Up to [local] / src / usr.sbin / acme-client
Request diff between arbitrary revisions
Default branch: MAIN
Revision 1.9 / (download) - annotate - [select for diffs], Thu May 9 06:08:11 2024 UTC (3 weeks, 2 days ago) by tb
Branch: MAIN
CVS Tags: HEAD
Changes since 1.8: +32 -35 lines
Diff to previous 1.8 (colored)
Align RSA and EC key generation with each other Being two different cryptographic primitives, it is clear that there must be some differences between RSA and EC keygen, but they don't have to be entirely different. We need to set the key type, RSA needs a bit size and ECDSA needs a curve. That's all the differences there need to be. Garbage collect a few useless elses and avoid two exit labels paths where one would do just fine. As another small bonus, this file no longer uses "deprecated API", so the portable fork can get rid of an ugly openssl 3 patch if they want to. ok florian
Revision 1.8 / (download) - annotate - [select for diffs], Tue Aug 29 14:44:53 2023 UTC (9 months ago) by op
Branch: MAIN
CVS Tags: OPENBSD_7_5_BASE,
OPENBSD_7_5,
OPENBSD_7_4_BASE,
OPENBSD_7_4
Changes since 1.7: +3 -10 lines
Diff to previous 1.7 (colored)
acme-client: drop ecdsa.h, fix spacing and a typo in error message While here drop EC_KEY_set_asn1_flag(OPENSSL_EC_NAMED_CURVE). EC_KEY_new_by_curve_name() ends up calling EC_GROUP_new() which already sets the OPENSSL_EC_NAMED_CURVE flag on the group. (suggested by tb@) ok tb@
Revision 1.7 / (download) - annotate - [select for diffs], Sun Dec 18 12:08:49 2022 UTC (17 months, 2 weeks ago) by tb
Branch: MAIN
CVS Tags: OPENBSD_7_3_BASE,
OPENBSD_7_3
Changes since 1.6: +2 -3 lines
Diff to previous 1.6 (colored)
acme-client: inline a confusing and useless define
Revision 1.6 / (download) - annotate - [select for diffs], Tue Feb 22 13:45:09 2022 UTC (2 years, 3 months ago) by tb
Branch: MAIN
CVS Tags: OPENBSD_7_2_BASE,
OPENBSD_7_2,
OPENBSD_7_1_BASE,
OPENBSD_7_1
Changes since 1.5: +2 -2 lines
Diff to previous 1.5 (colored)
Plug leak in ec_key_create() EVP_PKEY_set1_EC_KEY() bumps the refcount of eckey, so eckey won't be freed at the end of keyproc() or acctproc(), which means that secrets aren't wiped. Move EC_KEY_free() to the out label, so that the refcount is decremented or the key freed, as appropriate. tested/ok claudio
Revision 1.5 / (download) - annotate - [select for diffs], Tue Feb 22 12:38:30 2022 UTC (2 years, 3 months ago) by tb
Branch: MAIN
Changes since 1.4: +3 -3 lines
Diff to previous 1.4 (colored)
whitespace/KNF
Revision 1.4 / (download) - annotate - [select for diffs], Tue Feb 22 12:36:17 2022 UTC (2 years, 3 months ago) by tb
Branch: MAIN
Changes since 1.3: +2 -4 lines
Diff to previous 1.3 (colored)
acme-client: only warn on PEM_write_ECPrivateKey() failure instead of everytime ec_create_key() is called. From wolf at wolfsden dot cz ok florian
Revision 1.3 / (download) - annotate - [select for diffs], Thu Nov 18 17:26:43 2021 UTC (2 years, 6 months ago) by tb
Branch: MAIN
Changes since 1.2: +4 -3 lines
Diff to previous 1.2 (colored)
acme-client: use EVP_PKEY_base_id() In an upcoming libcrypto bump, EVP_PKEY will become opaque. In order to stop reaching inside EVP_PKEY, we must replace EVP_PKEY_type(pkey->type) with the equivalent EVP_PKEY_base_Id(pkey) in various places. ok florian
Revision 1.2 / (download) - annotate - [select for diffs], Mon Jun 17 15:41:59 2019 UTC (4 years, 11 months ago) by florian
Branch: MAIN
CVS Tags: OPENBSD_7_0_BASE,
OPENBSD_7_0,
OPENBSD_6_9_BASE,
OPENBSD_6_9,
OPENBSD_6_8_BASE,
OPENBSD_6_8,
OPENBSD_6_7_BASE,
OPENBSD_6_7,
OPENBSD_6_6_BASE,
OPENBSD_6_6
Changes since 1.1: +3 -6 lines
Diff to previous 1.1 (colored)
It's enough to allocate the EC key once. OK tb
Revision 1.1 / (download) - annotate - [select for diffs], Wed Jun 12 11:09:25 2019 UTC (4 years, 11 months ago) by gilles
Branch: MAIN
use acme-client to sign certificated with ecdsa keys diff from Renaud Allard <renaud@allard.it>, ok to get in from florian@