sjg
3a0c68edfd
Add support for SHA1 hashed passwords.
...
The algorithm used is essentially PBKDF1 from RFC 2898 but using
hmac_sha1 rather than SHA1 directly (suggested by smb@research.att.com ).
* The format of the encrypted password is:
* $<tag>$<iterations>$<salt>$<digest>
*
* where:
* <tag> is "sha1"
* <iterations> is an unsigned int identifying how many rounds
* have been applied to <digest>. The number
* should vary slightly for each password to make
* it harder to generate a dictionary of
* pre-computed hashes. See crypt_sha1_iterations.
* <salt> up to 64 bytes of random data, 8 bytes is
* currently considered more than enough.
* <digest> the hashed password.
hmac.c implementes HMAC as defined in RFC 2104 and includes a unit
test for both hmac_sha1 and hmac_sha1 using a selection of the Known
Answer Tests from RFC 2202.
It is worth noting that to be FIPS compliant the hmac key (password)
should be 10-20 chars.
2004-07-02 00:05:23 +00:00
groo
19aa054c0d
Actually install the new man pages.
2004-03-22 00:48:04 +00:00
groo
80ddfc8cb9
update documentation from 0.9.7b to 0.9.7d
2004-03-20 21:48:44 +00:00
wiz
73e1501b98
parameter with two es. From Peter Postma.
2004-02-24 15:22:01 +00:00
itojun
08cbee504f
avoid bswapl, which is post-i486 (including i486) insn. markus@openbsd
2003-11-13 19:36:31 +00:00
itojun
015dc7875b
accelerate sha1 by using asm (i386). markus@openbsd.
...
there's internal symbol name changes, but it does not warrant shlib minor
bump as the symbol is totally internal.
2003-11-13 02:10:00 +00:00
itojun
b6743615c4
correction made in 0.9.7c; from markus@openbsd
2003-11-12 16:20:27 +00:00
itojun
aec01dda91
sync w/ openssl 0.9.7c. shlib minor bump for libcrypto.
...
(ERR_release_err_state_table() added)
2003-11-04 23:54:26 +00:00
itojun
87abfaaaff
resurrect assembly version of bignum operation; pointed out by perry
2003-11-04 21:06:32 +00:00
ragge
2fc6066af3
Add assembly routines for some of the bignum functions. Most comes from VMS,
...
a few written by me. This speeds up ssh 2-3 times.
2003-11-03 10:22:28 +00:00
lukem
f85d2d1c14
Use ${HOST_SH} instead of `sh'.
...
If necessary, pull in <bsd.sys.mk> to get the definition of HOST_SH;
Makefiles that pull in one of (most of) <bsd.*.mk> will get this anyway.
2003-10-26 07:25:33 +00:00
itojun
f4401cd869
upgrade openssl to 0.9.7b. (AES is now supported)
...
alter des.h to be friendly with openssl/des.h (you can include both in the
same file)
make libkrb to depend on libdes. bump major.
massage various portioin of heimdal to be friendly with openssl 0.9.7b.
2003-07-24 14:16:30 +00:00
itojun
df738798b1
install des_modes(7) from libdes, not from libcrypto
2003-07-23 05:46:00 +00:00
itojun
98cf94c860
install des.3 from libdes, not from libcrypto.
...
(eventually libcrypto will switch to DES_xx)
2003-07-23 05:43:43 +00:00
itojun
9f89c3577c
split libdes from libcrypto. libdes bumps shlib major.
...
(no dependency in libraries)
libdes provides des_xx functions based on openssl 0.9.6j.
2003-07-23 05:20:17 +00:00
itojun
df0916cac9
MDC2 is patented
2003-07-14 13:49:21 +00:00
wiz
03cb7d2b4f
Remove .UC -- not Berkeley Distribution man pages.
2003-06-30 14:18:56 +00:00
jmc
84b2ae9f5b
Typo police
2003-05-15 16:46:55 +00:00
thorpej
69c5577b0b
Make the des.h -> openssl/des.h symlink relative.
2003-04-26 00:53:17 +00:00
thorpej
aef8e968bf
Don't link libcrypto against libcrypt; that doesn't work on systems
...
that don't support shared libraries. Instead, build the NetBSD crypt(3)
library directly into libcrypto.
2003-04-17 00:32:22 +00:00
perry
50f8bf598f
symlink /usr/include/des.h to openssl/des.h
...
This is done in FreeBSD, and OpenBSD apparently also has a des.h
inspired by Greg Woods in PR lib/10528
2003-04-06 18:12:36 +00:00
perry
d3a7a45513
add links for des functions. PR bin/10528 from Greg Woods
2003-04-06 17:44:41 +00:00
mycroft
76126365c9
Link libcrypto against libcrypt to make sure crypt() is still there -- and
...
therefore build it earlier in the build process as well.
2003-04-03 00:41:50 +00:00
wiz
83de4abed2
Use "its" instead of "it's" where appropriate.
...
From Soren Jacobsen in PR 20730.
2003-03-15 23:48:27 +00:00
jschauma
432d470724
Fix typos pointed out by Igor Sobrado in PR misc/19621.
2003-01-02 00:22:29 +00:00
jschauma
ba40d7ee64
Fix tyops pointed out by Igor Sobrado in PR misc/19627
...
openssl_rand(1) - generater (generator?)
openssl_req(1) - stateOrPrivinceName (stateOrProvinceName),
eg. (e.g., Latin exempli gratia)
openssl_rsa(1) - thse (these, perhaps those)
openssl_s_client(1) - implicitely (implicitly),
renegociated (renegotiated)
openssl_x509(1) - beginnging (beginning, whow!),
repesents (represents)
2003-01-01 21:43:13 +00:00
lukem
93305911e9
Move libcrypto.so* from /usr/lib to /lib, as /sbin/cgdconfig needs it.
