| Commit message (Collapse) | Author | Age | Files | Lines |
... | |
|
|
|
| |
functions for removal
|
|
|
|
|
|
| |
Another legacy turd that was only used by PHP 7.4 and 8.0.
ok beck jsing
|
| |
|
|
|
|
|
|
|
| |
These legacy interfaces were only used by PHP 7.4 and 8.0 and they will
be removed in an upcoming bump.
ok beck jsing
|
|
|
|
|
|
|
| |
A comment saying /* Maybe more here */ in a public also goes (yuck).
Of course the promise was fulfilled by OpenSSL 3.
ok beck jsing
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If an auth_level (i.e., security_level, but not quite, because Viktor) was
set on the X509_VERIFY_PARAM in the X509_STORE_CTX, the verifier would
reject RSA-PSS or EdDSA certificates for insufficient security bits due to
incorrect use of OBJ_find_sigid_algs() (this was also a bug in the initial
security level implementation in OpenSSL 1.1).
Using X509_get_signature_info() fixes this while preserving behavior for
all other algorithms.
Reported by Steffen Ullrich as one of multiple issues with RSA-PSS.
ok jsing
|
|
|
|
|
|
|
|
| |
Loosely based on the OpenSSL 1.1 documentation but extended quite a bit to
explain what the flags mean and what info they do (and do not) convey. With
the usual valuable feedback from jmc.
ok jmc
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is a slightly strange combination of OBJ_find_sigid_algs() and the
security level API necessary because OBJ_find_sigid_algs() on its own
isn't smart enough for the special needs of RSA-PSS and EdDSA.
The API extracts the hash's NID and the pubkey's NID from the certificate's
signatureAlgorithm and invokes special handlers for RSA-PSS and EdDSA
for retrieving the corresponding information. This isn't entirely free
for RSA-PSS, but for now we don't cache this information.
The security bits calculation is a bit hand-wavy, but that's something
that comes along with this sort of numerology.
ok jsing
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
There are currently very few differences between the rsa_asn1_meth for
plain RSA and the rsa_pss_asn1_meth for RSA-PSS apart from the obviously
necessary differnces for base_method, pkey_id, pem_str and info (and the
fact that RSA has support for legacy private key encoding). This had the
lucky side effect that it didn't really matter which ameth one ended up
using after OBJ_find_sigid_algs().
With the upcoming support for X509_get_signature_infO() for RSA-PSS, this
needs to change as for RSA-PSS we need to decode the PSS parameters for
extracting the "security level", whereas for RSA we can just use the hash
length. Thus, for RSA-PSS switch pkey_id from the incorrect rsaEncryption
to rassaPss.
ok jsing
PS: OBJ_find_sigid_algs() manual is no longer entirely correct, but this
has been the case since we added Ed25519 support to obj_xref.
|
|
|
|
|
|
| |
less likely.
ok jsing
|
|
|
|
|
|
|
| |
Use proper NULL checks, set hashAlgorithm with X509_ALGOR_set0_by_nid(),
and avoid a silly digerr label.
ok jsing
|
|
|
|
| |
ok jsing
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
For a certificate serial number between LONG_MAX and ULONG_MAX, the call to
ASN1_INTEGER_get() fails and leaves an error on the stack because the check
bs->length <= sizeof(long) doesn't quite do what it's supposed to do (bs is
probably for bitstring, although the more common reading would be adequate,
too.)
Fix this by checking for non-negativity and using ASN1_INTEGER_get_uint64()
and add a lengthy comment to explain the nonsense per beck's request.
discussed with jsing
ok beck
|
| |
|
| |
|
| |
|
| |
|
|
|
|
| |
The existing description was lacking and incorrect, respectively.
|
| |
|
|
|
|
| |
reminded by mandoc -Tlint
|
|
|
|
| |
Remove the corresponding documentation.
|
|
|
|
| |
ok jsing
|
|
|
|
|
|
|
| |
Return 0 on success, return <= 0 on failure. Sigh. In particular, if an
allocation failed, the password that no one entered was considered valid.
ok jsing
|
|
|
|
|
|
|
|
| |
According to some, a fail-open password verification function is par for
the course for libcrypto. Unfortunately, we have been recommending its use
over similarly named EVP functions after what amounted to a coin toss a
few years back. Luckily enough, no one followed that advice and we can
soon remove this API for good.
|
| |
|
|
|
|
| |
reminded by ... anton
|
|
|
|
|
| |
This API family has been neutered and will be removed in the next bump.
Further cross references will be untangled in the future.
|
|
|
|
| |
ok miod
|
|
|
|
|
|
|
| |
It is no longer possible to set an attribute on an EVP_PKEY, so this
code is dead.
ok miod
|
|
|
|
|
|
|
| |
The last consumer in openssl(1) pkcs12 has been removed, so we no longer
need this function.
ok miod
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Documentation on what the Microsoft-specific local machine keyset and the
cryptographic service provider are actually good for is hard to find. For
some reason (perhaps one million and two arguments for PKCS12_create() was
considered two too many) these hang off the EVP_PKEY in the attributes
member, which serves no other purpose.
Every use of EVP_PKEY (of which there are far too many) pays extra memory
taxes for this fringe use case. This complication is not worth it.
ok miod
|
| |
|
|
|
|
| |
Reduces upcoming diffs and avoids annoying prototypes.
|
|
|
|
|
| |
These functions have been disabled for a while and they will be removed
in the next major bump.
|
|
|
|
|
| |
The openssl 3.0 port was removed nearly a year ago shortly after the 7.4
release.
|
| |
|
|
|
|
|
|
|
| |
declarations to reduce <stdio.h> pollution. Declare __isthreaded
in thread_private.h where it's really needed.
ok deraadt@
|
| |
|
|
|
|
|
|
|
| |
Some macros are still exposed, but apart from the loss of a very nice way
of saying "this is completely misdesigned, overengineered and not properly
thought through" the only thing we would have learned from it is that this
stuff is "probably useless".
|
| |
|
| |
|
| |
|
|
|
|
| |
Symbols.list
|
| |
|
|
|
|
|
|
|
|
|
| |
requirements for setting the underlying file position when flushing
read-mode streams, and make an fseek()-after-fflush() not change the
underlying file position.
Much testing, review, and assistance from tb@
ok tb@ millert@
|
|
|
|
|
|
|
|
|
| |
This option allows to verify certs in a CMS object against additional
CRLs.
Ported from work by Tom Harrison from APNIC
OK tb@
|
| |
|
|
|
|
|
|
|
|
| |
Provide a per architecture crypto_arch.h - this will be used in a similar
manner to bn_arch.h and will allow for architecture specific #defines and
static inline functions. Move the HAVE_AES_* and HAVE_RC4_* defines here.
ok tb@
|
|
|
|
| |
unused in ports and on codesearch
|