diff options
| author | tb <> | 2023-07-22 18:32:05 +0000 |
|---|---|---|
| committer | tb <> | 2023-07-22 18:32:05 +0000 |
| commit | 2b1933408aa0e5cad4486c6862c788a70c48670e (patch) | |
| tree | 23b647d507fee13df5656ab54ae6c84c29cbbddf /src/lib | |
| parent | 4244536f1a2e55a7e32d35ed15ac7a8fe4989fd5 (diff) | |
| download | openbsd-2b1933408aa0e5cad4486c6862c788a70c48670e.tar.gz openbsd-2b1933408aa0e5cad4486c6862c788a70c48670e.tar.bz2 openbsd-2b1933408aa0e5cad4486c6862c788a70c48670e.zip | |
Rewrite obj_xref.c
Instead of having two unreadable tables placed in a header generated by a
janky perl script from an ugly text file, use a single table inlined in
the C file. This table is used to translate between signature algorithm
OIDs and pairs of OIDs of a message digest and a cipher. The table has
fewer than fifty entries and isn't used in a hot path. Using binary search
is overkill. Just do two linear searches, one for each translation. None
of the original code remains apart from the API.
ok jsing
Diffstat (limited to 'src/lib')
| -rw-r--r-- | src/lib/libcrypto/objects/obj_xref.c | 416 | ||||
| -rw-r--r-- | src/lib/libcrypto/objects/obj_xref.h | 115 | ||||
| -rw-r--r-- | src/lib/libcrypto/objects/obj_xref.txt | 68 | ||||
| -rw-r--r-- | src/lib/libcrypto/objects/objxref.pl | 111 |
4 files changed, 291 insertions, 419 deletions
diff --git a/src/lib/libcrypto/objects/obj_xref.c b/src/lib/libcrypto/objects/obj_xref.c index ac1459c123..7cd3141d14 100644 --- a/src/lib/libcrypto/objects/obj_xref.c +++ b/src/lib/libcrypto/objects/obj_xref.c | |||
| @@ -1,147 +1,313 @@ | |||
| 1 | /* $OpenBSD: obj_xref.c,v 1.10 2023/07/22 18:12:09 tb Exp $ */ | 1 | /* $OpenBSD: obj_xref.c,v 1.11 2023/07/22 18:32:05 tb Exp $ */ |
| 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL | 2 | |
| 3 | * project 2006. | 3 | /* |
| 4 | */ | 4 | * Copyright (c) 2023 Theo Buehler <tb@openbsd.org> |
| 5 | /* ==================================================================== | ||
| 6 | * Copyright (c) 2006 The OpenSSL Project. All rights reserved. | ||
| 7 | * | ||
| 8 | * Redistribution and use in source and binary forms, with or without | ||
| 9 | * modification, are permitted provided that the following conditions | ||
| 10 | * are met: | ||
| 11 | * | ||
| 12 | * 1. Redistributions of source code must retain the above copyright | ||
| 13 | * notice, this list of conditions and the following disclaimer. | ||
| 14 | * | ||
| 15 | * 2. Redistributions in binary form must reproduce the above copyright | ||
| 16 | * notice, this list of conditions and the following disclaimer in | ||
| 17 | * the documentation and/or other materials provided with the | ||
| 18 | * distribution. | ||
| 19 | * | ||
| 20 | * 3. All advertising materials mentioning features or use of this | ||
| 21 | * software must display the following acknowledgment: | ||
| 22 | * "This product includes software developed by the OpenSSL Project | ||
| 23 | * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" | ||
| 24 | * | ||
| 25 | * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to | ||
| 26 | * endorse or promote products derived from this software without | ||
| 27 | * prior written permission. For written permission, please contact | ||
| 28 | * licensing@OpenSSL.org. | ||
| 29 | * | ||
| 30 | * 5. Products derived from this software may not be called "OpenSSL" | ||
| 31 | * nor may "OpenSSL" appear in their names without prior written | ||
| 32 | * permission of the OpenSSL Project. | ||
| 33 | * | ||
| 34 | * 6. Redistributions of any form whatsoever must retain the following | ||
| 35 | * acknowledgment: | ||
| 36 | * "This product includes software developed by the OpenSSL Project | ||
| 37 | * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" | ||
| 38 | * | ||
