handling of a ticket key callback that returns 0 in TLSv1.3 to not send a
296 * For known safe primes use the minimum key length according to RFC 7919.
297 Longer private key sizes unnecessarily raise the cycles needed to compute the
415 verifying an ocsp response with the "-no_cert_checks" option the command line
425 AAD data as the MAC key. This made the MAC key trivially predictable.
456 1) OpenSSL must have been compiled with the (non-default) compile time option
621 * Allow fetching an operation from the provider that owns an unexportable key
687 * The triple DES key wrap functionality now conforms to RFC 3217 but is
729 the -client_renegotiation option, the SSL_OP_ALLOW_CLIENT_RENEGOTIATION
745 * For the key types DH and DHX the allowed settable parameters are now different.
784 * A public key check is now performed during EVP_PKEY_derive_set_peer().
803 more key types.
856 provided key.
875 * PKCS#5 PBKDF1 key derivation has been moved from PKCS5_PBE_keyivgen() into
906 * Add a compile time option to prevent the caching of provider fetched
907 algorithms. This is enabled by including the no-cached-fetch option
931 providers may supply their own group implementations (using either the "key
932 exchange" or the "key encapsulation" methods) which will automatically be
947 RSA_padding_add_SSLv23() and the `-ssl` option in the deprecated
952 * Deprecated the obsolete X9.31 RSA key generation related functions.
959 * Deprecated the obsolete X9.31 RSA key generation related functions
965 * The default key generation method for the regular 2-prime RSA keys was
1013 * Added convenience functions for generating asymmetric key pairs:
1034 * The `-crypt` option to the `passwd` command line tool has been removed.
1038 * The -C option to the `x509`, `dhparam`, `dsaparam`, and `ecparam` commands
1063 * Added new option for 'openssl list', '-providers', which will display the
1205 * The SSL option SSL_OP_IGNORE_UNEXPECTED_EOF is introduced.
1228 contain a provider side internal key.
1423 have to re-use the DH512 private key, which is not recommended anyway.
1472 * Change the interpretation of the '--api' configuration option to
1587 * Added the `-copy_extensions` option to the `x509` command for use with
1593 * Added the `-copy_extensions` option to the `req` command for use with
1601 There is a subjectKeyIdentifier extension with a hash value of the public key
1603 with a keyIdentifier field or issuer information identifying the signing key.
1611 (which may be done by using the CLI option `-x509_strict`):
1614 * If a pathlenConstraint is given the key usage keyCertSign must be allowed.
1634 used even when parsing explicit parameters, when loading a encoded key
1639 By default, if a key encoded with explicit parameters is loaded and later
1657 encryption key will be replaced by garbage, and the message cannot be
1658 decoded, but if the RSA decryption fails, the correct encryption key is
1661 key must be equal to the cipher default key length, in case the
1698 libcrypto and libssl. Use the OPENSSL_INIT_NO_LOAD_CONFIG option to
1725 private key for those. This avoids leaking bit 0 of the private key.
1738 * A new type, EVP_KEYEXCH, has been introduced to represent key exchange
1739 algorithms. An implementation of a key exchange algorithm can be obtained
1769 was a void type. If a key was set longer than the maximum possible this
1793 for Windows Store apps easier. Also, the "no-uplink" option has been added.
1837 The configuration option is now deprecated.
1855 This test isn't enabled by default. It can be enabled with the option
1997 * Added new option for 'openssl list', '-objects', which will display the
2014 * The SSL option SSL_OP_CLEANSE_PLAINTEXT is introduced.
2027 * Added support for FFDHE key exchange in TLS 1.3.
2382 used even when parsing explicit parameters, when loading a encoded key
2387 By default, if a key encoded with explicit parameters is loaded and later
2405 encryption key will be replaced by garbage, and the message cannot be
2406 decoded, but if the RSA decryption fails, the correct encryption key is
2409 key must be equal to the cipher default key length, in case the
2444 With order 2q subgroups the bit 0 of the private key is not secret
2446 private key for those. This avoids leaking bit 0 of the private key.
2474 This test isn't enabled by default. It can be enabled with the option
2579 algorithm to recover the private key.
