Veres Lajos 9 years ago
committed by Ben Laurie
parent
commit
478b50cf67
77 changed files with 136 additions and 136 deletions
  1. +4
    -4
      CHANGES
  2. +2
    -2
      CHANGES.SSLeay
  3. +1
    -1
      Configure
  4. +1
    -1
      FAQ
  5. +1
    -1
      INSTALL
  6. +1
    -1
      INSTALL.NW
  7. +1
    -1
      Netware/globals.txt
  8. +3
    -3
      apps/ca.c
  9. +2
    -2
      apps/openssl-vms.cnf
  10. +2
    -2
      apps/openssl.cnf
  11. +1
    -1
      apps/s_client.c
  12. +1
    -1
      apps/s_server.c
  13. +1
    -1
      apps/srp.c
  14. +2
    -2
      bugs/sslref.dif
  15. +2
    -2
      config
  16. +1
    -1
      crypto/asn1/tasn_utl.c
  17. +1
    -1
      crypto/bn/asm/README
  18. +1
    -1
      crypto/bn/asm/sparcv8plus.S
  19. +1
    -1
      crypto/bn/asm/sparcv9a-mont.pl
  20. +1
    -1
      crypto/bn/asm/vis3-mont.pl
  21. +1
    -1
      crypto/bn/todo
  22. +1
    -1
      crypto/des/VERSION
  23. +2
    -2
      crypto/des/asm/des_enc.m4
  24. +1
    -1
      crypto/des/makefile.bc
  25. +1
    -1
      crypto/dh/dh_ameth.c
  26. +1
    -1
      crypto/dsa/fips186a.txt
  27. +4
    -4
      crypto/dso/dso.h
  28. +2
    -2
      crypto/dso/dso_dl.c
  29. +25
    -25
      crypto/ec/ec.h
  30. +1
    -1
      crypto/engine/README
  31. +1
    -1
      crypto/engine/eng_table.c
  32. +1
    -1
      crypto/err/err.c
  33. +1
    -1
      crypto/evp/encode.c
  34. +1
    -1
      crypto/md5/asm/md5-sparcv9.pl
  35. +1
    -1
      crypto/modes/asm/ghash-sparcv9.pl
  36. +1
    -1
      crypto/objects/obj_dat.c
  37. +1
    -1
      crypto/perlasm/readme
  38. +1
    -1
      crypto/perlasm/sparcv9_modes.pl
  39. +1
    -1
      crypto/perlasm/x86_64-xlate.pl
  40. +1
    -1
      crypto/pkcs7/bio_ber.c
  41. +2
    -2
      crypto/pkcs7/example.c
  42. +1
    -1
      crypto/pkcs7/pk7_doit.c
  43. +2
    -2
      crypto/rand/rand_egd.c
  44. +1
    -1
      crypto/rand/rand_nw.c
  45. +1
    -1
      crypto/rc2/version
  46. +1
    -1
      crypto/ripemd/README
  47. +1
    -1
      crypto/sha/asm/sha1-sparcv9.pl
  48. +1
    -1
      crypto/sha/asm/sha1-sparcv9a.pl
  49. +1
    -1
      crypto/sha/asm/sha512-sparcv9.pl
  50. +1
    -1
      crypto/x509v3/pcy_tree.c
  51. +1
    -1
      demos/certs/apps/apps.cnf
  52. +1
    -1
      demos/certs/ca.cnf
  53. +1
    -1
      demos/easy_tls/easy-tls.c
  54. +2
    -2
      demos/engines/zencod/hw_zencod.h
  55. +1
    -1
      doc/apps/openssl.pod
  56. +1
    -1
      doc/apps/req.pod
  57. +1
    -1
      doc/apps/x509v3_config.pod
  58. +1
    -1
      doc/crypto/ASN1_generate_nconf.pod
  59. +1
    -1
      doc/crypto/BN_BLINDING_new.pod
  60. +1
    -1
      doc/crypto/EVP_DigestInit.pod
  61. +2
    -2
      doc/crypto/EVP_PKEY_cmp.pod
  62. +1
    -1
      doc/crypto/X509_NAME_add_entry_by_txt.pod
  63. +4
    -4
      doc/crypto/X509_STORE_CTX_get_error.pod
  64. +1
    -1
      doc/crypto/rand.pod
  65. +14
    -14
      doc/ssleay.txt
  66. +1
    -1
      e_os.h
  67. +1
    -1
      engines/ccgost/README.gost
  68. +1
    -1
      fips/fips_post.c
  69. +1
    -1
      openssl.spec
  70. +1
    -1
      ssl/d1_enc.c
  71. +1
    -1
      ssl/s3_cbc.c
  72. +1
    -1
      ssl/s3_clnt.c
  73. +1
    -1
      ssl/s3_enc.c
  74. +1
    -1
      ssl/s3_pkt.c
  75. +1
    -1
      ssl/t1_enc.c
  76. +1
    -1
      test/CAss.cnf
  77. +1
    -1
      test/CAtsa.cnf

+ 4
- 4
CHANGES View File

@ -1402,7 +1402,7 @@
*) New option -sigopt to dgst utility. Update dgst to use
EVP_Digest{Sign,Verify}*. These two changes make it possible to use
alternative signing paramaters such as X9.31 or PSS in the dgst
alternative signing parameters such as X9.31 or PSS in the dgst
utility.
[Steve Henson]
@ -6448,7 +6448,7 @@ des-cbc 3624.96k 5258.21k 5530.91k 5624.30k 5628.26k
*) Fix ssl/s3_enc.c, ssl/t1_enc.c and ssl/s3_pkt.c so that we don't
reveal whether illegal block cipher padding was found or a MAC
verification error occured. (Neither SSLerr() codes nor alerts
verification error occurred. (Neither SSLerr() codes nor alerts
are directly visible to potential attackers, but the information
may leak via logfiles.)
@ -8855,7 +8855,7 @@ des-cbc 3624.96k 5258.21k 5530.91k 5624.30k 5628.26k
*) Bugfix: ssl23_get_client_hello did not work properly when called in
state SSL23_ST_SR_CLNT_HELLO_B, i.e. when the first 7 bytes of
a SSLv2-compatible client hello for SSLv3 or TLSv1 could be read,
but a retry condition occured while trying to read the rest.
but a retry condition occurred while trying to read the rest.
[Bodo Moeller]
*) The PKCS7_ENC_CONTENT_new() function was setting the content type as
@ -9780,7 +9780,7 @@ des-cbc 3624.96k 5258.21k 5530.91k 5624.30k 5628.26k
other platforms details on the command line without having to patch the
Configure script everytime: One now can use ``perl Configure
<id>:<details>'', i.e. platform ids are allowed to have details appended
to them (seperated by colons). This is treated as there would be a static
to them (separated by colons). This is treated as there would be a static
pre-configured entry in Configure's %table under key <id> with value
<details> and ``perl Configure <id>'' is called. So, when you want to
perform a quick test-compile under FreeBSD 3.1 with pgcc and without


+ 2
- 2
CHANGES.SSLeay View File

@ -29,7 +29,7 @@ eric (about to go bushwalking for the 4 day easter break :-)
7-Jan-98
- Finally reworked the cipher string to ciphers again, so it
works correctly
- All the app_data stuff is now ex_data with funcion calls to access.
- All the app_data stuff is now ex_data with function calls to access.
The index is supplied by a function and 'methods' can be setup
for the types that are called on XXX_new/XXX_free. This lets
applications get notified on creation and destruction. Some of
@ -937,7 +937,7 @@ Reasons to start playing with version 0.5.0
certificate, it is my aim to use perl5/Tk but I don't have time to do
this right now. It will generate the certificates but the management
scripts still need to be written. This is not a hard task.
- Things have been cleaned up alot.
- Things have been cleaned up a lot.
- Have a look at the enc and dgst programs in the apps directory.
- It supports v3 of x509 certiticates.


