forked from rpms/openssl
27847ae318
- fix CVE-2009-3555 - note that the fix is bypassed if SSL_OP_ALL is used so the compatibility with unfixed clients is not broken. The protocol extension is also not final.
114 lines
5.6 KiB
Diff
114 lines
5.6 KiB
Diff
diff -up openssl-1.0.0-beta4/doc/crypto/EVP_DigestInit.pod.algo-doc openssl-1.0.0-beta4/doc/crypto/EVP_DigestInit.pod
|
|
--- openssl-1.0.0-beta4/doc/crypto/EVP_DigestInit.pod.algo-doc 2009-10-16 17:29:34.000000000 +0200
|
|
+++ openssl-1.0.0-beta4/doc/crypto/EVP_DigestInit.pod 2009-11-12 14:13:21.000000000 +0100
|
|
@@ -6,7 +6,8 @@ EVP_MD_CTX_init, EVP_MD_CTX_create, EVP_
|
|
EVP_DigestFinal_ex, EVP_MD_CTX_cleanup, EVP_MD_CTX_destroy, EVP_MAX_MD_SIZE,
|
|
EVP_MD_CTX_copy_ex, EVP_MD_CTX_copy, EVP_MD_type, EVP_MD_pkey_type, EVP_MD_size,
|
|
EVP_MD_block_size, EVP_MD_CTX_md, EVP_MD_CTX_size, EVP_MD_CTX_block_size, EVP_MD_CTX_type,
|
|
-EVP_md_null, EVP_md2, EVP_md5, EVP_sha, EVP_sha1, EVP_dss, EVP_dss1, EVP_mdc2,
|
|
+EVP_md_null, EVP_md2, EVP_md5, EVP_sha, EVP_sha1, EVP_sha224,
|
|
+EVP_sha256, EVP_sha384, EVP_sha512, EVP_dss, EVP_dss1, EVP_mdc2,
|
|
EVP_ripemd160, EVP_get_digestbyname, EVP_get_digestbynid, EVP_get_digestbyobj -
|
|
EVP digest routines
|
|
|
|
@@ -51,6 +52,10 @@ EVP digest routines
|
|
const EVP_MD *EVP_md5(void);
|
|
const EVP_MD *EVP_sha(void);
|
|
const EVP_MD *EVP_sha1(void);
|
|
+ const EVP_MD *EVP_sha224(void);
|
|
+ const EVP_MD *EVP_sha256(void);
|
|
+ const EVP_MD *EVP_sha384(void);
|
|
+ const EVP_MD *EVP_sha512(void);
|
|
const EVP_MD *EVP_dss(void);
|
|
const EVP_MD *EVP_dss1(void);
|
|
const EVP_MD *EVP_mdc2(void);
|
|
@@ -70,7 +75,7 @@ EVP_MD_CTX_create() allocates, initializ
|
|
|
|
EVP_DigestInit_ex() sets up digest context B<ctx> to use a digest
|
|
B<type> from ENGINE B<impl>. B<ctx> must be initialized before calling this
|
|
-function. B<type> will typically be supplied by a functionsuch as EVP_sha1().
|
|
+function. B<type> will typically be supplied by a function such as EVP_sha1().
|
|
If B<impl> is NULL then the default implementation of digest B<type> is used.
|
|
|
|
EVP_DigestUpdate() hashes B<cnt> bytes of data at B<d> into the
|
|
@@ -127,9 +132,11 @@ with this digest. For example EVP_sha1()
|
|
return B<NID_sha1WithRSAEncryption>. This "link" between digests and signature
|
|
algorithms may not be retained in future versions of OpenSSL.
|
|
|
|
-EVP_md2(), EVP_md5(), EVP_sha(), EVP_sha1(), EVP_mdc2() and EVP_ripemd160()
|
|
-return B<EVP_MD> structures for the MD2, MD5, SHA, SHA1, MDC2 and RIPEMD160 digest
|
|
-algorithms respectively. The associated signature algorithm is RSA in each case.
|
|
+EVP_md2(), EVP_md5(), EVP_sha(), EVP_sha1(), EVP_sha224(), EVP_sha256(),
|
|
+EVP_sha384(), EVP_sha512(), EVP_mdc2() and EVP_ripemd160()
|
|
+return B<EVP_MD> structures for the MD2, MD5, SHA, SHA1, SHA224, SHA256, SHA384,
|
|
+SHA512, MDC2 and RIPEMD160 digest algorithms respectively. The associated
|
|
+signature algorithm is RSA in each case.
|
|
|
|
EVP_dss() and EVP_dss1() return B<EVP_MD> structures for SHA and SHA1 digest
|
|
algorithms but using DSS (DSA) for the signature algorithm. Note: there is
|
|
@@ -158,7 +165,8 @@ EVP_MD_size(), EVP_MD_block_size(), EVP_
|
|
EVP_MD_CTX_block_size() and EVP_MD_block_size() return the digest or block
|
|
size in bytes.