2590 algorithm to recover the private key.
2651 * Increase the number of Miller-Rabin rounds for DSA key generating to 64.
2847 in responder mode now supports the new "-multi" option, which
2849 requests. The "-timeout" option now also limits the OCSP
3110 default unless the new "-noservername" option is used. The server name is
3111 based on the host provided to the "-connect" option unless overridden by
3152 used even when parsing explicit parameters, when loading a encoded key
3157 By default, if a key encoded with explicit parameters is loaded and later
3175 encryption key will be replaced by garbage, and the message cannot be
3176 decoded, but if the RSA decryption fails, the correct encryption key is
3179 key must be equal to the cipher default key length, in case the
3264 algorithm to recover the private key.
3275 algorithm to recover the private key.
3292 During key agreement in a TLS handshake using a DH(E) based ciphersuite a
3295 key for this prime resulting in a hang until the client has finished. This
3307 mount cache timing attacks during the RSA key generation process could
3308 recover the private key.
3335 * Increase the number of Miller-Rabin rounds for DSA key generating to 64.
3416 SSL_OP_NO_RENEGOTIATION option from 1.1.1-dev has been backported to
3420 using an older version of 1.1.0 (prior to 1.1.0h) then the option will be
3437 work necessary to deduce information about a private key may be performed
3440 would have to share the DH1024 private key among multiple clients, which is
3441 no longer an option since CVE-2016-0701.
3461 deduce information about a private key may be performed offline. The amount
3465 private key in a scenario with persistent DH parameters and a private
3466 key that is shared between multiple clients.
3529 If a malicious server supplies bad parameters for a DHE or ECDHE key
3546 deduce information about a private key may be performed offline. The amount
3550 private key in a scenario with persistent DH parameters and a private
3551 key that is shared between multiple clients. For example this can occur by
3593 question is not used in operations with the private key itself and an input
3595 transient authentication and key negotiation failures or reproducible
3596 erroneous outcome of public-key operations with specially crafted input.
3598 presumably can attack ECDH key negotiation. Impact was not analyzed in
3601 share the private key among them, neither of which is default behaviour.
3644 the "no-ocsp" build time option are not affected.
3706 support, was not even available as option. But its lack means
3709 prepackaged option, which we firmly point at...
3715 * Windows command-line tool supports UTF-8 opt-in option for arguments
3819 the "no-shared" Configure option.
3824 All of these option have not worked for some while and are fundamental
3871 * Removed no-rijndael as a config option. Rijndael is an old name for AES.
3930 * Add SSL_CIPHER queries for authentication and key-exchange.
3951 enable-weak-ssl-ciphers option to Configure.
3964 for public and private key encoding using the format documented in
3966 key generation and key derivation.
3995 the configuration option "disable-dynamic-engine".
4027 is for. Also, the configuration option --install_prefix is
4152 If the directory given with this option is a relative path, the
4210 should be used with the --api=1.1.0 option to entirely remove
4248 now redirect key generation and no longer need to convert to or from
4257 ciphers who are no longer supported and drops support the ephemeral RSA key
4298 "-no_ecdhe" option has been removed from s_server.
4359 * Remove EVP_CHECK_DES_KEY, a compile-time option that never compiled.
4444 the OPENSSL_NO_TLSEXT option within the code is very invasive (and probably
4445 not well tested). Therefore the OPENSSL_NO_TLSEXT option has been removed.
4472 * RT2547 was closed. When generating a private key, try to make the
4501 files, and the OPENSSL_NO_SSL_INTERN option has been removed (since it is
4529 done while fixing the error code for the key-too-small case.
4593 exporting the session id and the master key in NSS keylog format.
4651 * Add EVP support for key wrapping algorithms, to avoid problems with
4705 demonstrate periodic health checking. Add "nodh" option to
4768 Note: this does increase the maximum key length from 32 to 64 bytes but
4804 * New function DH_compute_key_padded() to compute a DH key and pad with
4814 * Modify fipscanisteronly build option to only build the necessary object
4819 * Add experimental option FIPSSYMS to give all symbols in
4838 * New build option no-ec2m to disable characteristic 2 code.