+ 1
- 1
Configure View File

@ -1590,7 +1590,7 @@ if ($aes_obj =~ /\.o$/)
# aes-ctr.o is not a real file, only indication that assembler
# module implements AES_ctr32_encrypt...
$cflags.=" -DAES_CTR_ASM" if ($aes_obj =~ s/\s*aes\-ctr\.o//);
# aes-xts.o indicates presense of AES_xts_[en|de]crypt...
# aes-xts.o indicates presence of AES_xts_[en|de]crypt...
$cflags.=" -DAES_XTS_ASM" if ($aes_obj =~ s/\s*aes\-xts\.o//);
$aes_obj =~ s/\s*(vpaes|aesni)\-x86\.o//g if ($no_sse2);
$aes_obj =~ s/\s*(vp|bs)aes-\w*\.o//g if ($fipscanisterinternal eq "y");


+ 1
- 1
FAQ View File

@ -721,7 +721,7 @@ working across wider range of *BSD branches, not just OpenBSD.
If the test program in question fails withs SIGILL, Illegal Instruction
exception, then you more than likely to run SSE2-capable CPU, such as
Intel P4, under control of kernel which does not support SSE2
instruction extentions. See accompanying INSTALL file and
instruction extensions. See accompanying INSTALL file and
OPENSSL_ia32cap(3) documentation page for further information.
* Why does compiler fail to compile sha512.c?


+ 1
- 1
INSTALL View File

@ -79,7 +79,7 @@
compiler flags for any other CPU specific configuration,
e.g. "-m32" to build x86 code on an x64 system.
no-sse2 Exclude SSE2 code pathes. Normally SSE2 extention is
no-sse2 Exclude SSE2 code pathes. Normally SSE2 extension is
detected at run-time, but the decision whether or not the
machine code will be executed is taken solely on CPU
capability vector. This means that if you happen to run OS


+ 1
- 1
INSTALL.NW View File

@ -378,7 +378,7 @@ The openssl program has numerous options and can be used for many different
things. Many of the options operate in an interactive mode requiring the
user to enter data. Because of this, a default screen is created for the
program. However, when running the test script it is not desirable to
have a seperate screen. Therefore, the build also creates openssl2.nlm.
have a separate screen. Therefore, the build also creates openssl2.nlm.
Openssl2.nlm is functionally identical but uses the console screen.
Openssl2 can be used when a non-interactive mode is desired.


+ 1
- 1
Netware/globals.txt View File

@ -66,7 +66,7 @@ static LHASH *error_hash=NULL;
static LHASH *thread_hash=NULL;
several files have routines with static "init" to track if error strings
have been loaded ( may not want seperate error strings for each process )
have been loaded ( may not want separate error strings for each process )
The "init" variable can't be left "global" because the error has is a ptr
that is malloc'ed. The malloc'ed error has is dependant on the "init"
vars.


+ 3
- 3
apps/ca.c View File

@ -148,7 +148,7 @@
static const char *ca_usage[]={
"usage: ca args\n",
"\n",
" -verbose - Talk alot while doing things\n",
" -verbose - Talk a lot while doing things\n",
" -config file - A config file\n",
" -name arg - The particular CA definition to use\n",
" -gencrl - Generate a new CRL\n",
@ -179,7 +179,7 @@ static const char *ca_usage[]={
" -utf8 - input characters are UTF8 (default ASCII)\n",
" -multivalue-rdn - enable support for multivalued RDNs\n",
" -extensions .. - Extension section (override value in config file)\n",
" -extfile file - Configuration file with X509v3 extentions to add\n",
" -extfile file - Configuration file with X509v3 extensions to add\n",
" -crlexts .. - CRL extension section (override value in config file)\n",
#ifndef OPENSSL_NO_ENGINE
" -engine e - use engine e, possibly a hardware device.\n",
@ -994,7 +994,7 @@ bad:
}
/*****************************************************************/
/* Read extentions config file */
/* Read extensions config file */
if (extfile)
{
extconf = NCONF_new(NULL);


+ 2
- 2
apps/openssl-vms.cnf View File

@ -55,7 +55,7 @@ crl = $dir]crl.pem # The current CRL
private_key = $dir.private]cakey.pem# The private key
RANDFILE = $dir.private].rand # private random number file
x509_extensions = usr_cert # The extentions to add to the cert
x509_extensions = usr_cert # The extensions to add to the cert
# Comment out the following two lines for the "traditional"
# (and highly broken) format.
@ -107,7 +107,7 @@ default_bits = 1024
default_keyfile = privkey.pem
distinguished_name = req_distinguished_name
attributes = req_attributes
x509_extensions = v3_ca # The extentions to add to the self signed cert
x509_extensions = v3_ca # The extensions to add to the self signed cert
# Passwords for private keys if not present they will be prompted for
# input_password = secret


+ 2
- 2
apps/openssl.cnf View File

@ -55,7 +55,7 @@ crl = $dir/crl.pem # The current CRL
private_key = $dir/private/cakey.pem# The private key
RANDFILE = $dir/private/.rand # private random number file
x509_extensions = usr_cert # The extentions to add to the cert
x509_extensions = usr_cert # The extensions to add to the cert
# Comment out the following two lines for the "traditional"
# (and highly broken) format.
@ -107,7 +107,7 @@ default_bits = 1024
default_keyfile = privkey.pem
distinguished_name = req_distinguished_name
attributes = req_attributes
x509_extensions = v3_ca # The extentions to add to the self signed cert
x509_extensions = v3_ca # The extensions to add to the self signed cert
# Passwords for private keys if not present they will be prompted for
# input_password = secret


+ 1
- 1
apps/s_client.c View File

@ -1866,7 +1866,7 @@ SSL_set_tlsext_status_ids(con, ids);
if ((SSL_version(con) == DTLS1_VERSION) && DTLSv1_handle_timeout(con) > 0)
{
BIO_printf(bio_err,"TIMEOUT occured\n");
BIO_printf(bio_err,"TIMEOUT occurred\n");
}
if (!ssl_pending && FD_ISSET(SSL_get_fd(con),&writefds))


+ 1
- 1
apps/s_server.c View File

@ -2359,7 +2359,7 @@ static int sv_body(char *hostname, int s, int stype, unsigned char *context)
if ((SSL_version(con) == DTLS1_VERSION) && DTLSv1_handle_timeout(con) > 0)
{
BIO_printf(bio_err,"TIMEOUT occured\n");
BIO_printf(bio_err,"TIMEOUT occurred\n");
}
if (i <= 0) continue;


+ 1
- 1
apps/srp.c View File

@ -84,7 +84,7 @@
static char *srp_usage[]={
"usage: srp [args] [user] \n",
"\n",
" -verbose Talk alot while doing things\n",
" -verbose Talk a lot while doing things\n",
" -config file A config file\n",
" -name arg The particular srp definition to use\n",
" -srpvfile arg The srp verifier file name\n",


+ 2
- 2
bugs/sslref.dif View File

@ -17,10 +17,10 @@ is returned as 1.
=====
I have not tested the following but it is reported by holtzman@mit.edu.
SSLref clients wait to recieve a server-verify before they send a
SSLref clients wait to receive a server-verify before they send a
client-finished. Besides this not being evident from the examples in
2.2.1, it makes more sense to always send all packets you can before
reading. SSLeay was waiting in the server to recieve a client-finish
reading. SSLeay was waiting in the server to receive a client-finish
before sending the server-verify :-). I have changed SSLeay to send a
server-verify before trying to read the client-finished.