...
Requested by elric@.
2002-10-07 00:53:31 +00:00
thorpej
09a0767aa9
Only use the MKDYNAMICROOT semantics (i.e. -rpath=/lib,/usr/lib and
...
-dynamic-linker=/libexec/ld.elf_so) if the BINDIR of the program being
built is /bin or /sbin.
The reason we do this is because now all programs *except* those in
/bin and /sbin (i.e. the "special cases") match the default the compiler
uses, which is what is used for things in e.g. xsrc, pkgsrc, and other
random 3rd party programs.
This is done by decoupling where a shlib is installed from how it
is located. Two new variables, SHLIBINSTALLDIR and SHLINKINSTALLDIR,
contain the former information, and key off MKDYNAMICROOT only. SHLIBDIR
and SHLINKDIR contain the latter, and key off MKDYNAMICROOT and BINDIR.
The SHLIBINSTALLDIR, SHLIBDIR, _LIBSODIR, SHLINKINSTALLDIR, and
SHLINKDIR parameters are moved to a new <bsd.shlib.mk>; see bsd.README
for usage details.
2002-09-27 21:37:50 +00:00
itojun
633fb3b891
dummy funtion decls
2002-09-26 13:06:25 +00:00
itojun
d24389cf67
MDC2 is a patented algorithm; don't ship it in default libcrypto.
...
MKCRYPTO_MDC2 will build a separate library, libcrypto_mdc2.
2002-09-26 13:05:54 +00:00
thorpej
93b1f286b7
Add (commented out) CPP flags for making DES faster on StrongARM
...
and XScale systems.
2002-09-20 23:59:40 +00:00
itojun
50d422c24f
e_os.h is not part of exported openssl interface, so don't install it into
...
/usr/include/openssl (e_os.h has an explicit comment about it). it obviously
is a bug in openssl 0.9.6 Makefile.
based on openssl 0.9.7 snapshot.
2002-08-31 10:46:36 +00:00
jdarrow
48ee0561fe
Belatedly bump libdes shared library major number, due to bump of
...
libcrypto shared major when we moved from OpenSSL 0.9.5 to 0.9.6.
Add note to libcrypto shlib_version file to remind people to also
update libdes shlib_version.
2002-08-20 13:49:55 +00:00
lukem
91d06a031b
More use of ${NETBSDSRCDIR}/some/path instead of ${.CURDIR}/../../some/path
2002-08-19 13:35:05 +00:00
lukem
ebb6fc9eb8
Use ${NETBSDSRCDIR}/some/path instead of ${.CURDIR}/../../some/path (etc).
...
(Reduces make output by ~ 20%)
2002-08-19 09:41:27 +00:00
itojun
6043eb4818
regen manpages
2002-08-09 16:15:36 +00:00
itojun
182c0b6e08
sync with 0.9.6f. prevents DoS attack and regen of manpages.
2002-08-08 23:47:34 +00:00
itojun
151d7bb9f3
regen openssl manpage from 0.9.6e source.
2002-07-31 01:45:20 +00:00
thorpej
c029cf4e92
Remove -nostdinc from CPPFLAGS. That should only be used when
...
bsd.lib.mk wants it to be used.
2002-06-26 16:58:09 +00:00
thorpej
8893ba2f3c
Back out rev 1.20.
2002-06-26 16:30:46 +00:00
veego
d7a9005d0f
Back out rev 1.18:
...
Remove -I${DESTDIR}/usr/include since it's redundant.
It may be redundant in some environments, but not in all.
2002-06-26 15:21:50 +00:00
thorpej
24e460d382
If any of __pentiumpro__, __tune_pentiumpro__, or __tune_i686__ are
...
defined, use bf_enc_686.S, else bf_enc_586.S.
2002-06-16 18:35:02 +00:00
thorpej
d8a2597f4b
* Don't put the pathname to the host-tool compiler into the library.
...
Instead, inject the compiler version info from ${CC} -v.
* Don't put the date into the library. Instead, inject the OS version
info.
2002-06-16 17:57:29 +00:00
matt
1ece0e0c9a
Remove -I${DESTDIR}/usr/include since it's redundant.
2002-06-15 02:01:23 +00:00
bjh21
0de3f91b56
Don't try to put the host's /usr/include on the target compiler's include path.
...
This causes Bad Things to happen. Instead, use the target's /usr/include.
2002-06-11 22:55:34 +00:00
itojun
7c75b5ec2f
sync with 0.9.6d. shlib minor for libssl and libcrypto
...
is cranked for additional functions.
2002-06-09 16:12:52 +00:00
itojun
d79e894958
use weak_alias to make libcrypto_{idea,rc5} actually useful.
2002-06-09 02:14:30 +00:00
wiz
56b4d2cb0c
Move code that tries to determine shlib major into MKPIC != "no" case.
2002-05-02 16:24:24 +00:00
lukem
b7ca7acccf
Don't hard link to symlinks, as it's not portable.
...
Based on [toolchain/14119] from Chris G. Demetriou.
2002-02-26 00:57:12 +00:00
mycroft
a3c74e7653
Actually remove this cruft until it's fixed.
...
With des_enc.S present, it was getting caught by suffix rules when there was no
.depend file.
2002-02-12 21:45:37 +00:00