4842 * New build option "fipscanisteronly". This only builds fipscanister.o
4859 set before the key.
4900 * New -verify_name option in command line utilities to set verification
4949 used even when parsing explicit parameters, when loading a encoded key
4954 By default, if a key encoded with explicit parameters is loaded and later
4972 encryption key will be replaced by garbage, and the message cannot be
4973 decoded, but if the RSA decryption fails, the correct encryption key is
4976 key must be equal to the cipher default key length, in case the
5047 ECDSA signature generation could recover the private key.
5060 algorithm to recover the private key.
5077 During key agreement in a TLS handshake using a DH(E) based ciphersuite a
5080 key for this prime resulting in a hang until the client has finished. This
5092 mount cache timing attacks during the RSA key generation process could
5093 recover the private key.
5120 * Increase the number of Miller-Rabin rounds for DSA key generating to 64.
5188 work necessary to deduce information about a private key may be performed
5191 would have to share the DH1024 private key among multiple clients, which is
5192 no longer an option since CVE-2016-0701.
5212 deduce information about a private key may be performed offline. The amount
5216 private key in a scenario with persistent DH parameters and a private
5217 key that is shared between multiple clients.
5264 deduce information about a private key may be performed offline. The amount
5268 private key in a scenario with persistent DH parameters and a private
5269 key that is shared between multiple clients. For example this can occur by
5284 question is not used in operations with the private key itself and an input
5286 transient authentication and key negotiation failures or reproducible
5287 erroneous outcome of public-key operations with specially crafted input.
5289 presumably can attack ECDH key negotiation. Impact was not analyzed in
5292 share the private key among them, neither of which is default behaviour.
5332 the "no-ocsp" build time option are not affected.
5435 attack to be sufficient for an attacker to recover the private DSA key.
5592 * Only remove the SSLv2 methods with the no-ssl2-method option. When the
5617 server variants, SSLv2 ciphers vulnerable to exhaustive search key
5730 * Change the `req` command to generate a 2048-bit RSA/DSA key by default,
5732 omission in an earlier change that changed all RSA/DSA key generation
5752 OpenSSL provides the option SSL_OP_SINGLE_DH_USE for ephemeral DH (DHE) in
5753 TLS. It is not on by default. If the option is not set then the server
5756 applications do set this option and would therefore not be at risk.
5763 Additionally the SSL_OP_SINGLE_DH_USE option has been switched on by
5793 deduce information about a private key may be performed offline. The amount
5797 private key in a scenario with persistent DH parameters and a private
5798 key that is shared between multiple clients. For example this can occur by
6099 A malformed EC private key file consumed via the d2i_ECPrivateKey function
6101 free in several private key parsing functions (such as d2i_PrivateKey
6115 the certificate key is invalid. This function is rarely used in practice.
6211 * Add EVP support for key wrapping algorithms, to avoid problems with
6228 * Add -rev test option to s_server to just reverse order of characters
6234 * New option -brief for s_client and s_server to print out a brief summary
6243 * New option -crl_download in several openssl utilities to download CRLs
6283 message callback and prints the results. Needs compile time option
6330 * If server EC tmp key is not in client preference list abort handshake.
6382 extension) which some implementations ignore: this option should be used
6429 setting is used: whether to trust (e.g., -addtrust option to the x509
6434 * Add -trusted_first option which attempts to find certificates in the
6471 * Support for automatic EC temporary key parameter selection. If enabled
6533 the "no-ocsp" build time option are not affected.
6636 attack to be sufficient for an attacker to recover the private DSA key.
6794 * Only remove the SSLv2 methods with the no-ssl2-method option. When the
6819 server variants, SSLv2 ciphers vulnerable to exhaustive search key
6932 * Change the req command to generate a 2048-bit RSA/DSA key by default,
6934 omission in an earlier change that changed all RSA/DSA key generation
6943 As a precautionary measure the SSL_OP_SINGLE_DH_USE option has been
7180 A malformed EC private key file consumed via the d2i_ECPrivateKey function
7182 free in several private key parsing functions (such as d2i_PrivateKey
7196 the certificate key is invalid. This function is rarely used in practice.