+ 2
- 2
config View File

@ -382,7 +382,7 @@ esac
#
# Do the Apollo stuff first. Here, we just simply assume
# that the existance of the /usr/apollo directory is proof
# that the existence of the /usr/apollo directory is proof
# enough
if [ -d /usr/apollo ]; then
echo "whatever-apollo-whatever"
@ -862,7 +862,7 @@ case "$GUESSOS" in
*) OUT=`echo $GUESSOS | awk -F- '{print $3}'`;;
esac
# NB: This atalla support has been superceded by the ENGINE support
# NB: This atalla support has been superseded by the ENGINE support
# That contains its own header and definitions anyway. Support can
# be enabled or disabled on any supported platform without external
# headers, eg. by adding the "hw-atalla" switch to ./config or


+ 1
- 1
crypto/asn1/tasn_utl.c View File

@ -95,7 +95,7 @@ int asn1_set_choice_selector(ASN1_VALUE **pval, int value, const ASN1_ITEM *it)
/* Do reference counting. The value 'op' decides what to do.
* if it is +1 then the count is incremented. If op is 0 count is
* set to 1. If op is -1 count is decremented and the return value
* is the current refrence count or 0 if no reference count exists.
* is the current reference count or 0 if no reference count exists.
*/
int asn1_do_lock(ASN1_VALUE **pval, int op, const ASN1_ITEM *it)


+ 1
- 1
crypto/bn/asm/README View File

@ -19,7 +19,7 @@ a 2 times speedup :-).
There are 3 versions of assember for the HP PA-RISC.
pa-risc.s is the origional one which works fine and generated using gcc :-)
pa-risc.s is the original one which works fine and generated using gcc :-)
pa-risc2W.s and pa-risc2.s are 64 and 32-bit PA-RISC 2.0 implementations
by Chris Ruemmler from HP (with some help from the HP C compiler).


+ 1
- 1
crypto/bn/asm/sparcv8plus.S View File

@ -71,7 +71,7 @@
*
* Q. 64-bit registers under 32-bit kernels? Didn't you just say it
* doesn't work?
* A. You can't adress *all* registers as 64-bit wide:-( The catch is
* A. You can't address *all* registers as 64-bit wide:-( The catch is
* that you actually may rely upon %o0-%o5 and %g1-%g4 being fully
* preserved if you're in a leaf function, i.e. such never calling
* any other functions. All functions in this module are leaf and


+ 1
- 1
crypto/bn/asm/sparcv9a-mont.pl View File

@ -867,7 +867,7 @@ ___
$code =~ s/\`([^\`]*)\`/eval($1)/gem;
# Below substitution makes it possible to compile without demanding
# VIS extentions on command line, e.g. -xarch=v9 vs. -xarch=v9a. I
# VIS extensions on command line, e.g. -xarch=v9 vs. -xarch=v9a. I
# dare to do this, because VIS capability is detected at run-time now
# and this routine is not called on CPU not capable to execute it. Do
# note that fzeros is not the only VIS dependency! Another dependency


+ 1
- 1
crypto/bn/asm/vis3-mont.pl View File

@ -333,7 +333,7 @@ ___
# Purpose of these subroutines is to explicitly encode VIS instructions,
# so that one can compile the module without having to specify VIS
# extentions on compiler command line, e.g. -xarch=v9 vs. -xarch=v9a.
# extensions on compiler command line, e.g. -xarch=v9 vs. -xarch=v9a.
# Idea is to reserve for option to produce "universal" binary and let
# programmer detect if current CPU is VIS capable at run-time.
sub unvis3 {


+ 1
- 1
crypto/bn/todo View File

@ -1,3 +1,3 @@
Cache RECP_CTX values
make the result argument independant of the inputs.
make the result argument independent of the inputs.
split up the _exp_ functions

+ 1
- 1
crypto/des/VERSION View File

@ -68,7 +68,7 @@ Version 3.26
Thanks to Jens Kupferschmidt <bt1cu@hpboot.rz.uni-leipzig.de>. */
SIGWINCH case put in des_read_passwd() so the function does not
'exit' if this function is recieved.
'exit' if this function is received.
Version 3.25 17/07/96
Modified read_pwd.c so that stdin can be read if not a tty.


+ 2
- 2
crypto/des/asm/des_enc.m4 View File

@ -272,7 +272,7 @@ define(ip_macro, {
! other half (use).
!
! In this version we do two rounds in a loop repeated 7 times
! and two rounds seperately.
! and two rounds separately.
!
! One half has the bits for the sboxes in the following positions:
!
@ -1542,7 +1542,7 @@ DES_ncbc_encrypt:
xor global4, local1, out5 ! iv xor next block
ba .ncbc.enc.next.block_2
add in1, 8, in1 ! output adress
add in1, 8, in1 ! output address
.ncbc.enc.next.block_fp:


+ 1
- 1
crypto/des/makefile.bc View File

@ -1,5 +1,5 @@
#
# Origional BC Makefile from Teun <Teun.Nijssen@kub.nl>
# Original BC Makefile from Teun <Teun.Nijssen@kub.nl>
#
#
CC = bcc


+ 1
- 1
crypto/dh/dh_ameth.c View File

@ -200,7 +200,7 @@ static int dh_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey)
/* PKCS#8 DH is defined in PKCS#11 of all places. It is similar to DH in
* that the AlgorithmIdentifier contains the paramaters, the private key
* that the AlgorithmIdentifier contains the parameters, the private key
* is explcitly included and the pubkey must be recalculated.
*/


+ 1
- 1
crypto/dsa/fips186a.txt View File

@ -1,4 +1,4 @@
The origional FIPE 180 used SHA-0 (FIPS 180) for its appendix 5
The original FIPE 180 used SHA-0 (FIPS 180) for its appendix 5
examples. This is an updated version that uses SHA-1 (FIPS 180-1)
supplied to me by Wei Dai
--


+ 4
- 4
crypto/dso/dso.h View File

@ -109,14 +109,14 @@ typedef struct dso_st DSO;
/* The function prototype used for method functions (or caller-provided
* callbacks) that transform filenames. They are passed a DSO structure pointer
* (or NULL if they are to be used independantly of a DSO object) and a
* (or NULL if they are to be used independently of a DSO object) and a
* filename to transform. They should either return NULL (if there is an error
* condition) or a newly allocated string containing the transformed form that
* the caller will need to free with OPENSSL_free() when done. */
typedef char* (*DSO_NAME_CONVERTER_FUNC)(DSO *, const char *);
/* The function prototype used for method functions (or caller-provided
* callbacks) that merge two file specifications. They are passed a
* DSO structure pointer (or NULL if they are to be used independantly of
* DSO structure pointer (or NULL if they are to be used independently of
* a DSO object) and two file specifications to merge. They should
* either return NULL (if there is an error condition) or a newly allocated
* string containing the result of merging that the caller will need
@ -202,7 +202,7 @@ struct dso_st
* be used in DSO_load() in place of meth->dso_merger. NB: This
* should normally set using DSO_set_merger(). */
DSO_MERGER_FUNC merger;
/* This is populated with (a copy of) the platform-independant
/* This is populated with (a copy of) the platform-independent
* filename used for this DSO. */
char *filename;
/* This is populated with (a copy of) the translated filename by which
@ -231,7 +231,7 @@ long DSO_ctrl(DSO *dso, int cmd, long larg, void *parg);
* replaced. Return value is non-zero for success. */
int DSO_set_name_converter(DSO *dso, DSO_NAME_CONVERTER_FUNC cb,
DSO_NAME_CONVERTER_FUNC *oldcb);
/* These functions can be used to get/set the platform-independant filename
/* These functions can be used to get/set the platform-independent filename
* used for a DSO. NB: set will fail if the DSO is already loaded. */
const char *DSO_get_filename(DSO *dso);
int DSO_set_filename(DSO *dso, const char *filename);


+ 2
- 2
crypto/dso/dso_dl.c View File

@ -124,7 +124,7 @@ static int dl_load(DSO *dso)
shl_t ptr = NULL;
/* We don't do any fancy retries or anything, just take the method's
* (or DSO's if it has the callback set) best translation of the
* platform-independant filename and try once with that. */
* platform-independent filename and try once with that. */
char *filename= DSO_convert_filename(dso, NULL);
if(filename == NULL)
@ -315,7 +315,7 @@ static char *dl_merger(DSO *dso, const char *filespec1, const char *filespec2)
* unlikely that both the "dl" *and* "dlfcn" variants are being compiled at the
* same time, there's no great duplicating the code. Figuring out an elegant
* way to share one copy of the code would be more difficult and would not
* leave the implementations independant. */
* leave the implementations independent. */
#if defined(__hpux)
static const char extension[] = ".sl";
#else


