Fix a bug that might cause "OK" status codes to be interpreted as not
OK. This would only happen if the OK status included a value between 29
and 31 bits large.
Roll in some changes that got lost by Dropbox when doing work on
creation of new log keys.
Updates for clean compile on Ubuntu 18.04, including finishing upgrade
of OpenSSL to 1.1.0. Changes were surprisingly large. Bump the patch
number for ease of identification (this version also includes updates
for log creation service).
Update license date on all files. No functional changes.
Crypto changes to better support NULL encryption.
Fixes to prevent C++ compile errors for variables that are not
initialized and not used. This isn't a problem with C, and it's not a
bug, just an annoying C++-ism.
Add attempt to decode OpenSSL error codes and translate them to EP_STATs
so user error messages can be more detailed.
Update licenses to 2017.
Minor cleanup to avoid assuming values of what should be opaque types.
Update license. No code changes.
Include copyright in all files. There are scripts to do bulk
replacement of the copyright if desired.
A few more cleanups for EP crypto routines. Some of the cipher APIs
have been changed to be more consistent with the asymmetric APIs, but
mostly the changes are comments and improved error messages.
Add comments to ep_crypto_* routines.
Remove keytype parameter from most ep_crypto routines; it can be derived
from the type of the key in use.
Add the libep.crypto.key.compat.strict parameter to control the
"compatibility" of two crypto keys (whether they match each other versus
just of the same time). Setting this to false is mostly for debugging.
Add libep support for symmetric ciphers.
Change default EC curve to sect283r1 --- works with the ATECC108A chip
Change default EC curve to secp256r1 (NIST P-256, prime 256v1); had been
sec384r1. The new curve is supported by the Atmel ATECC108 chip.
Implement encryption of secret keys. Adds -e flag to gcl-create to
choose the algorithm. An algorithm of "none" disables encryption.
Implement ECDSA signing (and set it to be the default). This also
augments log-view to print the details of keys (and makes the print
routines available in the ep_crypto code).
Didn't quite finish the code changes prompted by the documentation
Check public/secret key compatibility; additional debugging (crypto and
Clean up gcl-create flags to allow more tuning. Also includes better
Include DSA support. Changes the semantics of gcl-create -k flag to
take an argument with the key algorithm ("rsa" or "dsa").
Signature checking working. No action taken on bad signature yet.
Still considerable cleanup left to be done.
Another signing snapshot: signatures are created and sent but not
checked. Metadata is returned when a GCL is opened. Still have a
problem with reference counting of GCL handles.