| 39 | * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY | ||
| 40 | * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
| 41 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR | ||
| 42 | * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR | ||
| 43 | * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, | ||
| 44 | * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | ||
| 45 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | ||
| 46 | * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
| 47 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, | ||
| 48 | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) | ||
| 49 | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED | ||
| 50 | * OF THE POSSIBILITY OF SUCH DAMAGE. | ||
| 51 | * ==================================================================== | ||
| 52 | * | 5 | * |
| 53 | * This product includes cryptographic software written by Eric Young | 6 | * Permission to use, copy, modify, and distribute this software for any |
| 54 | * (eay@cryptsoft.com). This product includes software written by Tim | 7 | * purpose with or without fee is hereby granted, provided that the above |
| 55 | * Hudson (tjh@cryptsoft.com). | 8 | * copyright notice and this permission notice appear in all copies. |
| 56 | * | 9 | * |
| 10 | * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES | ||
| 11 | * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF | ||
| 12 | * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR | ||
| 13 | * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES | ||
| 14 | * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN | ||
| 15 | * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF | ||
| 16 | * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. | ||
| 57 | */ | 17 | */ |
| 58 | 18 | ||
| 59 | #include <openssl/objects.h> | 19 | #include <openssl/objects.h> |
| 60 | #include "obj_xref.h" | ||
| 61 | 20 | ||
| 62 | DECLARE_STACK_OF(nid_triple) | 21 | /* |
| 63 | 22 | * Map between signature nids and pairs of (hash, pkey) nids. If the hash nid | |
| 64 | static int | 23 | * is NID_undef, this indicates to ASN1_item_{sign,verify}() that the pkey's |
| 65 | sig_cmp(const nid_triple *a, const nid_triple *b) | 24 | * ASN.1 method needs to handle algorithm identifiers and part of the message |
| 66 | { | 25 | * digest. |
| 67 | return a->sign_id - b->sign_id; | 26 | */ |
| 68 | } | ||
| 69 | 27 | ||
| 70 | static int | 28 | static const struct { |
| 71 | sig_cmp_BSEARCH_CMP_FN(const void *a_, const void *b_) | 29 | int sign_nid; |
| 72 | { | 30 | int hash_nid; |
| 73 | nid_triple const *a = a_; | 31 | int pkey_nid; |
| 74 | nid_triple const *b = b_; | 32 | } nid_triple[] = { |
| 75 | return sig_cmp(a, b); | 33 | { |
| 76 | } | 34 | .sign_nid = NID_md2WithRSAEncryption, |
| 35 | .hash_nid = NID_md2, | ||
| 36 | .pkey_nid = NID_rsaEncryption, | ||
| 37 | }, | ||
| 38 | { | ||
| 39 | .sign_nid = NID_md5WithRSAEncryption, | ||
| 40 | .hash_nid = NID_md5, | ||
| 41 | .pkey_nid = NID_rsaEncryption, | ||
| 42 | }, | ||
| 43 | { | ||
| 44 | .sign_nid = NID_shaWithRSAEncryption, | ||
| 45 | .hash_nid = NID_sha, | ||
| 46 | .pkey_nid = NID_rsaEncryption, | ||
| 47 | }, | ||
| 48 | { | ||
| 49 | .sign_nid = NID_sha1WithRSAEncryption, | ||
| 50 | .hash_nid = NID_sha1, | ||
| 51 | .pkey_nid = NID_rsaEncryption, | ||
| 52 | }, | ||
| 53 | { | ||
| 54 | .sign_nid = NID_dsaWithSHA, | ||
| 55 | .hash_nid = NID_sha, | ||
| 56 | .pkey_nid = NID_dsa, | ||
| 57 | }, | ||
| 58 | { | ||
| 59 | .sign_nid = NID_dsaWithSHA1_2, | ||
| 60 | .hash_nid = NID_sha1, | ||
| 61 | .pkey_nid = NID_dsa_2, | ||
| 62 | }, | ||
| 63 | { | ||
| 64 | .sign_nid = NID_mdc2WithRSA, | ||
| 65 | .hash_nid = NID_mdc2, | ||
| 66 | .pkey_nid = NID_rsaEncryption, | ||