|
|
|
|
-EVP_md_null(), EVP_md2(), EVP_md5(), EVP_sha(), EVP_sha1(), EVP_dss(),
|
|
+EVP_md_null(), EVP_md2(), EVP_md5(), EVP_sha(), EVP_sha1(),
|
|
+EVP_sha224(), EVP_sha256(), EVP_sha384(), EVP_sha512(), EVP_dss(),
|
|
EVP_dss1(), EVP_mdc2() and EVP_ripemd160() return pointers to the
|
|
corresponding EVP_MD structures.
|
|
|
|
diff -up openssl-1.0.0-beta4/doc/crypto/EVP_EncryptInit.pod.algo-doc openssl-1.0.0-beta4/doc/crypto/EVP_EncryptInit.pod
|
|
--- openssl-1.0.0-beta4/doc/crypto/EVP_EncryptInit.pod.algo-doc 2005-04-15 18:01:35.000000000 +0200
|
|
+++ openssl-1.0.0-beta4/doc/crypto/EVP_EncryptInit.pod 2009-11-12 14:11:03.000000000 +0100
|
|
@@ -91,6 +91,32 @@ EVP_CIPHER_CTX_set_padding - EVP cipher
|
|
int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
|
|
int EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
|
|
|
|
+ const EVP_CIPHER *EVP_des_ede3(void);
|
|
+ const EVP_CIPHER *EVP_des_ede3_ecb(void);
|
|
+ const EVP_CIPHER *EVP_des_ede3_cfb64(void);
|
|
+ const EVP_CIPHER *EVP_des_ede3_cfb1(void);
|
|
+ const EVP_CIPHER *EVP_des_ede3_cfb8(void);
|
|
+ const EVP_CIPHER *EVP_des_ede3_ofb(void);
|
|
+ const EVP_CIPHER *EVP_des_ede3_cbc(void);
|
|
+ const EVP_CIPHER *EVP_aes_128_ecb(void);
|
|
+ const EVP_CIPHER *EVP_aes_128_cbc(void);
|
|
+ const EVP_CIPHER *EVP_aes_128_cfb1(void);
|
|
+ const EVP_CIPHER *EVP_aes_128_cfb8(void);
|
|
+ const EVP_CIPHER *EVP_aes_128_cfb128(void);
|
|
+ const EVP_CIPHER *EVP_aes_128_ofb(void);
|
|
+ const EVP_CIPHER *EVP_aes_192_ecb(void);
|
|
+ const EVP_CIPHER *EVP_aes_192_cbc(void);
|
|
+ const EVP_CIPHER *EVP_aes_192_cfb1(void);
|
|
+ const EVP_CIPHER *EVP_aes_192_cfb8(void);
|
|
+ const EVP_CIPHER *EVP_aes_192_cfb128(void);
|
|
+ const EVP_CIPHER *EVP_aes_192_ofb(void);
|
|
+ const EVP_CIPHER *EVP_aes_256_ecb(void);
|
|
+ const EVP_CIPHER *EVP_aes_256_cbc(void);
|
|
+ const EVP_CIPHER *EVP_aes_256_cfb1(void);
|
|
+ const EVP_CIPHER *EVP_aes_256_cfb8(void);
|
|
+ const EVP_CIPHER *EVP_aes_256_cfb128(void);
|
|
+ const EVP_CIPHER *EVP_aes_256_ofb(void);
|
|
+
|
|
=head1 DESCRIPTION
|
|
|
|
The EVP cipher routines are a high level interface to certain
|
|
@@ -297,6 +323,18 @@ Three key triple DES in CBC, ECB, CFB an
|
|
|
|
DESX algorithm in CBC mode.
|
|
|
|
+=item EVP_aes_128_cbc(void), EVP_aes_128_ecb(), EVP_aes_128_ofb(void), EVP_aes_128_cfb1(void), EVP_aes_128_cfb8(void), EVP_aes_128_cfb128(void)
|
|
+
|
|
+AES with 128 bit key length in CBC, ECB, OFB and CFB modes respectively.
|
|
+
|
|
+=item EVP_aes_192_cbc(void), EVP_aes_192_ecb(), EVP_aes_192_ofb(void), EVP_aes_192_cfb1(void), EVP_aes_192_cfb8(void), EVP_aes_192_cfb128(void)
|
|
+
|
|
+AES with 192 bit key length in CBC, ECB, OFB and CFB modes respectively.
|
|
+
|
|
+=item EVP_aes_256_cbc(void), EVP_aes_256_ecb(), EVP_aes_256_ofb(void), EVP_aes_256_cfb1(void), EVP_aes_256_cfb8(void), EVP_aes_256_cfb128(void)
|
|
+
|
|
+AES with 256 bit key length in CBC, ECB, OFB and CFB modes respectively.
|
|
+
|
|
=item EVP_rc4(void)
|
|
|
|
RC4 stream cipher. This is a variable key length cipher with default key length 128 bits.
|