aboutsummaryrefslogtreecommitdiffstats
path: root/apps/ecparam.c
Commit message (Collapse)AuthorAgeFilesLines
* Copyright consolidation 01/10Rich Salz2016-05-171-53/+6
| | | | | Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Kurt Roeckx <kurt@openssl.org>
* argv was set but unusedKurt Roeckx2016-02-201-1/+3
| | | | | | | | Also gives an error message when you gave it a parameter it didn't expect. Reviewed-by: Rich Salz <rsalz@openssl.org> MR: #2009
* Use NON_EMPTY_TRANSLATION_UNIT, consistently.Rich Salz2016-02-091-7/+4
| | | | | | This also closes RT 4123 Reviewed-by: Richard Levitte <levitte@openssl.org>
* Fix memory leak and print out keygen errors.Dr. Stephen Henson2016-02-011-1/+7
| | | | Reviewed-by: Rich Salz <rsalz@openssl.org>
* Remove useless codeAlessandro Ghedini2015-10-231-2/+0
| | | | | | | RT#4081 Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
* Centralise loading default apps config fileMatt Caswell2015-10-121-3/+0
| | | | | | | | | | | | | | | | | Loading the config file after processing command line options can cause problems, e.g. where an engine provides new ciphers/digests these are not then recoginised on the command line. Move the default config file loading to before the command line option processing. Whilst we're doing this we might as well centralise this instead of doing it individually for each application. Finally if we do it before the OpenSSL_add_ssl_algorithms() call then ciphersuites provided by an engine (e.g. GOST) can be available to the apps. RT#4085 RT#4086 Reviewed-by: Richard Levitte <levitte@openssl.org>
* Enable -Wmissing-variable-declarations andBen Laurie2015-09-111-2/+2
| | | | | | | -Wincompatible-pointer-types-discards-qualifiers (the latter did not require any code changes). Reviewed-by: Rich Salz <rsalz@openssl.org>
* Change the way apps open their input and output filesRichard Levitte2015-09-061-2/+2
| | | | | | | | | | | | The different apps had the liberty to decide whether they would open their input and output files in binary mode or not, which could be confusing if two different apps were handling the same type of file in different ways. The solution is to centralise the decision of low level file organisation, and that the apps would use a selection of formats to state the intent of the file. Reviewed-by: Tim Hudson <tjh@openssl.org>
* Exit on error in ecparamPeter Waltenberg2015-07-091-2/+3
| | | | Reviewed-by: Tim Hudson <tjh@openssl.org>
* RT2547: Tighten perms on generated privkey filesRich Salz2015-06-151-4/+5
| | | | | | | | | | | | When generating a private key, try to make the output file be readable only by the owner. Put it in CHANGES file since it might be noticeable. Add "int private" flag to apps that write private keys, and check that it's set whenever we do write a private key. Checked via assert so that this bug (security-related) gets fixed. Thanks to Viktor for help in tracing the code-paths where private keys are written. Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
* Restore module loadingRichard Levitte2015-05-291-0/+3
| | | | | | | The module loading feature got broken a while ago, so restore it, but have it a bit more explicit this time around. Reviewed-by: Stephen Henson <steve@openssl.org>
* Use "==0" instead of "!strcmp" etcRich Salz2015-05-061-2/+2
| | | | | | | For the various string-compare routines (strcmp, strcasecmp, str.*cmp) use "strcmp()==0" instead of "!strcmp()" Reviewed-by: Tim Hudson <tjh@openssl.org>
* Use safer sizeof variant in mallocRich Salz2015-05-041-1/+1
| | | | | | | | | | | | | For a local variable: TYPE *p; Allocations like this are "risky": p = OPENSSL_malloc(sizeof(TYPE)); if the type of p changes, and the malloc call isn't updated, you could get memory corruption. Instead do this: p = OPENSSL_malloc(sizeof(*p)); Also fixed a few memset() calls that I noticed while doing this. Reviewed-by: Richard Levitte <levitte@openssl.org>
* free null cleanup finaleRich Salz2015-05-011-2/+1
| | | | | | Don't check for NULL before calling OPENSSL_free Reviewed-by: Richard Levitte <levitte@openssl.org>