| 67 | }, | ||
| 68 | { | ||
| 69 | .sign_nid = NID_md5WithRSA, | ||
| 70 | .hash_nid = NID_md5, | ||
| 71 | .pkey_nid = NID_rsa, | ||
| 72 | }, | ||
| 73 | { | ||
| 74 | .sign_nid = NID_dsaWithSHA1, | ||
| 75 | .hash_nid = NID_sha1, | ||
| 76 | .pkey_nid = NID_dsa, | ||
| 77 | }, | ||
| 78 | { | ||
| 79 | .sign_nid = NID_sha1WithRSA, | ||
| 80 | .hash_nid = NID_sha1, | ||
| 81 | .pkey_nid = NID_rsa, | ||
| 82 | }, | ||
| 83 | { | ||
| 84 | .sign_nid = NID_ripemd160WithRSA, | ||
| 85 | .hash_nid = NID_ripemd160, | ||
| 86 | .pkey_nid = NID_rsaEncryption, | ||
| 87 | }, | ||
| 88 | { | ||
| 89 | .sign_nid = NID_md4WithRSAEncryption, | ||
| 90 | .hash_nid = NID_md4, | ||
| 91 | .pkey_nid = NID_rsaEncryption, | ||
| 92 | }, | ||
| 93 | { | ||
| 94 | .sign_nid = NID_ecdsa_with_SHA1, | ||
| 95 | .hash_nid = NID_sha1, | ||
| 96 | .pkey_nid = NID_X9_62_id_ecPublicKey, | ||
| 97 | }, | ||
| 98 | { | ||
| 99 | .sign_nid = NID_sha256WithRSAEncryption, | ||
| 100 | .hash_nid = NID_sha256, | ||
| 101 | .pkey_nid = NID_rsaEncryption, | ||
| 102 | }, | ||
| 103 | { | ||
| 104 | .sign_nid = NID_sha384WithRSAEncryption, | ||
| 105 | .hash_nid = NID_sha384, | ||
| 106 | .pkey_nid = NID_rsaEncryption, | ||
| 107 | }, | ||
| 108 | { | ||
| 109 | .sign_nid = NID_sha512WithRSAEncryption, | ||
| 110 | .hash_nid = NID_sha512, | ||
| 111 | .pkey_nid = NID_rsaEncryption, | ||
| 112 | }, | ||
| 113 | { | ||
| 114 | .sign_nid = NID_sha224WithRSAEncryption, | ||
| 115 | .hash_nid = NID_sha224, | ||
| 116 | .pkey_nid = NID_rsaEncryption, | ||
| 117 | }, | ||
| 118 | { | ||
| 119 | .sign_nid = NID_ecdsa_with_Recommended, | ||
| 120 | .hash_nid = NID_undef, | ||
| 121 | .pkey_nid = NID_X9_62_id_ecPublicKey, | ||
| 122 | }, | ||
| 123 | { | ||
| 124 | .sign_nid = NID_ecdsa_with_Specified, | ||
| 125 | .hash_nid = NID_undef, | ||
| 126 | .pkey_nid = NID_X9_62_id_ecPublicKey, | ||
| 127 | }, | ||
| 128 | { | ||
| 129 | .sign_nid = NID_ecdsa_with_SHA224, | ||
| 130 | .hash_nid = NID_sha224, | ||
| 131 | .pkey_nid = NID_X9_62_id_ecPublicKey, | ||
| 132 | }, | ||
| 133 | { | ||
| 134 | .sign_nid = NID_ecdsa_with_SHA256, | ||
| 135 | .hash_nid = NID_sha256, | ||
| 136 | .pkey_nid = NID_X9_62_id_ecPublicKey, | ||
| 137 | }, | ||
| 138 | { | ||
| 139 | .sign_nid = NID_ecdsa_with_SHA384, | ||
| 140 | .hash_nid = NID_sha384, | ||
| 141 | .pkey_nid = NID_X9_62_id_ecPublicKey, | ||
| 142 | }, | ||
| 143 | { | ||
| 144 | .sign_nid = NID_ecdsa_with_SHA512, | ||
| 145 | .hash_nid = NID_sha512, | ||
| 146 | .pkey_nid = NID_X9_62_id_ecPublicKey, | ||
| 147 | }, | ||
| 148 | { | ||
| 149 | .sign_nid = NID_dsa_with_SHA224, | ||
| 150 | .hash_nid = NID_sha224, | ||
| 151 | .pkey_nid = NID_dsa, | ||
| 152 | }, | ||
| 153 | { | ||
| 154 | .sign_nid = NID_dsa_with_SHA256, | ||
| 155 | .hash_nid = NID_sha256, | ||
| 156 | .pkey_nid = NID_dsa, | ||
| 157 | }, | ||
| 158 | { | ||
| 159 | .sign_nid = NID_id_GostR3411_94_with_GostR3410_2001, | ||
| 160 | .hash_nid = NID_id_GostR3411_94, | ||
| 161 | .pkey_nid = NID_id_GostR3410_2001, | ||
| 162 | }, | ||
| 163 | { | ||
| 164 | .sign_nid = NID_id_GostR3411_94_with_GostR3410_94, | ||
| 165 | .hash_nid = NID_id_GostR3411_94, | ||
| 166 | .pkey_nid = NID_id_GostR3410_94, | ||
| 167 | }, | ||
| 168 | { | ||
| 169 | .sign_nid = NID_id_GostR3411_94_with_GostR3410_94_cc, | ||
| 170 | .hash_nid = NID_id_GostR3411_94, | ||
| 171 | .pkey_nid = NID_id_GostR3410_94_cc, | ||
| 172 | }, | ||
| 173 | { | ||
| 174 | .sign_nid = NID_id_GostR3411_94_with_GostR3410_2001_cc, | ||
| 175 | .hash_nid = NID_id_GostR3411_94, | ||
| 176 | .pkey_nid = NID_id_GostR3410_2001_cc, | ||
| 177 | }, | ||
| 178 | { | ||
| 179 | .sign_nid = NID_rsassaPss, | ||
| 180 | .hash_nid = NID_undef, | ||
| 181 | .pkey_nid = NID_rsaEncryption, | ||
| 182 | }, | ||