+ 25
- 25
crypto/ec/ec.h View File

@ -235,7 +235,7 @@ int EC_METHOD_get_field_type(const EC_METHOD *meth);
* \param order the order of the group generated by the generator.
* \param cofactor the index of the sub-group generated by the generator
* in the group of all points on the elliptic curve.
* \return 1 on success and 0 if an error occured
* \return 1 on success and 0 if an error occurred
*/
int EC_GROUP_set_generator(EC_GROUP *group, const EC_POINT *generator, const BIGNUM *order, const BIGNUM *cofactor);
@ -249,7 +249,7 @@ const EC_POINT *EC_GROUP_get0_generator(const EC_GROUP *group);
* \param group EC_GROUP object
* \param order BIGNUM to which the order is copied
* \param ctx BN_CTX object (optional)
* \return 1 on success and 0 if an error occured
* \return 1 on success and 0 if an error occurred
*/
int EC_GROUP_get_order(const EC_GROUP *group, BIGNUM *order, BN_CTX *ctx);
@ -257,7 +257,7 @@ int EC_GROUP_get_order(const EC_GROUP *group, BIGNUM *order, BN_CTX *ctx);
* \param group EC_GROUP object
* \param cofactor BIGNUM to which the cofactor is copied
* \param ctx BN_CTX object (optional)
* \return 1 on success and 0 if an error occured
* \return 1 on success and 0 if an error occurred
*/
int EC_GROUP_get_cofactor(const EC_GROUP *group, BIGNUM *cofactor, BN_CTX *ctx);
@ -289,7 +289,7 @@ size_t EC_GROUP_set_seed(EC_GROUP *, const unsigned char *, size_t len);
* \param a BIGNUM with parameter a of the equation
* \param b BIGNUM with parameter b of the equation
* \param ctx BN_CTX object (optional)
* \return 1 on success and 0 if an error occured
* \return 1 on success and 0 if an error occurred
*/
int EC_GROUP_set_curve_GFp(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
@ -299,7 +299,7 @@ int EC_GROUP_set_curve_GFp(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a, co
* \param a BIGNUM for parameter a of the equation
* \param b BIGNUM for parameter b of the equation
* \param ctx BN_CTX object (optional)
* \return 1 on success and 0 if an error occured
* \return 1 on success and 0 if an error occurred
*/
int EC_GROUP_get_curve_GFp(const EC_GROUP *group, BIGNUM *p, BIGNUM *a, BIGNUM *b, BN_CTX *ctx);
@ -310,7 +310,7 @@ int EC_GROUP_get_curve_GFp(const EC_GROUP *group, BIGNUM *p, BIGNUM *a, BIGNUM *
* \param a BIGNUM with parameter a of the equation
* \param b BIGNUM with parameter b of the equation
* \param ctx BN_CTX object (optional)
* \return 1 on success and 0 if an error occured
* \return 1 on success and 0 if an error occurred
*/
int EC_GROUP_set_curve_GF2m(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
@ -320,7 +320,7 @@ int EC_GROUP_set_curve_GF2m(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a, c
* \param a BIGNUM for parameter a of the equation
* \param b BIGNUM for parameter b of the equation
* \param ctx BN_CTX object (optional)
* \return 1 on success and 0 if an error occured
* \return 1 on success and 0 if an error occurred
*/
int EC_GROUP_get_curve_GF2m(const EC_GROUP *group, BIGNUM *p, BIGNUM *a, BIGNUM *b, BN_CTX *ctx);
#endif
@ -424,7 +424,7 @@ void EC_POINT_clear_free(EC_POINT *point);
/** Copies EC_POINT object
* \param dst destination EC_POINT object
* \param src source EC_POINT object
* \return 1 on success and 0 if an error occured
* \return 1 on success and 0 if an error occurred
*/
int EC_POINT_copy(EC_POINT *dst, const EC_POINT *src);
@ -445,7 +445,7 @@ const EC_METHOD *EC_POINT_method_of(const EC_POINT *point);
/** Sets a point to infinity (neutral element)
* \param group underlying EC_GROUP object
* \param point EC_POINT to set to infinity
* \return 1 on success and 0 if an error occured
* \return 1 on success and 0 if an error occurred
*/
int EC_POINT_set_to_infinity(const EC_GROUP *group, EC_POINT *point);
@ -456,7 +456,7 @@ int EC_POINT_set_to_infinity(const EC_GROUP *group, EC_POINT *point);
* \param y BIGNUM with the y-coordinate
* \param z BIGNUM with the z-coordinate
* \param ctx BN_CTX object (optional)
* \return 1 on success and 0 if an error occured
* \return 1 on success and 0 if an error occurred
*/
int EC_POINT_set_Jprojective_coordinates_GFp(const EC_GROUP *group, EC_POINT *p,
const BIGNUM *x, const BIGNUM *y, const BIGNUM *z, BN_CTX *ctx);
@ -468,7 +468,7 @@ int EC_POINT_set_Jprojective_coordinates_GFp(const EC_GROUP *group, EC_POINT *p,
* \param y BIGNUM for the y-coordinate
* \param z BIGNUM for the z-coordinate
* \param ctx BN_CTX object (optional)
* \return 1 on success and 0 if an error occured
* \return 1 on success and 0 if an error occurred
*/
int EC_POINT_get_Jprojective_coordinates_GFp(const EC_GROUP *group,
const EC_POINT *p, BIGNUM *x, BIGNUM *y, BIGNUM *z, BN_CTX *ctx);
@ -479,7 +479,7 @@ int EC_POINT_get_Jprojective_coordinates_GFp(const EC_GROUP *group,
* \param x BIGNUM with the x-coordinate
* \param y BIGNUM with the y-coordinate
* \param ctx BN_CTX object (optional)
* \return 1 on success and 0 if an error occured
* \return 1 on success and 0 if an error occurred
*/
int EC_POINT_set_affine_coordinates_GFp(const EC_GROUP *group, EC_POINT *p,
const BIGNUM *x, const BIGNUM *y, BN_CTX *ctx);
@ -490,7 +490,7 @@ int EC_POINT_set_affine_coordinates_GFp(const EC_GROUP *group, EC_POINT *p,
* \param x BIGNUM for the x-coordinate
* \param y BIGNUM for the y-coordinate
* \param ctx BN_CTX object (optional)
* \return 1 on success and 0 if an error occured
* \return 1 on success and 0 if an error occurred
*/
int EC_POINT_get_affine_coordinates_GFp(const EC_GROUP *group,
const EC_POINT *p, BIGNUM *x, BIGNUM *y, BN_CTX *ctx);
@ -501,7 +501,7 @@ int EC_POINT_get_affine_coordinates_GFp(const EC_GROUP *group,
* \param x BIGNUM with x-coordinate
* \param y_bit integer with the y-Bit (either 0 or 1)
* \param ctx BN_CTX object (optional)
* \return 1 on success and 0 if an error occured
* \return 1 on success and 0 if an error occurred
*/
int EC_POINT_set_compressed_coordinates_GFp(const EC_GROUP *group, EC_POINT *p,
const BIGNUM *x, int y_bit, BN_CTX *ctx);
@ -512,7 +512,7 @@ int EC_POINT_set_compressed_coordinates_GFp(const EC_GROUP *group, EC_POINT *p,
* \param x BIGNUM with the x-coordinate
* \param y BIGNUM with the y-coordinate
* \param ctx BN_CTX object (optional)
* \return 1 on success and 0 if an error occured
* \return 1 on success and 0 if an error occurred
*/
int EC_POINT_set_affine_coordinates_GF2m(const EC_GROUP *group, EC_POINT *p,
const BIGNUM *x, const BIGNUM *y, BN_CTX *ctx);
@ -523,7 +523,7 @@ int EC_POINT_set_affine_coordinates_GF2m(const EC_GROUP *group, EC_POINT *p,
* \param x BIGNUM for the x-coordinate
* \param y BIGNUM for the y-coordinate
* \param ctx BN_CTX object (optional)
* \return 1 on success and 0 if an error occured
* \return 1 on success and 0 if an error occurred
*/
int EC_POINT_get_affine_coordinates_GF2m(const EC_GROUP *group,
const EC_POINT *p, BIGNUM *x, BIGNUM *y, BN_CTX *ctx);
@ -534,7 +534,7 @@ int EC_POINT_get_affine_coordinates_GF2m(const EC_GROUP *group,
* \param x BIGNUM with x-coordinate
* \param y_bit integer with the y-Bit (either 0 or 1)
* \param ctx BN_CTX object (optional)
* \return 1 on success and 0 if an error occured
* \return 1 on success and 0 if an error occurred
*/
int EC_POINT_set_compressed_coordinates_GF2m(const EC_GROUP *group, EC_POINT *p,
const BIGNUM *x, int y_bit, BN_CTX *ctx);
@ -559,7 +559,7 @@ size_t EC_POINT_point2oct(const EC_GROUP *group, const EC_POINT *p,
* \param buf memory buffer with the encoded ec point
* \param len length of the encoded ec point
* \param ctx BN_CTX object (optional)
* \return 1 on success and 0 if an error occured
* \return 1 on success and 0 if an error occurred
*/
int EC_POINT_oct2point(const EC_GROUP *group, EC_POINT *p,
const unsigned char *buf, size_t len, BN_CTX *ctx);
@ -585,7 +585,7 @@ EC_POINT *EC_POINT_hex2point(const EC_GROUP *, const char *,
* \param a EC_POINT object with the first summand
* \param b EC_POINT object with the second summand
* \param ctx BN_CTX object (optional)
* \return 1 on success and 0 if an error occured
* \return 1 on success and 0 if an error occurred
*/
int EC_POINT_add(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, const EC_POINT *b, BN_CTX *ctx);
@ -594,7 +594,7 @@ int EC_POINT_add(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, const EC
* \param r EC_POINT object for the result (r = 2 * a)
* \param a EC_POINT object
* \param ctx BN_CTX object (optional)
* \return 1 on success and 0 if an error occured
* \return 1 on success and 0 if an error occurred
*/
int EC_POINT_dbl(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, BN_CTX *ctx);
@ -602,7 +602,7 @@ int EC_POINT_dbl(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, BN_CTX *
* \param group underlying EC_GROUP object
* \param a EC_POINT object to be inverted (it's used for the result as well)
* \param ctx BN_CTX object (optional)
* \return 1 on success and 0 if an error occured
* \return 1 on success and 0 if an error occurred
*/
int EC_POINT_invert(const EC_GROUP *group, EC_POINT *a, BN_CTX *ctx);
@ -641,7 +641,7 @@ int EC_POINTs_make_affine(const EC_GROUP *group, size_t num, EC_POINT *points[],
* \param p array of size num of EC_POINT objects
* \param m array of size num of BIGNUM objects
* \param ctx BN_CTX object (optional)
* \return 1 on success and 0 if an error occured
* \return 1 on success and 0 if an error occurred
*/
int EC_POINTs_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *n, size_t num, const EC_POINT *p[], const BIGNUM *m[], BN_CTX *ctx);
@ -652,14 +652,14 @@ int EC_POINTs_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *n, size_t nu
* \param q EC_POINT object with the first factor of the second summand
* \param m BIGNUM with the second factor of the second summand
* \param ctx BN_CTX object (optional)
* \return 1 on success and 0 if an error occured
* \return 1 on success and 0 if an error occurred
*/
int EC_POINT_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *n, const EC_POINT *q, const BIGNUM *m, BN_CTX *ctx);
/** Stores multiples of generator for faster point multiplication
* \param group EC_GROUP object
* \param ctx BN_CTX object (optional)
* \return 1 on success and 0 if an error occured
* \return 1 on success and 0 if an error occurred
*/
int EC_GROUP_precompute_mult(EC_GROUP *group, BN_CTX *ctx);
@ -844,7 +844,7 @@ int EC_KEY_generate_key(EC_KEY *key);
int EC_KEY_check_key(const EC_KEY *key);
/** Sets a public key from affine coordindates performing
* neccessary NIST PKV tests.
* necessary NIST PKV tests.
* \param key the EC_KEY object
* \param x public key x coordinate
* \param y public key y coordinate


