| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
| |
ok jsing
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
| |
The unused ASN1_STRING_TABLE extensibility API will be removed in the next
major bump and the table itself will become immutable. Lightly adjust the
remaining text. In particular, update the RFC reference, stop talking about
defaults when nothing can be changed anymore, do not mention useless flags
that you will no longer be able to set and move the description of the only
remaining flag after the description of ASN1_STRING_TABLE_get().
The file will be renamed in a second step.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Instead of using five different idioms for eight callers of the do_cipher()
method in EVP_{Decrypt,Encrypt}{Update,Final_ex}(), wrap the API insanity
in an evp_cipher() function that calls do_cipher() as appropriate depending
on the EVP_CIPH_FLAG_CUSTOM_CIPHER being set or not. This wrapper has the
usual OpenSSL calling conventions.
There is one complication in EVP_EncryptUpdate() in the case a previous
call wrote only a partial buffer. In that case, the evp_cipher() call is
made twice and the lengths have to be added. Add overflow checks and only
set outl (the number of bytes written) to out on success.
ok jsing
|
| |
|
|
|
|
|
|
| |
If it wasn't for security/xca, all of the ASN1_STRING_TABLE API would
hit the attic before long. API design by a trained professional...
The table can at least be made immutable, which in turn makes this test
entirely pointless.
|
| |
|
|
| |
The portable compat shim doesn't provide it.
|
| |
|
|
|
|
| |
It's a noop and will be removed in the next major bump.
ok jsing
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Nobody adds a custom password-based encryption algorithm, be it a PRF or
one that can be an outermost AlgorithmIdentifier in CMS or its precursors.
This makes the undocumented and unused EVP_PBE_alg_add{,_type}() always
fail. They will be removed in the next major bump.
Thus, we no longer need to maintain a global stack of PBE algorithms that
one thread can happily modify while another one searches it.
In subsequent steps we can then remove another rather pointless use of
OBJ_bsearch_(). "Let's optimize the lookup in a table with two dozen
entries using about as many glorious layers of obfuscating macros."
ok jsing
|
| |
|
|
|
|
|
|
|
| |
On overlong input, chacha20_poly1305_cipher() would return 0, which in
EVP_CipherUpdate() and EVP_CipherFinal() signals success with no data
written since EVP_CIPH_FLAG_CUSTOM_CIPHER is set. In order to signal an
error, we need to return -1. Obviously.
ok jsing
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
These are usually AEAD ciphers, for which CMAC makes little sense (if you
need a MAC and all you have is an AEAD, you don't need CMAC, you can just
use a zero length cipher text). Also, since the CMAC implementation only
allows 64 and 128 bit block sizes, the AEADs would error out later anyway.
The only family of ciphers this effectively excludes is AES key wrap, for
which CMAC makes little sense.
One notable side effect of doing this is that the EVP_Cipher() return
value checks in the CMAC code magically become correct. EVP. What's not to
love about it.
ok jsing
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
EVP_Cipher() is an implementation detail of EVP_Cipher{Update,Final}().
Behavior depends on EVP_CIPH_FLAG_CUSTOM_CIPHER being set on ctx->cipher.
If the flag is set, do_cipher() operates in update mode if in != NULL and
in final mode if in == NULL. It returns the number of bytes written to out
(which may be 0) or -1 on error.
If the flag is not set, do_cipher() assumes properly aligned data and that
padding is handled correctly by the caller. Most do_cipher() methods will
silently produce garbage and succeed. Returns 1 on success, 0 on error.
ok jsing
|
| |
|
|
|
|
|
|
| |
EVP_Cipher() is a dangerous thin wrapper of the do_cipher() method set on
the EVP_CIPHER_CTX's cipher. It implements (part of) the update and final
step of the EVP_Cipher* API. Its behavior is nuts and will be documented
in a comment in a subsequent commit. schwarze has a manpage diff that will
fix the incorrect documentation.
|
| | |
|
| |
|
|
|
|
|
|
|
| |
Nothing uses these, so they will be removed in the next bump. For now
make them always fail and remove the unprotected global state backing
them. This makes EVP_PKEY_asn1_get{0,_count}() completely trivial and
will allow some further cleanup in later steps.
ok jsing
|
| |
|
|
|
| |
In all other places, the short name comes before the long name, so fix
the only exception.
|
| | |
|
| |
|
|
| |
Done.