| 183 | { | ||
| 184 | .sign_nid = NID_id_tc26_signwithdigest_gost3410_2012_256, | ||
| 185 | .hash_nid = NID_id_tc26_gost3411_2012_256, | ||
| 186 | .pkey_nid = NID_id_GostR3410_2001, | ||
| 187 | }, | ||
| 188 | { | ||
| 189 | .sign_nid = NID_id_tc26_signwithdigest_gost3410_2012_512, | ||
| 190 | .hash_nid = NID_id_tc26_gost3411_2012_512, | ||
| 191 | .pkey_nid = NID_id_GostR3410_2001, | ||
| 192 | }, | ||
| 193 | { | ||
| 194 | .sign_nid = NID_Ed25519, | ||
| 195 | .hash_nid = NID_undef, | ||
| 196 | .pkey_nid = NID_Ed25519, | ||
| 197 | }, | ||
| 198 | { | ||
| 199 | .sign_nid = NID_dhSinglePass_stdDH_sha1kdf_scheme, | ||
| 200 | .hash_nid = NID_sha1, | ||
| 201 | .pkey_nid = NID_dh_std_kdf, | ||
| 202 | }, | ||
| 203 | { | ||
| 204 | .sign_nid = NID_dhSinglePass_stdDH_sha224kdf_scheme, | ||
| 205 | .hash_nid = NID_sha224, | ||
| 206 | .pkey_nid = NID_dh_std_kdf, | ||
| 207 | }, | ||
| 208 | { | ||
| 209 | .sign_nid = NID_dhSinglePass_stdDH_sha256kdf_scheme, | ||
| 210 | .hash_nid = NID_sha256, | ||
| 211 | .pkey_nid = NID_dh_std_kdf, | ||
| 212 | }, | ||
| 213 | { | ||
| 214 | .sign_nid = NID_dhSinglePass_stdDH_sha384kdf_scheme, | ||
| 215 | .hash_nid = NID_sha384, | ||
| 216 | .pkey_nid = NID_dh_std_kdf, | ||
| 217 | }, | ||
| 218 | { | ||
| 219 | .sign_nid = NID_dhSinglePass_stdDH_sha512kdf_scheme, | ||
| 220 | .hash_nid = NID_sha512, | ||
| 221 | .pkey_nid = NID_dh_std_kdf, | ||
| 222 | }, | ||
| 223 | { | ||
| 224 | .sign_nid = NID_dhSinglePass_cofactorDH_sha1kdf_scheme, | ||
| 225 | .hash_nid = NID_sha1, | ||
| 226 | .pkey_nid = NID_dh_cofactor_kdf, | ||
| 227 | }, | ||
| 228 | { | ||
| 229 | .sign_nid = NID_dhSinglePass_cofactorDH_sha224kdf_scheme, | ||
| 230 | .hash_nid = NID_sha224, | ||
| 231 | .pkey_nid = NID_dh_cofactor_kdf, | ||
| 232 | }, | ||
| 233 | { | ||
| 234 | .sign_nid = NID_dhSinglePass_cofactorDH_sha256kdf_scheme, | ||
| 235 | .hash_nid = NID_sha256, | ||
| 236 | .pkey_nid = NID_dh_cofactor_kdf, | ||
| 237 | }, | ||
| 238 | { | ||
| 239 | .sign_nid = NID_dhSinglePass_cofactorDH_sha384kdf_scheme, | ||
| 240 | .hash_nid = NID_sha384, | ||
| 241 | .pkey_nid = NID_dh_cofactor_kdf, | ||
| 242 | }, | ||
| 243 | { | ||
| 244 | .sign_nid = NID_dhSinglePass_cofactorDH_sha512kdf_scheme, | ||
| 245 | .hash_nid = NID_sha512, | ||
| 246 | .pkey_nid = NID_dh_cofactor_kdf, | ||
| 247 | }, | ||
| 248 | { | ||
| 249 | .sign_nid = NID_RSA_SHA3_224, | ||
| 250 | .hash_nid = NID_sha3_224, | ||
| 251 | .pkey_nid = NID_rsaEncryption, | ||
| 252 | }, | ||
| 253 | { | ||
| 254 | .sign_nid = NID_RSA_SHA3_256, | ||
| 255 | .hash_nid = NID_sha3_256, | ||
| 256 | .pkey_nid = NID_rsaEncryption, | ||
| 257 | }, | ||
| 258 | { | ||
| 259 | .sign_nid = NID_RSA_SHA3_384, | ||
| 260 | .hash_nid = NID_sha3_384, | ||
| 261 | .pkey_nid = NID_rsaEncryption, | ||
| 262 | }, | ||
| 263 | { | ||
| 264 | .sign_nid = NID_RSA_SHA3_512, | ||
| 265 | .hash_nid = NID_sha3_512, | ||
| 266 | .pkey_nid = NID_rsaEncryption, | ||
| 267 | }, | ||
| 268 | }; | ||
| 77 | 269 | ||
| 78 | static const nid_triple * | 270 | #define N_NID_TRIPLES (sizeof(nid_triple) / sizeof(nid_triple[0])) |
| 79 | OBJ_bsearch_sig(nid_triple *key, nid_triple const *base, int num) | ||
| 80 | { | ||
| 81 | return OBJ_bsearch_(key, base, num, sizeof(nid_triple), | ||
| 82 | sig_cmp_BSEARCH_CMP_FN); | ||
| 83 | } | ||
| 84 | 271 | ||
| 85 | static int | 272 | int |
| 86 | sigx_cmp(const nid_triple * const *a, const nid_triple * const *b) | 273 | OBJ_find_sigid_algs(int sign_nid, int *hash_nid, int *pkey_nid) |
| 87 | { | 274 | { |
| 88 | int ret; | 275 | size_t i; |
| 89 | 276 | ||
| 90 | ret = (*a)->hash_id - (*b)->hash_id; | 277 | for (i = 0; i < N_NID_TRIPLES; i++) { |
| 91 | if (ret) | 278 | if (sign_nid != nid_triple[i].sign_nid) |
| 92 | return ret; | 279 | continue; |