* free NULL cleanup 7Rich Salz2015-04-301-12/+6
| | | | | | | | | | | This gets BN_.*free: BN_BLINDING_free BN_CTX_free BN_FLG_FREE BN_GENCB_free BN_MONT_CTX_free BN_RECP_CTX_free BN_clear_free BN_free BUF_MEM_free Also fix a call to DSA_SIG_free to ccgost engine and remove some #ifdef'd dead code in engines/e_ubsec. Reviewed-by: Richard Levitte <levitte@openssl.org>
* In apps, malloc or dieRich Salz2015-04-301-15/+5
| | | | | | | | No point in proceeding if you're out of memory. So change *all* OPENSSL_malloc calls in apps to use the new routine which prints a message and exits. Reviewed-by: Richard Levitte <levitte@openssl.org>
* remove malloc castsRich Salz2015-04-281-2/+1
| | | | | | | Following ANSI C rules, remove the casts from calls to OPENSSL_malloc and OPENSSL_realloc. Reviewed-by: Richard Levitte <levitte@openssl.org>
* fewer NO_ENGINE #ifdef'sRich Salz2015-04-251-6/+2
| | | | | | | | Make setup_engine be a dummy if NO_ENGINE is enabled. The option is not enabled if NO_ENGINE is enabled, so the one "wasted" variable just sits there. Removes some variables and code. Reviewed-by: Richard Levitte <levitte@openssl.org>
* Big apps cleanup (option-parsing, etc)Rich Salz2015-04-241-325/+193
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This is merges the old "rsalz-monolith" branch over to master. The biggest change is that option parsing switch from cascasding 'else if strcmp("-foo")' to a utility routine and somethin akin to getopt. Also, an error in the command line no longer prints the full summary; use -help (or --help :) for that. There have been many other changes and code-cleanup, see bullet list below. Special thanks to Matt for the long and detailed code review. TEMPORARY: For now, comment out CRYPTO_mem_leaks() at end of main Tickets closed: RT3515: Use 3DES in pkcs12 if built with no-rc2 RT1766: s_client -reconnect and -starttls broke RT2932: Catch write errors RT2604: port should be 'unsigned short' RT2983: total_bytes undeclared #ifdef RENEG RT1523: Add -nocert to fix output in x509 app RT3508: Remove unused variable introduced by b09eb24 RT3511: doc fix; req default serial is random RT1325,2973: Add more extensions to c_rehash RT2119,3407: Updated to dgst.pod RT2379: Additional typo fix RT2693: Extra include of string.h RT2880: HFS is case-insensitive filenames RT3246: req command prints version number wrong Other changes; incompatibilities marked with *: Add SCSV support Add -misalign to speed command Make dhparam, dsaparam, ecparam, x509 output C in proper style Make some internal ocsp.c functions void Only display cert usages with -help in verify Use global bio_err, remove "BIO*err" parameter from functions For filenames, - always means stdin (or stdout as appropriate) Add aliases for -des/aes "wrap" ciphers. *Remove support for IISSGC (server gated crypto) *The undocumented OCSP -header flag is now "-header name=value" *Documented the OCSP -header flag Reviewed-by: Matt Caswell <matt@openssl.org>
* free NULL cleanup.Rich Salz2015-03-251-2/+1
| | | | | | | This gets EC_GROUP_clear_free EC_GROUP_free, EC_KEY_free, EC_POINT_clear_free, EC_POINT_free Reviewed-by: Kurt Roeckx <kurt@openssl.org>
* free NULL cleanupRich Salz2015-03-251-4/+2
| | | | | | | This commit handles BIO_ACCEPT_free BIO_CB_FREE BIO_CONNECT_free BIO_free BIO_free_all BIO_vfree Reviewed-by: Matt Caswell <matt@openssl.org>
* Run util/openssl-format-source -v -c .Matt Caswell2015-01-221-627/+554
| | | | Reviewed-by: Tim Hudson <tjh@openssl.org>
* mark all block comments that need format preserving so thatTim Hudson2014-12-301-1/+2
| | | | | | | indent will not alter them when reformatting comments Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
* Fix various spelling errorsScott Schaefer2014-02-141-2/+2
|
* Add new APIs EC_curve_nist2nid and EC_curve_nid2nist which convertDr. Stephen Henson2012-02-211-0/+3
| | | | | between NIDs and the more common NIST names such as "P-256". Enhance ecparam utility and ECC method to recognise the NIST names for curves.