7234 built with the no-ssl3 option and a SSL v3 ClientHello is received the ssl
7241 * Abort handshake if server key exchange message is omitted for ephemeral
7253 downgrade the RSA key length used to a value smaller than the server
7263 authenticate without the use of a private key. This only affects servers
7384 * Build option no-ssl3 is incomplete.
7386 When OpenSSL is configured with "no-ssl3" as a build option, servers
7601 * Add option SSL_OP_SAFARI_ECDHE_ECDSA_BUG (part of SSL_OP_ALL) which
7642 * Return an error when checking OCSP signatures when key is NULL.
7799 * Add TLS key material exporter from RFC 5705.
7840 * New -sigopt option to the ca, req and x509 utilities. Additional
7841 signature parameters can be passed using this option and in
7932 * For FIPS capable OpenSSL interpret a NULL default public key method
7945 * Add -attime option to openssl utilities.
7958 * New build option no-ec2m to disable characteristic 2 code.
8023 format in client key exchange. Relax some ECC signing restrictions for
8037 ciphersuites. At present only RSA key exchange ciphersuites work with
8038 TLS v1.2. Add new option for TLS v1.2 replacing the old and obsolete
8044 * New option OPENSSL_NO_SSL_INTERN. If an application can be compiled
8072 * Add support for TLS key exporter as described in RFC5705.
8245 A malformed EC private key file consumed via the d2i_ECPrivateKey function
8247 free in several private key parsing functions (such as d2i_PrivateKey
8261 the certificate key is invalid. This function is rarely used in practice.
8299 built with the no-ssl3 option and a SSL v3 ClientHello is received the ssl
8306 * Abort handshake if server key exchange message is omitted for ephemeral
8318 downgrade the RSA key length used to a value smaller than the server
8328 authenticate without the use of a private key. This only affects servers
8401 * Build option no-ssl3 is incomplete.
8403 When OpenSSL is configured with "no-ssl3" as a build option, servers
8559 * Add option SSL_OP_SAFARI_ECDHE_ECDSA_BUG (part of SSL_OP_ALL) which
8584 * Return an error when checking OCSP signatures when key is NULL.
8635 in CMS and PKCS7 code. When RSA decryption fails use a random key for
8748 signature public key algorithm by using OID xref utilities instead.
8813 * Tolerate yet another broken PKCS#8 key format: private key value negative.
8828 * Add load_crls() function to commands tidying load_certs() too. Add option
8896 key ids to find matching certificates and keys but some PKCS#12 files
8898 Now just gather all certificates together and the first private key
8899 then look for the first certificate that matches the key.
8939 * Add a $gcc_devteam_warn option to Configure. The idea is that any code
8973 * Delta CRL support. New use deltas option which will attempt to locate
9086 RAM on SSL connections. This option can save about 34k per idle SSL.
9134 to use. For example, specify an option
9205 If a client or server wishes to disable RFC4507 support then the option
9226 * Add option -stream to use PKCS#7 streaming in smime utility. New
9234 EVP_PKEY "key" in this case is the HMAC key, potentially allowing
9240 * New option -sigopt to dgst utility. Update dgst to use
9336 new CRLs added to a directory can be used. New command line option
9343 * GOST engine, supporting several GOST algorithms and public key formats.
9380 * Non-blocking OCSP request processing. Add -timeout option to ocsp
9474 * New -resign option to smime utility. This adds one or more signers
9475 to an existing PKCS#7 signedData structure. Also -md option to use an
9486 * New -macalg option to pkcs12 utility to allow setting of an alternative
9505 supported by any public key method supporting the encrypt operation. A
9506 ctrl is added to allow the public key algorithm to examine or modify
9512 * Add a ctrl to asn1 method to allow a public key algorithm to express
9525 signing method from the key type. This effectively removes the link
9526 between digests and public key types.
9539 key ASN1 method.
9547 * Add support for key derivation (agreement) in the API, DH method and
9553 public and private key formats. As a side effect these add additional
9555 generated and verified using pkeyutl and DH key support and generation in
9571 support key and parameter generation and add initial key generation
9583 key API, doesn't do much yet.