+ 1
- 1
crypto/engine/README View File

@ -122,7 +122,7 @@ use by EVP_MD code. Ditto for tb_rsa.c, tb_dsa.c, etc. These instantiations of
ENGINE_TABLE essentially provide linker-separation of the classes so that even
if ENGINEs implement *all* possible algorithms, an application using only
EVP_CIPHER code will link at most code relating to EVP_CIPHER, tb_cipher.c, core
ENGINE code that is independant of class, and of course the ENGINE
ENGINE code that is independent of class, and of course the ENGINE
implementation that the application loaded. It will *not* however link any
class-specific ENGINE code for digests, RSA, etc nor will it bleed over into
other APIs, such as the RSA/DSA/etc library code.


+ 1
- 1
crypto/engine/eng_table.c View File

@ -189,7 +189,7 @@ end:
static void int_unregister_cb_doall_arg(ENGINE_PILE *pile, ENGINE *e)
{
int n;
/* Iterate the 'c->sk' stack removing any occurance of 'e' */
/* Iterate the 'c->sk' stack removing any occurrence of 'e' */
while((n = sk_ENGINE_find(pile->sk, e)) >= 0)
{
(void)sk_ENGINE_delete(pile->sk, n);


+ 1
- 1
crypto/err/err.c View File

@ -1038,7 +1038,7 @@ ERR_STATE *ERR_get_state(void)
ERR_STATE_free(ret); /* could not insert it */
return(&fallback);
}
/* If a race occured in this function and we came second, tmpp
/* If a race occurred in this function and we came second, tmpp
* is the first one that we just replaced. */
if (tmpp)
ERR_STATE_free(tmpp);


+ 1
- 1
crypto/evp/encode.c View File

@ -250,7 +250,7 @@ int EVP_DecodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl,
/* We parse the input data */
for (i=0; i<inl; i++)
{
/* If the current line is > 80 characters, scream alot */
/* If the current line is > 80 characters, scream a lot */
if (ln >= 80) { rv= -1; goto end; }
/* Get char and put it into the buffer */


+ 1
- 1
crypto/md5/asm/md5-sparcv9.pl View File

@ -371,7 +371,7 @@ ___
# Purpose of these subroutines is to explicitly encode VIS instructions,
# so that one can compile the module without having to specify VIS
# extentions on compiler command line, e.g. -xarch=v9 vs. -xarch=v9a.
# extensions on compiler command line, e.g. -xarch=v9 vs. -xarch=v9a.
# Idea is to reserve for option to produce "universal" binary and let
# programmer detect if current CPU is VIS capable at run-time.
sub unvis {


+ 1
- 1
crypto/modes/asm/ghash-sparcv9.pl View File

@ -530,7 +530,7 @@ ___
# Purpose of these subroutines is to explicitly encode VIS instructions,
# so that one can compile the module without having to specify VIS
# extentions on compiler command line, e.g. -xarch=v9 vs. -xarch=v9a.
# extensions on compiler command line, e.g. -xarch=v9 vs. -xarch=v9a.
# Idea is to reserve for option to produce "universal" binary and let
# programmer detect if current CPU is VIS capable at run-time.
sub unvis3 {


+ 1
- 1
crypto/objects/obj_dat.c View File

@ -207,7 +207,7 @@ static IMPLEMENT_LHASH_DOALL_FN(cleanup2, ADDED_OBJ)
static IMPLEMENT_LHASH_DOALL_FN(cleanup3, ADDED_OBJ)
/* The purpose of obj_cleanup_defer is to avoid EVP_cleanup() attempting
* to use freed up OIDs. If neccessary the actual freeing up of OIDs is
* to use freed up OIDs. If necessary the actual freeing up of OIDs is
* delayed.
*/


+ 1
- 1
crypto/perlasm/readme View File

@ -1,5 +1,5 @@
The perl scripts in this directory are my 'hack' to generate
multiple different assembler formats via the one origional script.
multiple different assembler formats via the one original script.
The way to use this library is to start with adding the path to this directory
and then include it.