* Fix warnings.Ben Laurie2010-06-121-4/+1
|
* Merge from 1.0.0-stable branch.Dr. Stephen Henson2009-04-231-0/+6
|
* include opensslconf.h if OPENSSL_NO_* is usedNils Larsch2005-05-311-0/+2
|
* ecc api cleanup; summary:Nils Larsch2005-05-161-5/+3
| | | | | | | | | | - hide the EC_KEY structure definition in ec_lcl.c + add some functions to use/access the EC_KEY fields - change the way how method specific data (ecdsa/ecdh) is attached to a EC_KEY - add ECDSA_sign_ex and ECDSA_do_sign_ex functions with additional parameters for pre-computed values - rebuild libeay.num from 0.9.7
* give EC_GROUP_new_by_nid a more meanigful name:Nils Larsch2005-05-101-1/+1
| | | | EC_GROUP_new_by_nid -> EC_GROUP_new_by_curve_name
* some const fixesNils Larsch2005-04-051-1/+1
|
* Update ECDSA and ECDH for OPENSSL_NO_ENGINE.Geoff Thorpe2004-10-211-0/+4
| | | | | Reported by: Maxim Masiutin Submitted by: Nils Larsch
* Adds warnings about two curves and fixes the "seed" value for two otherGeoff Thorpe2004-03-251-6/+2
| | | | | | curves. Submitted by: Nils Larsch
* Fix declaration inconsistency in ecparam.c.Andy Polyakov2004-01-241-1/+1
|
* avoid potential confusion about curves (prime192v1 and prime256v1 areBodo Möller2003-01-161-1/+20
| | | | | | also known as secp192r1 and secp256r1, respectively) Submitted by: Nils Larsch, Bodo Moeller
* EXIT() may mean return(). That's confusing, so let's have it really meanRichard Levitte2002-12-031-1/+1
| | | | | | exit() in whatever way works for the intended platform, and define OPENSSL_EXIT() to have the old meaning (the name is of course because it's only used in the openssl program)
* Sun has agreed to removing the covenant language from most files.Bodo Möller2002-10-291-13/+0
| | | | Submitted by: Sheueling Chang <Sheueling.Chang@Sun.COM>
* change API for looking at the internal curve listBodo Möller2002-09-021-8/+23
| | | | Submitted by: Nils Larsch
* change 'usage' formattingBodo Möller2002-08-271-53/+49
|
* fix spacingBodo Möller2002-08-261-10/+10
|
* typoBodo Möller2002-08-161-1/+1
| | | | Submitted by: Nils Larsch
* Simplify handling of named curves: get rid of EC_GROUP_new_by_name(),Bodo Möller2002-08-151-79/+24
| | | | | | | EC_GROUP_new_by_nid() should be enough. This avoids a lot of redundancy. Submitted by: Nils Larsch
* use a generic EC_KEY structure (EC keys are not ECDSA specific)Bodo Möller2002-08-071-13/+18
| | | | Submitted by: Nils Larsch
* extend curve list (additional curves over binary fields)Bodo Möller2002-08-021-21/+94
| | | | Submitted by: Sheueling Chang Shantz and Douglas Stebila (Sun Microsystems Laboratories)
* Replace 'ecdsaparam' commandline utility by 'ecparam'Bodo Möller2002-07-141-0/+688
(the same keys can be used for ECC schemes other than ECDSA) and add some new options. Similarly, use string "EC PARAMETERS" instead of "ECDSA PARAMETERS" in 'PEM' format. Fix ec_asn1.c (take into account the desired conversion form). 'make update'. Submitted by: Nils Larsch
generated by cgit v1.2.3 (git 2.39.1) at 2024-08-22 17:07:23 +0000