9588 public key algorithms. New option to openssl utility:
9589 "list-public-key-algorithms" to print out info.
9604 utilities such as rsa, dsa, dsaparam etc except they process any key
9609 * Transfer public key printing routines to EVP_PKEY_ASN1_METHOD. New
9611 EVP_PKEY_print_param() to print public key data from an EVP_PKEY
9616 * Initial support for pluggable public key ASN1.
9617 De-spaghettify the public key ASN1 handling. Move public and private
9618 key ASN1 handling to a new EVP_PKEY_ASN1_METHOD structure. Relocate
9621 of public and private key structures.
9673 openssl s_client has a new '-servername ...' option.
9678 and '-key' remain fallbacks for handshakes without HostName
9681 option.
9710 * New option SSL_OP_NO_COMP to disable use of compression selectively
9717 * New option -V for 'openssl ciphers'. This prints the ciphersuite code
9831 * Add option SSL_OP_LEGACY_SERVER_CONNECT which will allow clients to
9833 Until RI is more widely deployed this option is enabled by default.
9890 * Add --strict-warnings option to Configure script to include devteam
9895 * Add support for --libdir option and LIBDIR variable in makefiles. This
10019 * New -hex option for openssl rand.
10077 to ensure that even with this option, only ciphersuites in the
10078 server's preference list will be accepted. (Note that the option
10111 (NB: This would require knowledge of the secret session ticket key
10203 option "enable-montasm" (which exists only for this backport).
10215 values. This is useful for key rollover for example where several key
10244 with the enable-cms configuration option.
10260 RFC3394 compatible AES key wrapping.
10348 If a client or server wishes to disable RFC4507 support then the option
10380 openssl s_client has a new '-servername ...' option.
10385 and '-key' remain fallbacks for handshakes without HostName
10388 option.
10620 * Add the symmetric cipher Camellia (128-bit, 192-bit, 256-bit key
10694 (part of SSL_OP_ALL). This option used to disable the
10730 attempting to decrypt each encrypted key in turn. Add support to
10745 key into the same file any more.
10753 * Add -utf8 command line and config file option to 'ca'.
10772 use it. Make -CSP option work again in pkcs12 utility.
10850 to allow alternative format key and certificate files and passphrase
10890 moved from CA.pl to the 'ca' utility with a new option -create_serial.
10916 This will generate a random key of the appropriate length based on the
10917 cipher context. The EVP_CIPHER can provide its own random key generation
10919 3des routines to generate a key of the correct parity. Update S/MIME
10921 Add EVP_CHECK_DES_KEY #define to return an error if the key is not
11038 the self-tests were still using deprecated key-generation functions so
11067 draft-ietf-tls-ecc-03.txt: the KDF1 key derivation function with
11094 to certificate and key stores, be they simple file-based stores, or
11116 searched-for key would be inserted to preserve sorting order.
11145 * Add functionality to check the public key of a certificate request
11147 request can be signed by that key (self-signing).
11229 * Added an ENGINE that implements RSA by performing private key
11261 * Change the "progress" mechanism used in key-generation and
11267 migrate to the new functions. Also, the new key-generation API
11268 functions operate on a caller-supplied key-structure and return
11269 success/failure rather than returning a key or NULL - this is to
11366 New options to PKCS12_create(), key or cert can be NULL and
11372 options work when creating a PKCS#12 file. New option -nomac
11619 - 'openssl req' now has a '-newkey ecdsa:file' option;
11624 extracted before the specific public key;
11793 (part of SSL_OP_ALL). This option used to disable the
11809 the information leaked through timing could expose the secret key
11816 RSA, DSA, and DH private-key operations so that the sequence of
11818 independent of the particular secret key. This will mitigate
11832 Client Hello message format if the SSL_OP_NO_SSLv2 option is set.
12041 If verify callback ignores invalid public key errors don't try to check
12042 certificate signature with the NULL public key.
12046 * New -ignore_err option in ocsp application to stop the server
12063 * Change X509_certificate_type() to mark the key as exported/exportable
12142 * Make the no-err option work as intended. The intention with no-err
12354 * Eliminate unused copy of key in RC4.
