Skip to content

Commit

Permalink
Add missing variable length cipher flag for Blowfish.
Browse files Browse the repository at this point in the history 
Only use trust settings if either trust or reject settings
are present, otherwise use compatibility mode. This stops
root CAs being rejected if they have alias of keyid set.
  • Loading branch information
@snhenson
snhenson committed May 24, 2001
1 parent 98405f2 commit 76c919c
Show file tree
Hide file tree
Showing 3 changed files with 11 additions and 3 deletions.
9 changes: 8 additions & 1 deletion CHANGES
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,13 @@
*) applies to 0.9.6a (/0.9.6b) and 0.9.7
+) applies to 0.9.7 only

*) Fix for compatibility mode trust settings: ignore trust settings
unless some valid trust or reject settings are present.
[Steve Henson]

*) Fix for blowfish EVP: its a variable length cipher.
[Steve Henson]

+) Increase ENTROPY_NEEDED to 32 bytes, as Rijndael can operate with
256 bit (=32 byte) keys. Of course seeding with more entropy bytes
than this minimum value is recommended.
Expand Down Expand Up @@ -97,7 +104,7 @@
ENGINE structure.
[Geoff]

+) Fix various bugs related to DSA S/MIME verification. Handle missing
*) Fix various bugs related to DSA S/MIME verification. Handle missing
parameters in DSA public key structures and return an error in the
DSA routines if parameters are absent.
[Steve Henson]
Expand Down
2 changes: 1 addition & 1 deletion crypto/evp/e_bf.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -67,7 +67,7 @@ static int bf_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
const unsigned char *iv, int enc);

IMPLEMENT_BLOCK_CIPHER(bf, bf_ks, BF, bf_ks, NID_bf, 8, 16, 8,
0, bf_init_key, NULL,
EVP_CIPH_VARIABLE_LENGTH, bf_init_key, NULL,
EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv, NULL)

static int bf_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
Expand Down
3 changes: 2 additions & 1 deletion crypto/x509/x509_trs.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -241,7 +241,8 @@ int X509_TRUST_get_trust(X509_TRUST *xp)

static int trust_1oidany(X509_TRUST *trust, X509 *x, int flags)
{
if(x->aux) return obj_trust(trust->arg1, x, flags);
if(x->aux && (x->aux->trust || x->aux->reject))
return obj_trust(trust->arg1, x, flags);
/* we don't have any trust settings: for compatibility
* we return trusted if it is self signed
*/
Expand Down

0 comments on commit 76c919c

Please sign in to comment.