| 93 | return (*a)->pkey_id - (*b)->pkey_id; | ||
| 94 | } | ||
| 95 | 280 | ||
| 96 | static int | 281 | if (hash_nid != NULL) |
| 97 | sigx_cmp_BSEARCH_CMP_FN(const void *a_, const void *b_) | 282 | *hash_nid = nid_triple[i].hash_nid; |
| 98 | { | 283 | if (pkey_nid != NULL) |
| 99 | const nid_triple * const *a = a_; | 284 | *pkey_nid = nid_triple[i].pkey_nid; |
| 100 | const nid_triple * const *b = b_; | ||
| 101 | return sigx_cmp(a, b); | ||
| 102 | } | ||
| 103 | 285 | ||
| 104 | static const nid_triple * const* | 286 | return 1; |
| 105 | OBJ_bsearch_sigx(const nid_triple * *key, const nid_triple * const *base, int num) | 287 | } |
| 106 | { | ||
| 107 | return OBJ_bsearch_(key, base, num, sizeof(const nid_triple *), | ||
| 108 | sigx_cmp_BSEARCH_CMP_FN); | ||
| 109 | } | ||
| 110 | 288 | ||
| 111 | int | 289 | return 0; |
| 112 | OBJ_find_sigid_algs(int signid, int *pdig_nid, int *ppkey_nid) | ||
| 113 | { | ||
| 114 | nid_triple tmp; | ||
| 115 | const nid_triple *rv = NULL; | ||
| 116 | tmp.sign_id = signid; | ||
| 117 | |||
| 118 | if ((rv = OBJ_bsearch_sig(&tmp, sigoid_srt, | ||
| 119 | sizeof(sigoid_srt) / sizeof(nid_triple))) == NULL) | ||
| 120 | return 0; | ||
| 121 | if (pdig_nid) | ||
| 122 | *pdig_nid = rv->hash_id; | ||
| 123 | if (ppkey_nid) | ||
| 124 | *ppkey_nid = rv->pkey_id; | ||
| 125 | return 1; | ||
| 126 | } | 290 | } |
| 127 | LCRYPTO_ALIAS(OBJ_find_sigid_algs); | 291 | LCRYPTO_ALIAS(OBJ_find_sigid_algs); |
| 128 | 292 | ||
| 129 | int | 293 | int |
| 130 | OBJ_find_sigid_by_algs(int *psignid, int dig_nid, int pkey_nid) | 294 | OBJ_find_sigid_by_algs(int *sign_nid, int hash_nid, int pkey_nid) |
| 131 | { | 295 | { |
| 132 | nid_triple tmp; | 296 | size_t i; |
| 133 | const nid_triple *t = &tmp; | 297 | |
| 134 | const nid_triple *const *rv; | 298 | for (i = 0; i < N_NID_TRIPLES; i++) { |
| 135 | 299 | if (hash_nid != nid_triple[i].hash_nid) | |
| 136 | tmp.hash_id = dig_nid; | 300 | continue; |
| 137 | tmp.pkey_id = pkey_nid; | 301 | if (pkey_nid != nid_triple[i].pkey_nid) |
| 138 | 302 | continue; | |
| 139 | if ((rv = OBJ_bsearch_sigx(&t, sigoid_srt_xref, | 303 | |
| 140 | sizeof(sigoid_srt_xref) / sizeof(nid_triple *))) == NULL) | 304 | if (sign_nid != NULL) |
| 141 | return 0; | 305 | *sign_nid = nid_triple[i].sign_nid; |
| 142 | if (psignid) | 306 | |
| 143 | *psignid = (*rv)->sign_id; | 307 | return 1; |
| 144 | return 1; | 308 | } |
| 309 | |||
| 310 | return 0; | ||
| 145 | } | 311 | } |
| 146 | LCRYPTO_ALIAS(OBJ_find_sigid_by_algs); | 312 | LCRYPTO_ALIAS(OBJ_find_sigid_by_algs); |
| 147 | 313 | ||
diff --git a/src/lib/libcrypto/objects/obj_xref.h b/src/lib/libcrypto/objects/obj_xref.h deleted file mode 100644 index bff8c68573..0000000000 --- a/src/lib/libcrypto/objects/obj_xref.h +++ /dev/null | |||
| @@ -1,115 +0,0 @@ | |||
| 1 | /* $OpenBSD: obj_xref.h,v 1.7 2023/06/15 17:58:27 tb Exp $ */ | ||
| 2 | /* AUTOGENERATED BY objxref.pl, DO NOT EDIT */ | ||
| 3 | |||
| 4 | __BEGIN_HIDDEN_DECLS | ||
| 5 | |||
| 6 | typedef struct | ||
| 7 | { | ||
| 8 | int sign_id; | ||
| 9 | int hash_id; | ||
| 10 | int pkey_id; | ||
| 11 | } nid_triple; | ||
| 12 | |||
| 13 | static const nid_triple sigoid_srt[] = | ||
| 14 | { | ||
| 15 | {NID_md2WithRSAEncryption, NID_md2, NID_rsaEncryption}, | ||
| 16 | {NID_md5WithRSAEncryption, NID_md5, NID_rsaEncryption}, | ||
| 17 | {NID_shaWithRSAEncryption, NID_sha, NID_rsaEncryption}, | ||
| 18 | {NID_sha1WithRSAEncryption, NID_sha1, NID_rsaEncryption}, | ||
| 19 | {NID_dsaWithSHA, NID_sha, NID_dsa}, | ||
| 20 | {NID_dsaWithSHA1_2, NID_sha1, NID_dsa_2}, | ||
| 21 | {NID_mdc2WithRSA, NID_mdc2, NID_rsaEncryption}, | ||
| 22 | {NID_md5WithRSA, NID_md5, NID_rsa}, | ||
| 23 | {NID_dsaWithSHA1, NID_sha1, NID_dsa}, | ||
| 24 | {NID_sha1WithRSA, NID_sha1, NID_rsa}, | ||