12393 supply an oversized master key in Kerberos-enabled versions.
12478 * Fix escaping of non-ASCII characters when using the -subj option
12546 command line option can be used to specify an
12586 Make 'openssl rsa' use the general key loading routines
12588 handle the key format FORMAT_NETSCAPE and the variant
12620 * default_algorithms option in ENGINE config module. This allows things
12645 * Add option to output public keys in req command.
12703 * New command line and configuration option 'utf8' for the req command.
12713 * Add '-noemailDN' option to 'openssl ca'. This prevents inclusion
12715 extension only). The new configuration file option 'email_in_dn = no'
12834 * New SSL option SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION.
12836 renegotiation (if session ID contexts permit); with this option,
12976 for their choice and can explicitly enable this option.
12995 * Make DES key schedule conform to the usual scheme, as well as
13054 values for each of the key sizes rather than having just
13105 Change the key loaders to take a UI_METHOD instead of a callback
13121 attribute in PKCS#12 files, add new -CSP option to pkcs12 utility.
13130 * Change the key loading routines for ENGINEs to use the same kind
13153 declare their own ASN1 modules. This was fixed by adding the option
13295 ctrl(), key-load functions, etc) to take an (ENGINE*) parameter.
13315 * Add a 'copy_extensions' option to the 'ca' utility. This copies
13369 * Add the -HTTP option to s_server. It is similar to -WWW, but requires
13423 * New option '-subj arg' for 'openssl req' and 'openssl ca'. This
13495 * If signature or public key algorithm is unrecognized print out its
13507 * New compilation option ASN1_ITEM_FUNCTIONS. This causes the new
13513 macros (such as ASN1_ITEM_rptr(X509)). This option is to allow
13551 * New option -set_serial to 'req' and 'x509' this allows the serial
13579 option to ocsp utility.
13605 * New option SSL_OP_CIPHER_SERVER_PREFERENCE allows the server to override
13609 (Also replaces the broken/deactivated SSL_OP_NON_EXPORT_FIRST option.)
13614 to aes and add a new 'exist' option to print out symbols that don't
13624 * Add the option -VAfile to 'openssl ocsp', so the user can give the
13667 contents: this is used in various key identifiers.
13724 OCSP signer certificate must contain the OCSP signing extended key
13742 * New '-extfile ...' option to 'openssl ca' for reading X.509v3
13745 the '-extensions ...' option may be used for specifying the
13765 * New '-newreq-nodes' command option to CA.pl. This is like
13766 '-newreq', but calls 'openssl req' with the '-nodes' option
13767 so that the resulting key is not encrypted.
13782 value of OPENSSLDIR. This is available via the new '-d' option
14149 unless the '-salt' option is used (which usually means that
14152 or the new '-noverify' option is used.
14156 line, '-stdin' option, '-in ...' option) and thus should not
14294 'certopt' option to 'x509' to allow new printing options to be
14326 If verify callback ignores invalid public key errors don't try to check
14327 certificate signature with the NULL public key.
14343 * Change X509_certificate_type() to mark the key as exported/exportable
14507 * New option
14513 broken SSL implementations, the new option is part of SSL_OP_ALL.
14515 implementations is desired (e.g. '-bugs' option to 's_client' and
14516 's_server'), so the new option is automatically set in many
14550 supply an oversized client master key. ([CVE-2002-0656])
14967 * Add configuration option to build on Linux on both big-endian and
15008 * When only the key is given to "enc", the IV is undefined. Print out
15070 parameters in DSA public key structures and return an error in the
15161 * Fix bug in PKCS#12 key generation routines. This was triggered
15162 if a 3DES key was generated with a 0 initial byte. Include
15163 PKCS12_BROKEN_KEYGEN compilation option to retain the old
15221 * Add "-rand" option also to s_client and s_server.