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
discussed with deraadt and jsing
|
| |
|
|
|
|
| |
This way people can actually notice that an OPENSSL_assert() triggered.
discussed with deraadt and jsing
|
| |
|
|
| |
No code change
|
| |
|
|
|
| |
First get the obj corresponding to nid, then inspect its sn and ln.
Shaves off 40 lines of code and will simplify locking.
|
| |
|
|
|
|
|
| |
This is now yet another identical copy of the same code...
Next step will be to dedup.
ok jsing
|
| |
|
|
|
|
|
| |
This is exactly the same as the previous OBJ_nid2ln() change modulo
s/ln/sn/g.
ok jsing
|
| |
|
|
|
|
|
|
|
|
|
|
| |
If nid is in the range of built-in NIDs, return the corresponding
long name, unless some genius left a hole. Otherwise perform a yolo
check if there are any user-added objects with matching nid in the
global hash.
This changes behavior in that we now push an OBJ_R_UNKNOWN_NID error
onto the stack even if there are no user-added objects.
ok jsing
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
sk_deep_copy() is bad code. It is less bad than the upstream code, but
still bad: it passes strdup() through a void pointer and assigns it to
a function pointer of different type before calling the latter. That's
not kosher in more than one way.
There is no need for such gymnastics. If we need a deep copy for a type,
we should implement it as appropriate for that type.
Also, we should not expect and even less so allow holes in a STACK_OF().
The only way the vpm->hosts can be populated is by way of this deep_copy
function or x509_param_set_hosts_internal(), which pushes only after a
non-NULL check. Invariants: they're useful.
ok jsing
|
| |
|
|
|
|
|
|
|
| |
This is s/sn/ln/g of the previous commit and eliminates another
OBJ_bsearch_() user, the last one in this file. The bsearch() uses
in this file are possibly the only ones that actually make sense
since we're searching tables of roughly 1000 entries.
ok jsing
|
| |
|
|
|
|
|
|
|
|
| |
Another OBJ_bsearch_() elimination.
OBJ_sn2nid() is very similar to OBJ_obj2nid(). First it tries to retrieve
an object identifier with matching "short name" from the global hash of
added objects and then searches the table of built-in objects.
ok jsing
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Continue with OBJ_bsearch_() elimination.
OBJ_obj2nid() first checks if the object identifier passed in has a nid
and if so, it returns that. Otherwise, it looks into the global hash of
added objects (of course without locking) for a match and then returns
the nid thereof. As a last attempt, it searches the table of built-in
object identifiers.
The last two steps can be cleaned up and simplified quite a bit by using
C99 initializers, bsearch() and an appropriate comparison function. Then
it becomes obvious that bsearch() already returns a pointer to the nid
we're looking for, so there is no point in converting that into its
corresponding obj and returning the nid thereof.
ok jsing
|
| |
|
|
|
| |
This is already included in the typedef (yuck) and makes some Windows
compilers unhappy.
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
| |
While this may seem a bit out of place since is an objects API by name,
it really is about EVP. Plus, we want to leverage some things we already
needed for the EVP_*do_all() API (which currently wraps OBJ_NAME_do_all*
but that will change soon).
|
| | |
|
| | |
|
| |
|
|
|
| |
malloc option D (aka 1), 2, 3 or 4. No performance impact if not
used. ok asou@
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
They make no sense. These are thin wrappers of EVP_*Final_ex() and behave
exactly the same way. The minor behavior difference of Init and Init_ex is
likely a historical artefact of this abomination of an API. Deprecation of
the Init functions was recently removed from the manpage. The only reason
to prefer the _ex versions over the normal versions is ENGINE. This is no
longer an argument.
The warnings were added in an attempt at adding automatic cleanup. This
broke stuff and was therefore backed out. The warnings remained.
discussed with schwarze
|
| | |
|
| |
|
|
|
|
| |
The commit was about checking EVP_CIPHER_CTX_iv_length(), but the function
called here is EVP_CIPHER_CTX_key_length(). The result of the computation
is still correct, the check and local variable simply make no sense.
|
| |
|
|
|
|
|
|
|
|
| |
Remove some lies and some irrelevant historical information
about the non_ex variants and waste fewer words deprecating them.
Telling people to type longer function names and to pass an
ignored NULL argument doesn't really help anything.
Also talk less about those ignored ENGINE arguments.
OK tb@
|