| 25 | {NID_ripemd160WithRSA, NID_ripemd160, NID_rsaEncryption}, | ||
| 26 | {NID_md4WithRSAEncryption, NID_md4, NID_rsaEncryption}, | ||
| 27 | {NID_ecdsa_with_SHA1, NID_sha1, NID_X9_62_id_ecPublicKey}, | ||
| 28 | {NID_sha256WithRSAEncryption, NID_sha256, NID_rsaEncryption}, | ||
| 29 | {NID_sha384WithRSAEncryption, NID_sha384, NID_rsaEncryption}, | ||
| 30 | {NID_sha512WithRSAEncryption, NID_sha512, NID_rsaEncryption}, | ||
| 31 | {NID_sha224WithRSAEncryption, NID_sha224, NID_rsaEncryption}, | ||
| 32 | {NID_ecdsa_with_Recommended, NID_undef, NID_X9_62_id_ecPublicKey}, | ||
| 33 | {NID_ecdsa_with_Specified, NID_undef, NID_X9_62_id_ecPublicKey}, | ||
| 34 | {NID_ecdsa_with_SHA224, NID_sha224, NID_X9_62_id_ecPublicKey}, | ||
| 35 | {NID_ecdsa_with_SHA256, NID_sha256, NID_X9_62_id_ecPublicKey}, | ||
| 36 | {NID_ecdsa_with_SHA384, NID_sha384, NID_X9_62_id_ecPublicKey}, | ||
| 37 | {NID_ecdsa_with_SHA512, NID_sha512, NID_X9_62_id_ecPublicKey}, | ||
| 38 | {NID_dsa_with_SHA224, NID_sha224, NID_dsa}, | ||
| 39 | {NID_dsa_with_SHA256, NID_sha256, NID_dsa}, | ||
| 40 | {NID_id_GostR3411_94_with_GostR3410_2001, NID_id_GostR3411_94, NID_id_GostR3410_2001}, | ||
| 41 | {NID_id_GostR3411_94_with_GostR3410_94, NID_id_GostR3411_94, NID_id_GostR3410_94}, | ||
| 42 | {NID_id_GostR3411_94_with_GostR3410_94_cc, NID_id_GostR3411_94, NID_id_GostR3410_94_cc}, | ||
| 43 | {NID_id_GostR3411_94_with_GostR3410_2001_cc, NID_id_GostR3411_94, NID_id_GostR3410_2001_cc}, | ||
| 44 | {NID_rsassaPss, NID_undef, NID_rsaEncryption}, | ||
| 45 | {NID_id_tc26_signwithdigest_gost3410_2012_256, NID_id_tc26_gost3411_2012_256, NID_id_GostR3410_2001}, | ||
| 46 | {NID_id_tc26_signwithdigest_gost3410_2012_512, NID_id_tc26_gost3411_2012_512, NID_id_GostR3410_2001}, | ||
| 47 | {NID_Ed25519, NID_undef, NID_Ed25519}, | ||
| 48 | {NID_dhSinglePass_stdDH_sha1kdf_scheme, NID_sha1, NID_dh_std_kdf}, | ||
| 49 | {NID_dhSinglePass_stdDH_sha224kdf_scheme, NID_sha224, NID_dh_std_kdf}, | ||
| 50 | {NID_dhSinglePass_stdDH_sha256kdf_scheme, NID_sha256, NID_dh_std_kdf}, | ||
| 51 | {NID_dhSinglePass_stdDH_sha384kdf_scheme, NID_sha384, NID_dh_std_kdf}, | ||
| 52 | {NID_dhSinglePass_stdDH_sha512kdf_scheme, NID_sha512, NID_dh_std_kdf}, | ||
| 53 | {NID_dhSinglePass_cofactorDH_sha1kdf_scheme, NID_sha1, NID_dh_cofactor_kdf}, | ||
| 54 | {NID_dhSinglePass_cofactorDH_sha224kdf_scheme, NID_sha224, NID_dh_cofactor_kdf}, | ||
| 55 | {NID_dhSinglePass_cofactorDH_sha256kdf_scheme, NID_sha256, NID_dh_cofactor_kdf}, | ||
| 56 | {NID_dhSinglePass_cofactorDH_sha384kdf_scheme, NID_sha384, NID_dh_cofactor_kdf}, | ||
| 57 | {NID_dhSinglePass_cofactorDH_sha512kdf_scheme, NID_sha512, NID_dh_cofactor_kdf}, | ||
| 58 | {NID_RSA_SHA3_224, NID_sha3_224, NID_rsaEncryption}, | ||
| 59 | {NID_RSA_SHA3_256, NID_sha3_256, NID_rsaEncryption}, | ||
| 60 | {NID_RSA_SHA3_384, NID_sha3_384, NID_rsaEncryption}, | ||
| 61 | {NID_RSA_SHA3_512, NID_sha3_512, NID_rsaEncryption}, | ||
| 62 | }; | ||
| 63 | |||
| 64 | static const nid_triple * const sigoid_srt_xref[] = | ||
| 65 | { | ||
| 66 | &sigoid_srt[29], | ||
| 67 | &sigoid_srt[18], | ||
| 68 | &sigoid_srt[17], | ||
| 69 | &sigoid_srt[32], | ||
| 70 | &sigoid_srt[0], | ||
| 71 | &sigoid_srt[1], | ||
| 72 | &sigoid_srt[7], | ||
| 73 | &sigoid_srt[2], | ||
| 74 | &sigoid_srt[4], | ||
| 75 | &sigoid_srt[3], | ||
| 76 | &sigoid_srt[9], | ||
| 77 | &sigoid_srt[5], | ||
| 78 | &sigoid_srt[8], | ||
| 79 | &sigoid_srt[12], | ||
| 80 | &sigoid_srt[33], | ||
| 81 | &sigoid_srt[38], | ||
| 82 | &sigoid_srt[6], | ||
| 83 | &sigoid_srt[10], | ||
| 84 | &sigoid_srt[11], | ||
| 85 | &sigoid_srt[13], | ||
| 86 | &sigoid_srt[24], | ||
| 87 | &sigoid_srt[20], | ||
| 88 | &sigoid_srt[35], | ||
| 89 | &sigoid_srt[40], | ||
| 90 | &sigoid_srt[14], | ||