+ 1
- 1
crypto/perlasm/sparcv9_modes.pl View File

@ -1376,7 +1376,7 @@ ___
# Purpose of these subroutines is to explicitly encode VIS instructions,
# so that one can compile the module without having to specify VIS
# extentions on compiler command line, e.g. -xarch=v9 vs. -xarch=v9a.
# extensions on compiler command line, e.g. -xarch=v9 vs. -xarch=v9a.
# Idea is to reserve for option to produce "universal" binary and let
# programmer detect if current CPU is VIS capable at run-time.
sub unvis {


+ 1
- 1
crypto/perlasm/x86_64-xlate.pl View File

@ -1092,7 +1092,7 @@ close STDOUT;
# .rva .LSEH_end_function
# .rva function_unwind_info
#
# Reference to functon_unwind_info from .xdata segment is the anchor.
# Reference to function_unwind_info from .xdata segment is the anchor.
# In case you wonder why references are 32-bit .rvas and not 64-bit
# .quads. References put into these two segments are required to be
# *relative* to the base address of the current binary module, a.k.a.


+ 1
- 1
crypto/pkcs7/bio_ber.c View File

@ -96,7 +96,7 @@ typedef struct bio_ber_struct
int depth; /* used with indefinite encoding. */
int finished; /* No more read data */
/* writting */
/* writing */
char *w_addr;
int w_offset;
int w_left;


+ 2
- 2
crypto/pkcs7/example.c View File

@ -132,7 +132,7 @@ int get_signed_seq2string(PKCS7_SIGNER_INFO *si, char **str1, char **str2)
c.p=ASN1_STRING_data(s);
c.max=c.p+ASN1_STRING_length(s);
if (!asn1_GetSequence(&c,&length)) goto err;
/* Length is the length of the seqence */
/* Length is the length of the sequence */
c.q=c.p;
if ((os1=d2i_ASN1_OCTET_STRING(NULL,&c.p,c.slen)) == NULL)
@ -299,7 +299,7 @@ int sk_get_seq2string(STACK_OF(X509_ATTRIBUTE) *sk, char **str1, char **str2)
c.p=ASN1_STRING_data(s);
c.max=c.p+ASN1_STRING_length(s);
if (!asn1_GetSequence(&c,&length)) goto err;
/* Length is the length of the seqence */
/* Length is the length of the sequence */
c.q=c.p;
if ((os1=d2i_ASN1_OCTET_STRING(NULL,&c.p,c.slen)) == NULL)


+ 1
- 1
crypto/pkcs7/pk7_doit.c View File

@ -544,7 +544,7 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert)
if (pcert == NULL)
{
/* Always attempt to decrypt all rinfo even
* after sucess as a defence against MMA timing
* after success as a defence against MMA timing
* attacks.
*/
for (i=0; i<sk_PKCS7_RECIP_INFO_num(rsk); i++)


+ 2
- 2
crypto/rand/rand_egd.c View File

@ -72,7 +72,7 @@
* of entropy bytes are requested. The connection is left open until the
* query is competed.
* RAND_query_egd_bytes() returns with
* -1 if an error occured during connection or communication.
* -1 if an error occurred during connection or communication.
* num the number of bytes read from the EGD socket. This number is either
* the number of bytes requested or smaller, if the EGD pool is
* drained and the daemon signals that the pool is empty.
@ -84,7 +84,7 @@
* RAND_egd_bytes() is a wrapper for RAND_query_egd_bytes() with buf=NULL.
* Unlike RAND_query_egd_bytes(), RAND_status() is used to test the
* seed status so that the return value can reflect the seed state:
* -1 if an error occured during connection or communication _or_
* -1 if an error occurred during connection or communication _or_
* if the PRNG has still not received the required seeding.
* num the number of bytes read from the EGD socket. This number is either
* the number of bytes requested or smaller, if the EGD pool is


+ 1
- 1
crypto/rand/rand_nw.c View File

@ -142,7 +142,7 @@ int RAND_poll(void)
* ThreadSwitchWithDelay() will introduce additional variability into
* the data returned by rdtsc.
*
* Applications can agument the seed material by adding additional
* Applications can argument the seed material by adding additional
* stuff with RAND_add() and should probably do so.
*/
l = GetProcessSwitchCount();


+ 1
- 1
crypto/rc2/version View File

@ -1,7 +1,7 @@
1.1 23/08/96 - eay
Changed RC2_set_key() so it now takes another argument. Many
thanks to Peter Gutmann <pgut01@cs.auckland.ac.nz> for the
clarification and origional specification of RC2. BSAFE uses
clarification and original specification of RC2. BSAFE uses
this last parameter, 'bits'. It the key is 128 bits, BSAFE
also sets this parameter to 128. The old behaviour can be
duplicated by setting this parameter to 1024.


+ 1
- 1
crypto/ripemd/README View File

@ -8,7 +8,7 @@ this point I will not bother right now. I believe the trick will be
to remove my 'copy X array onto stack' until inside the RIP1() finctions the
first time round. To do this I need another register and will only have one
temporary one. A bit tricky.... I can also cleanup the saving of the 5 words
after the first half of the calculation. I should read the origional
after the first half of the calculation. I should read the original
value, add then write. Currently I just save the new and read the origioal.
I then read both at the end. Bad.


+ 1
- 1
crypto/sha/asm/sha1-sparcv9.pl View File

@ -368,7 +368,7 @@ ___
# Purpose of these subroutines is to explicitly encode VIS instructions,
# so that one can compile the module without having to specify VIS
# extentions on compiler command line, e.g. -xarch=v9 vs. -xarch=v9a.
# extensions on compiler command line, e.g. -xarch=v9 vs. -xarch=v9a.
# Idea is to reserve for option to produce "universal" binary and let
# programmer detect if current CPU is VIS capable at run-time.
sub unvis {


+ 1
- 1
crypto/sha/asm/sha1-sparcv9a.pl View File

@ -544,7 +544,7 @@ ___
# Purpose of these subroutines is to explicitly encode VIS instructions,
# so that one can compile the module without having to specify VIS
# extentions on compiler command line, e.g. -xarch=v9 vs. -xarch=v9a.
# extensions on compiler command line, e.g. -xarch=v9 vs. -xarch=v9a.
# Idea is to reserve for option to produce "universal" binary and let
# programmer detect if current CPU is VIS capable at run-time.
sub unvis {


+ 1
- 1
crypto/sha/asm/sha512-sparcv9.pl View File

@ -791,7 +791,7 @@ ___
# Purpose of these subroutines is to explicitly encode VIS instructions,
# so that one can compile the module without having to specify VIS
# extentions on compiler command line, e.g. -xarch=v9 vs. -xarch=v9a.
# extensions on compiler command line, e.g. -xarch=v9 vs. -xarch=v9a.
# Idea is to reserve for option to produce "universal" binary and let
# programmer detect if current CPU is VIS capable at run-time.
sub unvis {


+ 1
- 1
crypto/x509v3/pcy_tree.c View File

@ -132,7 +132,7 @@ static void tree_print(char *str, X509_POLICY_TREE *tree,
#endif
/* Initialize policy tree. Return values:
* 0 Some internal error occured.
* 0 Some internal error occurred.
* -1 Inconsistent or invalid extensions in certificates.
* 1 Tree initialized OK.
* 2 Policy tree is empty.


