| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
|
| |
Engines are no longer a thing.
Discussed with tb@
|
| |
|
|
|
|
|
| |
That we are still calling this (NB without error check because heritage),
made coverity unhappy.
CID 471705
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
in particular s/inl/in_len/ and s/outl/out_len/ as suggested by tb@.
While here, also get rid of the "outm" placeholder that has been
around since the file was added to OpenSSL in 2000, replacing it
with the usual "out" in the four function prototypes affected; tb@
and myself suspect it was simply a typo followed by copy and paste.
Slightly improve variable naming in the examples, too, for clarity and
consistency, even though that doesn't turn the examples into good examples.
OK tb@
|
| |
|
|
|
| |
and describe EVP_CIPHER_CTX_init(3) in a less misleading way.
Joint work with and OK tb@.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
There is a bizarre EVP_CIPHER_CTX_cleanup() call in EVP_CipherInit()
leading to a subtle behavior difference with EVP_CipherInit_ex().
The history is that before EVP_CIPHER_CTX was made opaque, a context would
often live on the stack (hello, MariaDB) and the EVP_CIPHER_CTX_cleanup()
call was in fact an EVP_CIPHER_CTX_init() which just zeroes out the struct.
The problem with doing this is that on context reuse there could be data
hanging off it, causing leaks. Attempts were made to clean up things in
EVP_CipherFinal*(), but that broke applications reaching into the context
afterward, so they were removed again. Later on, opacity allowed changing
the _init() to a _cleanup() since EVP_CIPHER_CTX could no longer live on
the stack, so it would no longer contain garbage. I have to correct myself:
it would no longer contain stack garbage.
Now: EVP_CipherInit_ex() does some extra dances to preserve the AES key
wrap flag, which is cleared unconditionally in EVP_CipherInit(). That's
annoying to document and very likely never going to be an issue in the
wild: you'd need to do key wrap and then use the same context for use
with a cipher that does not allow key wrap for this to make a difference.
This way, all our EVP_{Cipher,Decrypt,Encrypt}*_ex() functions are now
trivially wrapped by their non-_ex() versions.
ok jsing
|
| |
|
|
|
|
|
|
| |
Clean up the cipher context unconditionally if the cipher is being set.
This allows doing the dance to retain the key wrap flag only once and
makes it more obvious that allocating the cipher data doesn't leak.
suggested by/ok jsing
|
| |
|
|
| |
ok jsing
|
| |
|
|
|
|
|
|
| |
None of these function pointers were ever set. Now that the structure is
opaque they won't ever be, so time for them to hit the bitbucket. Infinite
extensibility of the toolkit results in complications, bugs, and dead code.
ok jsing
|
| |
|
|
|
|
|
|
|
|
|
|
| |
If a negative n is passed, these functions would underrun the bitstring's
data array. So add checks for that and drop spades of unnecessary parens.
These functions are quite broken anyway. The setter attempts to zap the
unnecessary trailing zero octets, but fails to do so if the bit being
cleared isn't already set. Worse is the getter where you can't tell an
error (like attempting an out-of-bounds read) from the bit being unset.
ok joshua
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
These two functions previously wrapped a pkey_set_type() helper, which
was an utter mess because of ENGINE. With the long awaited departure of
ENGINE, this function became a lot simpler. A further simplification is
obtained by not doing the optimization to avoid an ameth lookup: this
requires walking a list of 11 ameths. We should consider bsearch()...
With this gone and a saner implementation of EVP_PKEY_free_it(), we can
implement these functions with a dozen lines of code each.
ok jsing
|
| |
|
|
|
|
|
|
| |
Use pkey instead of x, remove the pointless variable i, no need to check
for NULL before sk_X509_ATTRIBUTE_pop_free(), switch to freezero() to
leave fewer invalid pointers around.
ok jsing
|
| |
|
|
| |
ok jsing
|
| | |
|
| |
|
|
|
|
| |
Rename the variable from x into pkey, make it NULL safe and unindent.
ok jsing
|
| |
|
|
| |
ok jsing
|
| |
|
|
| |
ok jsing
|
| |
|
|
|
|
| |
There is no need for a local variable and a ternary operator here.
ok jsing
|
| |
|
|
| |
ok jsing
|
| |
|
|
|
| |
While here, also switch the argument placeholder from *impl to *engine
as suggested by tb@.
|
| |
|
|
|
|
| |
It really makes no sense to have the mess that is EVP_MD_CTX_copy{,_ex}()
live between EVP_Digest{Init{,_ex},Update,Final{,_ex}}() and EVP_Digest(),
the latter being a relatively simple wrapper of Init_ex/Update/Final_ex.
|
| |
|
|
|
|
|
| |
Consistently implement the _ex() version after the non-extended versions,
First Cipher Init/Update/Final, then Encrypt, then Decrypt. This only
switches the order of CipherFinal{,_ex} and move the DecryptInit* down,
so they are no longer somewhere in the middle of the Encrypt* functions.
|
| | |
|
| |
|
|
|
| |
I guess I'm getting old. Next time I'll have to add a reminder not to
forget to remove the reminder.
|
| | |
|
| |
|
|
|
|
|
| |
These remove a few more potential out-of-bounds accesses and ensure in
particular that the padding is between 1 and block_size (inclusive).
ok joshua jsing
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
| |
These are only ever set to one particular function which is either local
to this file or part of the public API and we never added the public API
to set them to something else. Prefix the local functions touched in this
commit with x509_vfy_. More cleanup to follow.
ok joshua jsing
|
| |
|
|
|
|
|
|
|
|
| |
Pull up the EVP_R_NO_CIPHER_SET check that was hidden somewhere down in the
middle of the function. Handle the reuse case outside of the big non-NULL
cipher case for now. This looks a bit odd but relies on the invariant that
cipher_data is only set if the cipher is set. It will be reworked in a
subsequent commit.
ok jsing
|
| | |
|
| |
|
|
| |
ok joshua jsing
|
| |
|
|
| |
ok jsing
|
| |
|
|
|
|
|
|
|
| |
The struct underlying the X509_STORE type is opaque ars and nothing uses
the accessors that OpenSSL added blindly for these. Therefore we didn't
add them in the first place. So this rips out several dozens of lines of
dead code.
ok beck joshua jsing
|
| |
|
|
|
|
| |
This API was recently neutered and will be removed in the next major bump.
Mark it as intentionally undocumented in EVP_PKEY_asn1_new.3 and remove it
from all other manuals.
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Using a loop to print pieces of a static buffer containing 20 spaces to
indent things is just silly. Even sillier is making this buffer const
without looking what it's actually used for... There is BIO_indent() or
BIO_printf() that can handle "%*s".
Add a length check to preserve behavior since BIO_indent() succeeds for
negattive indent.
However, peak silliness must be how BIO_dump_indent_cb() indents things.
That's for another day.
ok jsing
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
| |
The block mask is only used in EVP_{De,En}cryptUpdate(). There's no need to
hang it off the EVP_CIPHER_CTX since it is easy to compute and validate.
ok joshua jsing
|
| |
|
|
|
|
|
| |
Ensure that the nid and key length are non-negative and that the block
size is one of the three sizes 1, 8, or 16 supported by the EVP subsystem.
ok joshua jsing
|
| |
|
|
| |
discussed with jsing
|
| |
|
|
| |
discussed with jsing
|
| |
|
|
| |
ok jsing
|