| 91 | &sigoid_srt[21], | ||
| 92 | &sigoid_srt[36], | ||
| 93 | &sigoid_srt[41], | ||
| 94 | &sigoid_srt[15], | ||
| 95 | &sigoid_srt[22], | ||
| 96 | &sigoid_srt[37], | ||
| 97 | &sigoid_srt[42], | ||
| 98 | &sigoid_srt[16], | ||
| 99 | &sigoid_srt[23], | ||
| 100 | &sigoid_srt[19], | ||
| 101 | &sigoid_srt[34], | ||
| 102 | &sigoid_srt[39], | ||
| 103 | &sigoid_srt[25], | ||
| 104 | &sigoid_srt[26], | ||
| 105 | &sigoid_srt[27], | ||
| 106 | &sigoid_srt[28], | ||
| 107 | &sigoid_srt[30], | ||
| 108 | &sigoid_srt[31], | ||
| 109 | &sigoid_srt[43], | ||
| 110 | &sigoid_srt[44], | ||
| 111 | &sigoid_srt[45], | ||
| 112 | &sigoid_srt[46], | ||
| 113 | }; | ||
| 114 | |||
| 115 | __END_HIDDEN_DECLS | ||
diff --git a/src/lib/libcrypto/objects/obj_xref.txt b/src/lib/libcrypto/objects/obj_xref.txt deleted file mode 100644 index 712b21a08e..0000000000 --- a/src/lib/libcrypto/objects/obj_xref.txt +++ /dev/null | |||
| @@ -1,68 +0,0 @@ | |||
| 1 | # OID cross reference table. | ||
| 2 | # Links signatures OIDs to their corresponding public key algorithms | ||
| 3 | # and digests. The digest "undef" indicates the public key's ASN.1 | ||
| 4 | # method should handle AlgorithmIdentifiers and (at least part of) the | ||
| 5 | # message digest explicitly. | ||
| 6 | |||
| 7 | md2WithRSAEncryption md2 rsaEncryption | ||
| 8 | md5WithRSAEncryption md5 rsaEncryption | ||
| 9 | shaWithRSAEncryption sha rsaEncryption | ||
| 10 | sha1WithRSAEncryption sha1 rsaEncryption | ||
| 11 | md4WithRSAEncryption md4 rsaEncryption | ||
| 12 | sha256WithRSAEncryption sha256 rsaEncryption | ||
| 13 | sha384WithRSAEncryption sha384 rsaEncryption | ||
| 14 | sha512WithRSAEncryption sha512 rsaEncryption | ||
| 15 | sha224WithRSAEncryption sha224 rsaEncryption | ||
| 16 | mdc2WithRSA mdc2 rsaEncryption | ||
| 17 | ripemd160WithRSA ripemd160 rsaEncryption | ||
| 18 | RSA_SHA3_224 sha3_224 rsaEncryption | ||
| 19 | RSA_SHA3_256 sha3_256 rsaEncryption | ||
| 20 | RSA_SHA3_384 sha3_384 rsaEncryption | ||
| 21 | RSA_SHA3_512 sha3_512 rsaEncryption | ||
| 22 | # For PSS the digest algorithm can vary and depends on the included | ||
| 23 | # AlgorithmIdentifier. | ||
| 24 | rsassaPss undef rsaEncryption | ||
| 25 | |||
| 26 | Ed25519 undef Ed25519 | ||
| 27 | |||
| 28 | # Alternative deprecated OIDs. By using the older "rsa" OID this | ||
| 29 | # type will be recognized by not normally used. | ||
| 30 | |||
| 31 | md5WithRSA md5 rsa | ||
| 32 | sha1WithRSA sha1 rsa | ||
| 33 | |||
| 34 | dsaWithSHA sha dsa | ||
| 35 | dsaWithSHA1 sha1 dsa | ||
| 36 | |||
| 37 | dsaWithSHA1_2 sha1 dsa_2 | ||
| 38 | |||
| 39 | ecdsa_with_SHA1 sha1 X9_62_id_ecPublicKey | ||
| 40 | ecdsa_with_SHA224 sha224 X9_62_id_ecPublicKey | ||
| 41 | ecdsa_with_SHA256 sha256 X9_62_id_ecPublicKey | ||
| 42 | ecdsa_with_SHA384 sha384 X9_62_id_ecPublicKey | ||
| 43 | ecdsa_with_SHA512 sha512 X9_62_id_ecPublicKey | ||
| 44 | ecdsa_with_Recommended undef X9_62_id_ecPublicKey | ||
| 45 | ecdsa_with_Specified undef X9_62_id_ecPublicKey | ||
| 46 | |||
| 47 | dsa_with_SHA224 sha224 dsa | ||
| 48 | dsa_with_SHA256 sha256 dsa | ||
| 49 | |||
| 50 | id_GostR3411_94_with_GostR3410_2001 id_GostR3411_94 id_GostR3410_2001 | ||
| 51 | id_GostR3411_94_with_GostR3410_94 id_GostR3411_94 id_GostR3410_94 | ||
| 52 | id_GostR3411_94_with_GostR3410_94_cc id_GostR3411_94 id_GostR3410_94_cc | ||
| 53 | id_GostR3411_94_with_GostR3410_2001_cc id_GostR3411_94 id_GostR3410_2001_cc | ||
| 54 | id_tc26_signwithdigest_gost3410_2012_256 id_tc26_gost3411_2012_256 id_GostR3410_2001 | ||
| 55 | id_tc26_signwithdigest_gost3410_2012_512 id_tc26_gost3411_2012_512 id_GostR3410_2001 | ||
| 56 | |||
| 57 | # ECDH KDFs and their corresponding message digests and schemes | ||
| 58 | dhSinglePass_stdDH_sha1kdf_scheme sha1 dh_std_kdf | ||
