Add PBE algorithms with ciphers, not digests.

diff --git a/crypto/evp/c_allc.c b/crypto/evp/c_allc.c
index 22c02d2bbae575ee0037fec892145f407257c19a..f24d3756c904a8650f30ce77a4b97683d16845c7 100644 (file)
--- a/crypto/evp/c_allc.c
+++ b/crypto/evp/c_allc.c
@@ -1,4 +1,4 @@
-/* crypto/evp/c_all.c */
+/* crypto/evp/c_allc.c */

 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *


@@ -144,4 +144,6 @@ void OpenSSL_add_all_ciphers(void)
        EVP_add_cipher_alias(SN_rc5_cbc,"rc5");
        EVP_add_cipher_alias(SN_rc5_cbc,"RC5");
 #endif
        EVP_add_cipher_alias(SN_rc5_cbc,"rc5");
        EVP_add_cipher_alias(SN_rc5_cbc,"RC5");
 #endif

+       PKCS12_PBE_add();
+       PKCS5_PBE_add();

        }
        }

diff --git a/crypto/evp/c_alld.c b/crypto/evp/c_alld.c
index 6c722847ea32f72a1e5603a4070cc27a720a2505..febe51a3ee4372dbf3dac2271919bcaa9595bf08 100644 (file)
--- a/crypto/evp/c_alld.c
+++ b/crypto/evp/c_alld.c
@@ -1,4 +1,4 @@
-/* crypto/evp/c_all.c */
+/* crypto/evp/c_alld.c */

 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *


@@ -97,6 +97,4 @@ void OpenSSL_add_all_digests(void)
        EVP_add_digest_alias(SN_ripemd160,"ripemd");
        EVP_add_digest_alias(SN_ripemd160,"rmd160");
 #endif
        EVP_add_digest_alias(SN_ripemd160,"ripemd");
        EVP_add_digest_alias(SN_ripemd160,"rmd160");
 #endif

-       PKCS12_PBE_add();
-       PKCS5_PBE_add();

        }
        }

diff --git a/doc/crypto/EVP_EncryptInit.pod b/doc/crypto/EVP_EncryptInit.pod
index c84f593dbbac34e74e83a0b8438f56eaa9bb395e..9400a025dbd40bd6a9f4921b36e66e50aaa2ef00 100644 (file)
--- a/doc/crypto/EVP_EncryptInit.pod
+++ b/doc/crypto/EVP_EncryptInit.pod
@@ -67,7 +67,7 @@ to (inl + cipher_block_size - 1) so B<outl> should contain sufficient
 room.  The actual number of bytes written is placed in B<outl>.
 
 EVP_EncryptFinal() encrypts the "final" data, that is any data that
 room.  The actual number of bytes written is placed in B<outl>.
 
 EVP_EncryptFinal() encrypts the "final" data, that is any data that

-remains in a partial block. It uses standard block padding (aka PKCS
+remains in a partial block. It uses L<standard block padding|/NOTES> (aka PKCS

 padding). The encrypted final data is written to B<out> which should
 have sufficient space for one cipher block. The number of bytes written
 is placed in B<outl>. After this function is called the encryption operation
 padding). The encrypted final data is written to B<out> which should
 have sufficient space for one cipher block. The number of bytes written
 is placed in B<outl>. After this function is called the encryption operation


@@ -117,7 +117,9 @@ length for all ciphers.
 EVP_CIPHER_type() and EVP_CIPHER_CTX_type() return the type of the passed
 cipher or context. This "type" is the actual NID of the cipher OBJECT
 IDENTIFIER as such it ignores the cipher parameters and 40 bit RC2 and
 EVP_CIPHER_type() and EVP_CIPHER_CTX_type() return the type of the passed
 cipher or context. This "type" is the actual NID of the cipher OBJECT
 IDENTIFIER as such it ignores the cipher parameters and 40 bit RC2 and

-128 bit RC2 have the same NID.
+128 bit RC2 have the same NID. If the cipher does not have an object
+identifier or does not have ASN1 support this function will return
+B<NID_undef>.