15596 number of criteria: subject name, authority key id
15597 and key usage. It also verifies self signed certificates
15604 Authority and subject key identifier are now cached.
15646 * Add new PKCS#7 signing option PKCS7_NOSMIMECAP which
15680 used for low-level RSA operations. DER public key
15822 negative public key encodings) on by default,
15854 DSA key.
15860 PEM and DER. The -content option allows the content to be
15901 * Add BSD-style MD5-based passwords to 'openssl passwd' (option '-1').
15907 random pool through the RANDFILE configuration file option or
15940 * When some versions of IIS use the 'NET' form of private key the
15941 key derivation algorithm is different. Normally MD5(password) is
15942 used as a 128 bit RC4 key. In the modified case
15947 an -sgckey command line option to the rsa utility. Thanks to
15998 in when OpenSSL is configured with the DEBUG_SAFESTACK option and
16040 key length ciphers via the EVP_CIPHER_CTX_set_key_length() function and
16043 Modify EVP_OpenInit() and EVP_SealInit() to cope with variable key length
16048 cipher mode. They also all do nothing if the 'key' parameter is NULL and
16068 this option is set, tolerate broken clients that send the negotiated
16082 key files with invalid SEQUENCE encoding.
16093 Added -fingerprint option to crl utility, to support new c_rehash
16103 rejecting certificates which had extended key usage present
16113 handled differently in the PKCS#12 key generation code. NS
16195 * Add '-tls1' option to 'openssl ciphers', which was already
16197 (This option is not yet really useful because even the additional
16215 * Rename openssl x509 option '-crlext', which was added in 0.9.5,
16220 * Fix for HMAC. It wasn't zeroing the rest of the block if the key length
16227 using the passed key: if the passed key was a private key the result
16228 of X509_print(), for example, would be to print out all the private key
16261 * For SSL_[CTX_]set_tmp_dh, don't create a DH key if SSL_OP_SINGLE_DH_USE
16263 its own key.
16266 'default key' from SSL_CTX_set_tmp_dh would always be lost, meaning
16271 * New s_client option -ign_eof: EOF at stdin is ignored, and
16291 * Fix the PKCS#8 DSA private key code so it decodes keys again
16310 * Add '-dsaparam' option to 'openssl dhparam' application. This
16405 * Allow for the possibility of temp RSA key generation failure:
16426 * Remove the SSL_ALLOW_ADH compile option and set the default cipher
16427 list to exclude them. This means that no special compilation option
16494 SSL/TLS protocol it isn't a "bug" option and is on by default. See
16559 * Add a new -notext option to 'ca' and a -pubkey option to 'spkac'.
16621 * New -pkcs12 option to CA.pl script to write out a PKCS#12 file.
16700 * Minor change to 'x509' utility. The -CAcreateserial option now uses 1
16769 -nomaciter option is used. This improves file security and
16844 expecting any further messages from the client (server key exchange
16854 if a DER encoded private key is RSA or DSA traditional format. Changed
16856 format DER encoded private key. Newer code should use PKCS#8 format which
16857 has the key type encoded in the ASN1 structure. Added DER private key
16890 typically have values the same as the extended key usage extension
17062 DSA key was used because it didn't fix the digest.
17070 There is a NO_CHAIN_VERIFY compilation option to keep the old behaviour:
17111 that dogs private keys: there are several incompatible private key
17114 even then it doesn't work with DER formats. Given the option anything
17120 it clearly returns an error if you try to read the wrong kind of key.
17122 Added a -pubkey option to the 'x509' utility to output the public key.
17127 reference count of the added key (they don't "swallow" the
17128 supplied key).
17148 * Code to support otherName option in GeneralName.
17184 * Add a salt to the key derivation routines in enc.c. This
17186 -S option to allow a salt to be input on the command line.
17239 * Fix the -revoke option in ca. It was freeing up memory twice,
17270 handling. Most clients have the effective key size in bits equal to
17271 the key length in bits: so a 40 bit RC2 key uses a 40 bit (5 byte) key.
17272 A few however don't do this and instead use the size of the decrypted key
17273 to determine the RC2 key length and the AlgorithmIdentifier to determine
17274 the effective key length. In this case the effective key length can still
17275 be 40 bits but the key length can be 168 bits for example. This is fixed
17276 by manually forcing an RC2 key into the EVP_PKEY structure because the
17277 EVP code can't currently handle unusual RC2 key sizes: it always assumes
17278 the key length and effective key length are equal.