+ 1
- 1
demos/certs/apps/apps.cnf View File

@ -15,7 +15,7 @@ default_keyfile = privkey.pem
# Don't prompt for fields: use those in section directly
prompt = no
distinguished_name = req_distinguished_name
x509_extensions = v3_ca # The extentions to add to the self signed cert
x509_extensions = v3_ca # The extensions to add to the self signed cert
string_mask = utf8only
# req_extensions = v3_req # The extensions to add to a certificate request


+ 1
- 1
demos/certs/ca.cnf View File

@ -16,7 +16,7 @@ default_keyfile = privkey.pem
# Don't prompt for fields: use those in section directly
prompt = no
distinguished_name = req_distinguished_name
x509_extensions = v3_ca # The extentions to add to the self signed cert
x509_extensions = v3_ca # The extensions to add to the self signed cert
string_mask = utf8only
# req_extensions = v3_req # The extensions to add to a certificate request


+ 1
- 1
demos/easy_tls/easy-tls.c View File

@ -971,7 +971,7 @@ tls_proxy(int clear_fd, int tls_fd, int info_fd, SSL_CTX *ctx, int client_p)
/* loop finishes as soon as we detect that one side closed;
* when all (program and OS) buffers have enough space,
* the data from the last succesful read in each direction is transferred
* the data from the last successful read in each direction is transferred
* before close */
do {
int clear_read_select = 0, clear_write_select = 0,


+ 2
- 2
demos/engines/zencod/hw_zencod.h View File

@ -135,7 +135,7 @@ typedef int t_zencod_sha1_do_final ( ZEN_MD_DATA *data, KEY *output ) ;
/* key : rc4 key data */
/* index_1 : value of index x from RC4 key structure */
/* index_2 : value of index y from RC4 key structure */
/* Be carefull : RC4 key should be expanded before calling this method (Should we provide an expand function ??) */
/* Be careful : RC4 key should be expanded before calling this method (Should we provide an expand function ??) */
typedef int t_zencod_rc4_cipher ( KEY *output, const KEY *input, const KEY *key,
unsigned char *index_1, unsigned char *index_2, int mode ) ;
@ -146,7 +146,7 @@ typedef int t_zencod_rc4_cipher ( KEY *output, const KEY *input, const KEY *key,
/* key_3 : des third key data */
/* iv : initial vector */
/* mode : xdes mode (encrypt or decrypt) */
/* Be carefull : In DES mode key_1 = key_2 = key_3 (as far as i can see !!) */
/* Be careful : In DES mode key_1 = key_2 = key_3 (as far as i can see !!) */
typedef int t_zencod_xdes_cipher ( KEY *output, const KEY *input, const KEY *key_1,
const KEY *key_2, const KEY *key_3, const KEY *iv, int mode ) ;


+ 1
- 1
doc/apps/openssl.pod View File

@ -153,7 +153,7 @@ Generation of Private Key or Parameters.
=item L<B<genrsa>|genrsa(1)>
Generation of RSA Private Key. Superceded by L<B<genpkey>|genpkey(1)>.
Generation of RSA Private Key. Superseded by L<B<genpkey>|genpkey(1)>.
=item L<B<nseq>|nseq(1)>


+ 1
- 1
doc/apps/req.pod View File

@ -159,7 +159,7 @@ B<param:file> generates a key using the parameter file or certificate B<file>,
the algorithm is determined by the parameters. B<algname:file> use algorithm
B<algname> and parameter file B<file>: the two algorithms must match or an
error occurs. B<algname> just uses algorithm B<algname>, and parameters,
if neccessary should be specified via B<-pkeyopt> parameter.
if necessary should be specified via B<-pkeyopt> parameter.
B<dsa:filename> generates a DSA key using the parameters
in the file B<filename>. B<ec:filename> generates EC key (usable both with


+ 1
- 1
doc/apps/x509v3_config.pod View File

@ -174,7 +174,7 @@ The IP address used in the B<IP> options can be in either IPv4 or IPv6 format.
The value of B<dirName> should point to a section containing the distinguished
name to use as a set of name value pairs. Multi values AVAs can be formed by
preceeding the name with a B<+> character.
preceding the name with a B<+> character.
otherName can include arbitrary data associated with an OID: the value
should be the OID followed by a semicolon and the content in standard


+ 1
- 1
doc/crypto/ASN1_generate_nconf.pod View File

@ -61,7 +61,7 @@ Encode the B<NULL> type, the B<value> string must not be present.
=item B<INTEGER>, B<INT>
Encodes an ASN1 B<INTEGER> type. The B<value> string represents
the value of the integer, it can be preceeded by a minus sign and
the value of the integer, it can be preceded by a minus sign and
is normally interpreted as a decimal value unless the prefix B<0x>
is included.


+ 1
- 1
doc/crypto/BN_BLINDING_new.pod View File

@ -84,7 +84,7 @@ or NULL in case of an error.
BN_BLINDING_update(), BN_BLINDING_convert(), BN_BLINDING_invert(),
BN_BLINDING_convert_ex() and BN_BLINDING_invert_ex() return 1 on
success and 0 if an error occured.
success and 0 if an error occurred.
BN_BLINDING_thread_id() returns a pointer to the thread id object
within a B<BN_BLINDING> object.


+ 1
- 1
doc/crypto/EVP_DigestInit.pod View File

@ -267,7 +267,7 @@ and EVP_DigestFinal_ex() were added in OpenSSL 0.9.7.
EVP_md_null(), EVP_md2(), EVP_md5(), EVP_sha(), EVP_sha1(),
EVP_dss(), EVP_dss1(), EVP_mdc2() and EVP_ripemd160() were
changed to return truely const EVP_MD * in OpenSSL 0.9.7.
changed to return truly const EVP_MD * in OpenSSL 0.9.7.
The link between digests and signing algorithms was fixed in OpenSSL 1.0 and
later, so now EVP_sha1() can be used with RSA and DSA, there is no need to


+ 2
- 2
doc/crypto/EVP_PKEY_cmp.pod View File

@ -23,10 +23,10 @@ doesn't use parameters.
The function EVP_PKEY_copy_parameters() copies the parameters from key
B<from> to key B<to>.
The funcion EVP_PKEY_cmp_parameters() compares the parameters of keys
The function EVP_PKEY_cmp_parameters() compares the parameters of keys
B<a> and B<b>.
The funcion EVP_PKEY_cmp() compares the public key components and paramters
The function EVP_PKEY_cmp() compares the public key components and paramters
(if present) of keys B<a> and B<b>.
=head1 NOTES


+ 1
- 1
doc/crypto/X509_NAME_add_entry_by_txt.pod View File

@ -44,7 +44,7 @@ B<loc>. The deleted entry is returned and must be freed up.
=head1 NOTES
The use of string types such as B<MBSTRING_ASC> or B<MBSTRING_UTF8>
is strongly recommened for the B<type> parameter. This allows the
is strongly recommend for the B<type> parameter. This allows the
internal code to correctly determine the type of the field and to
apply length checks according to the relevant standards. This is
done using ASN1_STRING_set_by_NID().


