Include rand.h, so RAND_status() and friends get properly declared.

make RSA blinding thread-safe

make sure RSA blinding works when the PRNG is not properly seeded;
enable it automatically for the built-in engine

Add the possibility to build without the ENGINE framework.
PR: 287

Make {RSA,DSA,DH}_new_method obtain and release an ENGINE
functional reference in all cases.

Fiddling.

This commits changes to various parts of libcrypto required by the recent
ENGINE surgery. DH, DSA, RAND, and RSA now use *both* "method" and ENGINE
pointers to manage their hooking with ENGIN

This commits changes to various parts of libcrypto required by the recent
ENGINE surgery. DH, DSA, RAND, and RSA now use *both* "method" and ENGINE
pointers to manage their hooking with ENGINE. Previously their use of
"method" pointers was replaced by use of ENGINE references. See
crypto/engine/README for details.

Also, remove the ENGINE iterations from evp_test - even when the
cipher/digest code is committed in, this functionality would require a
different set of API calls.

show more ...

Rename recently introduced functions for improved code clarity:
[DR]SA_up => [DR]SA_up_ref

Make the necessary changes to work with the recent "ex_data" overhaul.
See the commit log message for that for more information.

NB: X509_STORE_CTX's use of "ex_data" support was actuall

Make the necessary changes to work with the recent "ex_data" overhaul.
See the commit log message for that for more information.

NB: X509_STORE_CTX's use of "ex_data" support was actually misimplemented
(initialisation by "memset" won't/can't/doesn't work). This fixes that but
requires that X509_STORE_CTX_init() be able to handle errors - so its
prototype has been changed to return 'int' rather than 'void'. All uses of
that function throughout the source code have been tracked down and
adjusted.

show more ...

Give DH, DSA, and RSA functions to "up" their reference counts. Otherwise,
dependant code has to directly increment the "references" value of each
such structure using the corresponding lock.

Give DH, DSA, and RSA functions to "up" their reference counts. Otherwise,
dependant code has to directly increment the "references" value of each
such structure using the corresponding lock. Apart from code duplication,
this provided no "REF_CHECK/REF_PRINT" checking and violated
encapsulation.

show more ...

The indexes returned by ***_get_ex_new_index() functions are used when
setting stack (actually, array) values in ex_data. So only increment the
global counters if the underlying CRYPTO_get_ex

The indexes returned by ***_get_ex_new_index() functions are used when
setting stack (actually, array) values in ex_data. So only increment the
global counters if the underlying CRYPTO_get_ex_new_index() call succeeds.
This change doesn't make "ex_data" right (see the comment at the head of
ex_data.c to know why), but at least makes the source code marginally less
frustrating.

show more ...

In {RSA,DSA,DH}_new_method(x) need to increase the reference
count of the ENGINE is x is not NULL since it will be freed
in {RSA,DSA,DH}_free().

In RSA, DSA, DH, and RAND - if the "***_new()" function fails because the
ENGINE code does not return a default, set an error.

Use BN_rand_range().

Ensure that the "ex_data" member of an RSA structure is initialised before
the RSA_METHOD's "init()" handler is called, and is cleaned up after the
RSA_METHOD's "finish()" handler is called.

Ensure that the "ex_data" member of an RSA structure is initialised before
the RSA_METHOD's "init()" handler is called, and is cleaned up after the
RSA_METHOD's "finish()" handler is called. Custom RSA_METHODs may wish to
initialise contexts and other specifics in the RSA structure upon creation
and that was previously not possible - "ex_data" is where that stuff
should go and it was being initialised too late for it to be used.

show more ...

Really stupid glitch (a comment not properly ended) fixed.

Remove references to RSAref. The glue library is but a memory to fade
away now...

Constify the RSA library.

Merge the engine branch into the main trunk. All conflicts resolved.
At the same time, add VMS support for Rijndael.

There have been a number of complaints from a number of sources that names
like Malloc, Realloc and especially Free conflict with already existing names
on some operating systems or other pac

There have been a number of complaints from a number of sources that names
like Malloc, Realloc and especially Free conflict with already existing names
on some operating systems or other packages. That is reason enough to change
the names of the OpenSSL memory allocation macros to something that has a
better chance of being unique, like prepending them with OPENSSL_.

This change includes all the name changes needed throughout all C files.

show more ...

Previously, the default RSA_METHOD was NULL until the first RSA structure was
initialised, at which point an appropriate default was chosen. This meant a
call to RSA_get_default_method might

Previously, the default RSA_METHOD was NULL until the first RSA structure was
initialised, at which point an appropriate default was chosen. This meant a
call to RSA_get_default_method might have returned FALSE.

This change fixes that; now any called to RSA_new(), RSA_new_method(NULL), or
RSA_get_default_method() will ensure that a default is chosen if it wasn't
already.

show more ...

New functions BN_CTX_start(), BN_CTX_get(), BN_CTX_end() to access
temporary BIGNUMs. BN_CTX still uses a fixed number of BIGNUMs, but
the BN_CTX implementation could now easily be changed.

Tidy up CRYPTO_EX_DATA structures.

Oops... forgot the other RSA_NULL patches...

New functions to allow RSA_METHODs to be changed without poking round in
RSA structure internals.