17297 using the dirstring_type option. See the new comment in the default
17318 dsaparam -genkey (which also ignored its '-rand' option),
17323 seed file at least for key creation, DSA signing, and for DH exchanges;
17327 of each file listed in the '-rand' option. The function as previously
17384 * New -noout option to asn1parse. This causes no output to be produced
17391 when producing the local key id.
17395 * New option -dhparam in s_server. This allows a DH parameter file to be
17403 a public key to be input or output. For example:
17404 openssl rsa -in key.pem -pubout -out pubkey.pem
17405 Also added necessary DSA public key functions to handle this.
17451 and rsa_verify. When the RSA_FLAGS_SIGN_VER option is set these functions
17477 * Preliminary compilation option RSA_NULL which disables RSA crypto without
17481 key generation.
17501 (s23_srvr.c) and for RSA client key exchange verification
17520 <madwolf@comune.modena.it>. The new option is called -extensions
17536 are specified in a 'req_extensions' option of the req section of the
17537 config file. They can be printed out with the -text option to req but
17558 "per key" basis to be replaced. This allows hardware acceleration and
17559 hardware key storage to be handled without major modification to the
17606 * -crlf option to s_client and s_server for sending newlines as
17649 * Allow the -k option to be used more than once in the enc program:
17664 no private key components need be present and it might store extra data
17667 private key operations.
17722 without temporary keys kept an extra copy of the server key,
17728 * New function RSA_check_key and new openssl rsa option -check
17741 * Add a debugging option to PKCS#5 v2 key generation function: when
17752 keys when the signing key was also DSA and the parameters didn't match.
17754 It was supposed to omit the parameters when they matched the signing key:
17849 was not even able to write more than one option correctly.
17894 secure PKCS#8 private key format with a high iteration count.
17950 ciphers. NOTE: although the key derivation function has been verified
17952 yet. Added a -v2 "cipher" option to pkcs8 application to allow the use
17967 underlying key generation function so it must do its own ASN1 parsing.
18008 * Make callbacks for key generation use `void *` instead of `char *`.
18103 to and from BNs: it was completely broken. New compilation option
18105 key elements as negative integers.
18117 * New option -out to asn1parse to allow the parsed structure to be
18119 option to examine the output of things like OCTET STRINGS.
18165 and temporary key. CERT holds only those values that can have
18173 key type.
18187 extension option.
18243 didn't match the private key).
18280 * New Configure option `no-<cipher>` (rsa, idea, rc5, ...).
18411 * New Configure option "rsaref".
18438 revoking a certificate. The -revoke option does the gory details now.
18443 `-text` option at all and this way the `-noout -text` combination was
18486 * New config option to avoid instructions that are illegal on the 80386.
18497 * New "-showcerts" option for s_client.
18524 * Add a new 'indent' option to some X509V3 extension code. Initial ASN1
18682 pre-configured entry in Configure's %table under key `<id>` with value
18847 currently the public key is printed (a decision which was already done by
18850 option; it now only avoids using the RSA stuff. Same applies to NO_DSA
18885 * Generate errors when private/public key check is done.
18895 key usage extension and fuller support for authority key id.
18971 * Correct calculation of key length for export ciphers (too much space was
18978 command line). There is also now an "update" option. This will update
19009 name, issuer and authority key id. Change the i2v function parameters
19065 * Add several PKIX and private extended key usage OIDs.
19195 * If a DH key is generated in s3_srvr.c, don't blow it by trying to use
19208 * Temp key "for export" tests were wrong in s3_srvr.c.
19212 * Add prototype for temp key callback functions
19266 * Add CA.pl, perl version of CA.sh, add extended key usage OID.
19444 * Add -strparse option to asn1pars program which parses nested
19457 * Added "-genkey" option to "dsaparam" program.
19465 * Added -a (all) option to "ssleay version" command.
19489 * Fixed the weak key values in DES library
19524 this is key exchange mechanism is not supported by SSLeay at all.