+ 4
- 4
doc/crypto/X509_STORE_CTX_get_error.pod View File

@ -32,7 +32,7 @@ checks.
X509_STORE_CTX_get_error_depth() returns the B<depth> of the error. This is a
non-negative integer representing where in the certificate chain the error
occurred. If it is zero it occured in the end entity certificate, one if
occurred. If it is zero it occurred in the end entity certificate, one if
it is the certificate which signed the end entity certificate and so on.
X509_STORE_CTX_get_current_cert() returns the certificate in B<ctx> which
@ -246,11 +246,11 @@ Some feature of a certificate extension is not supported. Unused.
=item B<X509_V_ERR_PERMITTED_VIOLATION: permitted subtree violation>
A name constraint violation occured in the permitted subtrees.
A name constraint violation occurred in the permitted subtrees.
=item B<X509_V_ERR_EXCLUDED_VIOLATION: excluded subtree violation>
A name constraint violation occured in the excluded subtrees.
A name constraint violation occurred in the excluded subtrees.
=item B<X509_V_ERR_SUBTREE_MINMAX: name constraints minimum and maximum not supported>
@ -270,7 +270,7 @@ a garbage extension or some new feature not currently supported.
=item B<X509_V_ERR_CRL_PATH_VALIDATION_ERROR: CRL path validation error>
An error occured when attempting to verify the CRL path. This error can only
An error occurred when attempting to verify the CRL path. This error can only
happen if extended CRL checking is enabled.
=item B<X509_V_ERR_APPLICATION_VERIFICATION: application verification failure>


+ 1
- 1
doc/crypto/rand.pod View File

@ -39,7 +39,7 @@ Since the introduction of the ENGINE API, the recommended way of controlling
default implementations is by using the ENGINE API functions. The default
B<RAND_METHOD>, as set by RAND_set_rand_method() and returned by
RAND_get_rand_method(), is only used if no ENGINE has been set as the default
"rand" implementation. Hence, these two functions are no longer the recommened
"rand" implementation. Hence, these two functions are no longer the recommend
way to control defaults.
If an alternative B<RAND_METHOD> implementation is being used (either set


+ 14
- 14
doc/ssleay.txt View File

@ -539,13 +539,13 @@ int X509_verify_cert(
The applications
Ok, where to begin....
In the begining, when SSLeay was small (April 1995), there
In the beginning, when SSLeay was small (April 1995), there
were but few applications, they did happily cohabit in
the one bin directory. Then over time, they did multiply and grow,
and they started to look like microsoft software; 500k to print 'hello world'.
A new approach was needed. They were coalessed into one 'Monolithic'
application, ssleay. This one program is composed of many programs that
can all be compiled independantly.
can all be compiled independently.
ssleay has 3 modes of operation.
1) If the ssleay binary has the name of one of its component programs, it
@ -1733,7 +1733,7 @@ int BN_mul(BIGNUM *r, BIGNUM *a, BIGNUM *b);
int BN_sqr(BIGNUM *r, BIGNUM *a, BN_CTX *ctx);
Multiply a by a and return the result in 'r'. 'r' must not be
'a'. This function is alot faster than BN_mul(r,a,a). This is r=a*a.
'a'. This function is a lot faster than BN_mul(r,a,a). This is r=a*a.
int BN_div(BIGNUM *dv, BIGNUM *rem, BIGNUM *m, BIGNUM *d, BN_CTX *ctx);
Divide 'm' by 'd' and return the result in 'dv' and the remainder
@ -3797,7 +3797,7 @@ patent law and ITAR restrictions.
Inside the USA there is also the unresolved issue of RC4/RC2 which were
made public on sci.crypt in Sep 1994 (RC4) and Feb 1996 (RC2). I have
copies of the origional postings if people are interested. RSA I believe
copies of the original postings if people are interested. RSA I believe
claim that they were 'trade-secrets' and that some-one broke an NDA in
revealing them. Other claim they reverse engineered the algorithms from
compiled binaries. If the algorithms were reverse engineered, I believe
@ -4143,7 +4143,7 @@ CRYPTO_malloc(), CRYPTO_free() and CRYPTO_realloc().
If it is not defined, they are #defined to malloc(), free() and realloc().
the CRYPTO_malloc() routines by default just call the underlying library
functons.
functions.
If CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON) is called, memory leak detection is
turned on. CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_OFF) turns it off.
@ -4185,7 +4185,7 @@ The ca program uses the ssleay.conf file for most of its configuration
./ca -help
-verbose - Talk alot while doing things
-verbose - Talk a lot while doing things
-config file - A config file. If you don't want to use the
default config file
-name arg - The particular CA definition to use
@ -4336,7 +4336,7 @@ login password.
2.) The practical usage
-----------------------
Unfortunatly since CAPI is a system API you can't access its functions from
Unfortunately since CAPI is a system API you can't access its functions from
HTML code directly. For this purpose Microsoft provides a wrapper called
certenr3.dll. This DLL accesses the CAPI functions and provides an interface
usable from Visual Basic Script. One needs to install that library on the
@ -4390,7 +4390,7 @@ AcceptCredentials(sessionID, credentials, 0, FALSE)
CRL's and CA certs are not required simply just the client cert. (It seems to
me that both are not even checked somehow.) The only format of the base64
encoded object I succesfully used was all characters in a very long string
encoded object I successfully used was all characters in a very long string
without line feeds or carriage returns. (Hey, it doesn't matter, only a
computer reads it!)
@ -4537,7 +4537,7 @@ text. I use two templates to have a clearer script.
site. Grab it from http://www.easterngraphics.com/certs/IX9704/postit2.c. You
need utils.c from there too.
2nd note: I'm note quite sure wether the gawk script really handles all
2nd note: I'm note quite sure whether the gawk script really handles all
possible inputs for the request right! Today I don't use this construction
anymore myself.
@ -5103,7 +5103,7 @@ It is of a similar speed to DES and IDEA, so unless it is required for
meeting some standard (SSLv2, perhaps S/MIME), it would probably be advisable
to stick to IDEA, or for the paranoid, Tripple DES.
Mind you, having said all that, I should mention that I just read alot and
Mind you, having said all that, I should mention that I just read a lot and
implement ciphers, I'm a 'babe in the woods' when it comes to evaluating
ciphers :-).
@ -6389,7 +6389,7 @@ implementation. I have tried to make all the routines as general purpose
as possible. So you should not think of this library as an SSL
implemtation, but rather as a library of cryptographic functions
that also contains SSL. I refer to each of these function groupings as
libraries since they are often capable of functioning as independant
libraries since they are often capable of functioning as independent
libraries
First up, the general ciphers and message digests supported by the library.
@ -6441,7 +6441,7 @@ DH This is an implementation of the
to using numbers suplied by others. I conform to the PKCS#3
standard where required.
You may have noticed the preceeding section mentions the 'generation' of
You may have noticed the preceding section mentions the 'generation' of
prime numbers. Now this requries the use of 'random numbers'.
RAND This psuedo-random number library is based on MD5 at it's core
@ -6812,7 +6812,7 @@ all include e_os.h which contains OS/environment specific information.
If you need to add something todo with a particular environment,
add it to this file. It is worth remembering that quite a few libraries,
like lhash, des, md, sha etc etc do not include crypto/cryptlib.h. This
is because these libraries should be 'independantly compilable' and so I
is because these libraries should be 'independently compilable' and so I
try to keep them this way.
e_os.h is not so much a part of SSLeay, as the placing in one spot all the
evil OS dependant muck.
@ -6834,7 +6834,7 @@ everthing will work as expected. Don't edit progs.h by hand.
make links re-generates the symbolic links that are used. The reason why
I keep everything in its own directory, and don't put all the
test programs and header files in 'test' and 'include' is because I want
to keep the 'sub-libraries' independant. I still 'pull' out
to keep the 'sub-libraries' independent. I still 'pull' out
indervidual libraries for use in specific projects where the code is
required. I have used the 'lhash' library in just about every software
project I have worked on :-).


+ 1
- 1
e_os.h View File

@ -82,7 +82,7 @@ extern "C" {
#define DEVRANDOM "/dev/urandom","/dev/random","/dev/srandom"
#endif
#ifndef DEVRANDOM_EGD
/* set this to a comma-seperated list of 'egd' sockets to try out. These
/* set this to a comma-separated list of 'egd' sockets to try out. These
* sockets will be tried in the order listed in case accessing the device files
* listed in DEVRANDOM did not return enough entropy. */
#define DEVRANDOM_EGD "/var/run/egd-pool","/dev/egd-pool","/etc/egd-pool","/etc/entropy"


+ 1
- 1
engines/ccgost/README.gost View File