| 59 | dhSinglePass_stdDH_sha224kdf_scheme sha224 dh_std_kdf | ||
| 60 | dhSinglePass_stdDH_sha256kdf_scheme sha256 dh_std_kdf | ||
| 61 | dhSinglePass_stdDH_sha384kdf_scheme sha384 dh_std_kdf | ||
| 62 | dhSinglePass_stdDH_sha512kdf_scheme sha512 dh_std_kdf | ||
| 63 | |||
| 64 | dhSinglePass_cofactorDH_sha1kdf_scheme sha1 dh_cofactor_kdf | ||
| 65 | dhSinglePass_cofactorDH_sha224kdf_scheme sha224 dh_cofactor_kdf | ||
| 66 | dhSinglePass_cofactorDH_sha256kdf_scheme sha256 dh_cofactor_kdf | ||
| 67 | dhSinglePass_cofactorDH_sha384kdf_scheme sha384 dh_cofactor_kdf | ||
| 68 | dhSinglePass_cofactorDH_sha512kdf_scheme sha512 dh_cofactor_kdf | ||
diff --git a/src/lib/libcrypto/objects/objxref.pl b/src/lib/libcrypto/objects/objxref.pl deleted file mode 100644 index 8873c91ad9..0000000000 --- a/src/lib/libcrypto/objects/objxref.pl +++ /dev/null | |||
| @@ -1,111 +0,0 @@ | |||
| 1 | #!/usr/local/bin/perl | ||
| 2 | |||
| 3 | use strict; | ||
| 4 | |||
| 5 | my %xref_tbl; | ||
| 6 | my %oid_tbl; | ||
| 7 | |||
| 8 | my ($mac_file, $xref_file) = @ARGV; | ||
| 9 | |||
| 10 | open(IN, $mac_file) || die "Can't open $mac_file"; | ||
| 11 | |||
| 12 | # Read in OID nid values for a lookup table. | ||
| 13 | |||
| 14 | while (<IN>) | ||
| 15 | { | ||
| 16 | chomp; | ||
| 17 | my ($name, $num) = /^(\S+)\s+(\S+)$/; | ||
| 18 | $oid_tbl{$name} = $num; | ||
| 19 | } | ||
| 20 | close IN; | ||
| 21 | |||
| 22 | open(IN, $xref_file) || die "Can't open $xref_file"; | ||
| 23 | |||
| 24 | my $ln = 1; | ||
| 25 | |||
| 26 | while (<IN>) | ||
| 27 | { | ||
| 28 | chomp; | ||
| 29 | s/#.*$//; | ||
| 30 | next if (/^\S*$/); | ||
| 31 | my ($xr, $p1, $p2) = /^(\S+)\s+(\S+)\s+(\S+)/; | ||
| 32 | check_oid($xr); | ||
| 33 | check_oid($p1); | ||
| 34 | check_oid($p2); | ||
| 35 | $xref_tbl{$xr} = [$p1, $p2, $ln]; | ||
| 36 | } | ||
| 37 | |||
| 38 | my @xrkeys = keys %xref_tbl; | ||
| 39 | |||
| 40 | my @srt1 = sort { $oid_tbl{$a} <=> $oid_tbl{$b}} @xrkeys; | ||
| 41 | |||
| 42 | for(my $i = 0; $i <= $#srt1; $i++) | ||
| 43 | { | ||
| 44 | $xref_tbl{$srt1[$i]}[2] = $i; | ||
| 45 | } | ||
| 46 | |||
| 47 | my @srt2 = sort | ||
| 48 | { | ||
| 49 | my$ap1 = $oid_tbl{$xref_tbl{$a}[0]}; | ||
| 50 | my$bp1 = $oid_tbl{$xref_tbl{$b}[0]}; | ||
| 51 | return $ap1 - $bp1 if ($ap1 != $bp1); | ||
| 52 | my$ap2 = $oid_tbl{$xref_tbl{$a}[1]}; | ||
| 53 | my$bp2 = $oid_tbl{$xref_tbl{$b}[1]}; | ||
| 54 | |||
| 55 | return $ap2 - $bp2; | ||
| 56 | } @xrkeys; | ||
| 57 | |||
| 58 | my $pname = $0; | ||
| 59 | |||
| 60 | $pname =~ s|^.[^/]/||; | ||
| 61 | |||
| 62 | print <<EOF; | ||
| 63 | /* \$OpenBSD\$ */ | ||
| 64 | /* AUTOGENERATED BY $pname, DO NOT EDIT */ | ||
| 65 | |||
| 66 | __BEGIN_HIDDEN_DECLS | ||
| 67 | |||
| 68 | typedef struct | ||
| 69 | { | ||
| 70 | int sign_id; | ||
| 71 | int hash_id; | ||
| 72 | int pkey_id; | ||
| 73 | } nid_triple; | ||
| 74 | |||
| 75 | static const nid_triple sigoid_srt[] = | ||
| 76 | { | ||
| 77 | EOF | ||
| 78 | |||
| 79 | foreach (@srt1) | ||
| 80 | { | ||
| 81 | my $xr = $_; | ||
| 82 | my ($p1, $p2) = @{$xref_tbl{$_}}; | ||
| 83 | print "\t{NID_$xr, NID_$p1, NID_$p2},\n"; | ||
| 84 | } | ||
| 85 | |||
| 86 | print "\t};"; | ||
| 87 | print <<EOF; | ||
| 88 | |||
| 89 | |||
| 90 | static const nid_triple * const sigoid_srt_xref[] = | ||
| 91 | { | ||
| 92 | EOF | ||
| 93 | |||
| 94 | foreach (@srt2) | ||
| 95 | { | ||
| 96 | my $x = $xref_tbl{$_}[2]; | ||
| 97 | print "\t\&sigoid_srt\[$x\],\n"; | ||
| 98 | } | ||
| 99 | |||
| 100 | print "\t};\n\n"; | ||
| 101 | print "__END_HIDDEN_DECLS\n"; | ||
| 102 | |||
| 103 | sub check_oid | ||
| 104 | { | ||
| 105 | my ($chk) = @_; | ||
| 106 | if (!exists $oid_tbl{$chk}) | ||
| 107 | { | ||
| 108 | die "Not Found \"$chk\"\n"; | ||
| 109 | } | ||
| 110 | } | ||
| 111 | |||