 
 EVP_CIPHER_CTX_cipher() returns the B<EVP_CIPHER> structure when passed
 an B<EVP_CIPHER_CTX> structure.
 
 EVP_CIPHER_CTX_cipher() returns the B<EVP_CIPHER> structure when passed
 an B<EVP_CIPHER_CTX> structure.


@@ -168,6 +170,14 @@ length.
 EVP_CIPHER_iv_length() and EVP_CIPHER_CTX_iv_length() return the IV
 length or zero if the cipher does not use an IV.
 
 EVP_CIPHER_iv_length() and EVP_CIPHER_CTX_iv_length() return the IV
 length or zero if the cipher does not use an IV.
 

+EVP_CIPHER_type() and EVP_CIPHER_CTX_type() return the NID of the cipher's
+OBJECT IDENTIFIER or NID_undef if it has no defined OBJECT IDENTIFIER.
+
+EVP_CIPHER_CTX_cipher() returns an B<EVP_CIPHER> structure.
+
+EVP_CIPHER_param_to_asn1() and EVP_CIPHER_asn1_to_param() return 1 for 
+success or zero for failure.
+

 =head1 NOTES
 
 Where possible the B<EVP> interface to symmetric ciphers should be used in
 =head1 NOTES
 
 Where possible the B<EVP> interface to symmetric ciphers should be used in

diff --git a/doc/crypto/OpenSSL_add_all_algorithms.pod b/doc/crypto/OpenSSL_add_all_algorithms.pod
new file mode 100644 (file)
index 0000000..1300fe1
--- /dev/null
+++ b/doc/crypto/OpenSSL_add_all_algorithms.pod
@@ -0,0 +1,65 @@
+=pod
+
+=head1 NAME
+
+OpenSSL_add_all_algorithms() - add algorithms to internal table
+
+=head1 SYNOPSIS
+
+ #include <openssl/evp.h>
+
+ void OpenSSL_add_all_algorithms(void);
+ void OpenSSL_add_all_ciphers(void);
+ void OpenSSL_add_all_digests(void);
+
+ void EVP_cleanup(void);
+
+=head1 DESCRIPTION
+
+OpenSSL keeps an internal table of digest algorithms and ciphers. It uses
+this table to lookup ciphers via functions such as EVP_get_cipher_byname().
+
+OpenSSL_add_all_digests() adds all digest algorithms to the table.
+
+OpenSSL_add_all_algorithms() adds all algorithms to the table (digests and
+ciphers).
+
+OpenSSL_add_all_ciphers() adds all encryption algorithms to the table including
+password based encryption algorithms.
+
+EVP_cleanup() removes all ciphers and digests from the table.
+
+=head1 RETURN VALUES
+
+None of the functions return a value.
+
+=head1 NOTES
+
+A typical application will will call OpenSSL_add_all_algorithms() initially and
+EVP_cleanup() before exiting.
+
+An application does not need to add algorithms to use them explicitly, for example
+by EVP_sha1(). It just needs to add them if it (or any of the functions it calls)
+needs to lookup algorithms.
+
+The cipher and digest lookup functions are used in many parts of the library. If
+the table is not initialised several functions will misbehave and complain they
+cannot find algorithms. This includes the PEM, PKCS#12, SSL and S/MIME libraries.
+This is a common query in the OpenSSL mailing lists.
+
+Calling OpenSSL_add_all_algorithms() links in all algorithms: as a result a
+statically linked executable can be quite large. If this is important it is possible
+to just add the required ciphers and digests.
+
+=head1 BUGS
+
+Although the functions do not return error codes it is possible for them to fail.
+This will only happen as a result of a memory allocation failure so this is not
+too much of a problem in practice.
+
+=head1 SEE ALSO
+
+L<evp(3)|evp(3)>, L<EVP_DigestInit(3)|EVP_DigestInit(3)>,
+L<EVP_EncryptInit(3)|EVP_EncryptInit(3)>
+
+=cut