summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/cms/cms_sd.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Rework PKCS7_simple_smimecap()tb2025-07-311-1/+3
| | | | | | | | | This is nearly identical to CMS_add_simple_smimecap(). We can reuse its doc comment mutatis mutandis and use the same construction. Maybe this wants deduplicating. Maybe not. ok kenjiro
* Inline cms_add1_signingTime() in its only consumertb2025-07-271-31/+9
| | | | | | Why have seven lines if you can have 30... tweak/ok kenjiro
* Use err_local.h rather than err.h in most placestb2025-05-101-2/+2
| | | | ok jsing
* Remove more unnecessary GOST codetb2024-04-201-11/+1
| | | | ok jsing
* Rework CMS_add_simple_smimecap()tb2024-04-071-24/+43
| | | | | | | | | | | | | | | This is an API to add an OID attribute to the set of SMIMECapabilities. While attributes are complicated in general, this only supports simple capabilities encoded as an OID with an optional integer parameter (e.g., the key size of a cipher). Make this API transactional, i.e., don't leave a new empty set behind on failure or leak the key size if setting the parameter on the X509_ALGOR fails. Also convert to single exit and add a doc comment with a reference. ok beck
* Implement Ed25519 signatures for CMS (RFC 8419)tb2024-03-291-20/+64
| | | | | | | | | | | | | | | | | | | | This adds support for Edwards curve digital signature algorithms in the cryptographic message syntax, as specified in RFC 8419. Only Ed25519 is supported since that is the only EdDSA algorithm that LibreSSL supports (this is unlikely to change ever, but, as they say - never is a very long time). This has the usual curly interactions between EVP and CMS with poorly documented interfaces and lots of confusing magic return values and controls. This improves upon existing control handlers by documenting what is being done and why. Unlike other (draft) implementations we also happen to use the correct hashing algorithm. There are no plans to implement RFC 8418. joint work with job at p2k23 ok jsing
* Ignore EVP_MD_CTX_reset() return valuetb2024-02-021-6/+4
| | | | Also drop now unnecessary NULL checks before it.
* Use X509_ALGOR_set_evp_md() in CMS_add1_signer()tb2023-10-181-16/+24
| | | | | | | | | | Contrary to X509_ALGOR_set_md() this allows for error checking. Avoid local complications by freeing in the exit path and use a const version of X509_ALGOR for walking a STACK_OF() to avoid a bad free. Clean up includes ok jsing
* Small cleanups in cms_sd_asn1_ctrl():tb2023-09-111-6/+6
| | | | Compare explicitly against NULL and use ret instead of i.
* Rewrite CMS_SignerInfo_{sign,verify}()tb2023-09-111-61/+55
| | | | | | | | | Convert to using one-shot signing and verification. This is simpler than doing Init/Update/Final and necessary for Ed25519 support (RFC 8419). Use a single exit idiom, don't reuse the same buffer for decoding and signing and simplify a few other things. ok jsing
* Hide symbols in cms, comp, conf, and bufferbeck2023-07-081-1/+19
| | | | ok jsing@
* Make internal header file names consistenttb2022-11-261-4/+4
| | | | | | | | | | | | | | | | Libcrypto currently has a mess of *_lcl.h, *_locl.h, and *_local.h names used for internal headers. Move all these headers we inherited from OpenSSL to *_local.h, reserving the name *_internal.h for our own code. Similarly, move dtls_locl.h and ssl_locl.h to dtls_local and ssl_local.h. constant_time_locl.h is moved to constant_time.h since it's special. Adjust all .c files in libcrypto, libssl and regress. The diff is mechanical with the exception of tls13_quic.c, where #include <ssl_locl.h> was fixed manually. discussed with jsing, no objection bcook
* Plug memory leak in CMS_add_simple_smimecap() in the unlikely event thattb2022-08-281-3/+6
| | | | | | ASN1_INTEGER_set() fails. ok jsing
* Remove unsupported GOST 2012 NIDs.jsing2019-08-111-3/+1
|
* Expand M_ASN1_new_of and M_ASN1_free_of macros.jsing2019-08-111-4/+4
|
* Include string.h for memcmp()/memcpy().jsing2019-08-111-1/+3
|
* Use malloc(3) and free(3), rather than OPENSSL_{malloc,free}().jsing2019-08-111-10/+10
|
* Convert CMSerr() to CMSerror().jsing2019-08-111-37/+30
|
* Expand ASN.1 macros.jsing2019-08-111-3/+3
|
* More style(9), whitespace and readability fixes.jsing2019-08-101-113/+163
| | | | Files are identical once whitespace and newlines are removed.
* First pass at style(9).jsing2019-08-101-744/+744
| | | | Whitespace only and no change according to diff -w.
* Fix includes for non-installed headers.jsing2019-08-101-4/+4
|
* Add $OpenBSD$ tags.jsing2019-08-101-0/+1
|
* Restore the original per-file licenses for CMS.jsing2019-08-101-5/+49
| | | | These were removed in OpenSSL b1322259d93cf6b6286f9febcd468b6a9f577d91.
* Work towards supporting Cryptographic Message Syntax (CMS) in libcrypto.jsing2019-08-101-0/+926
| | | | | | | | | | | | | | | | Cryptographic Message Syntax (CMS) is a standard for cryptographically protecting messages, as defined in RFC 5652. It is derived from PKCS #7 version 1.5 and utilises various ASN.1 structures, making it complex and fairly heavyweight. Various protocols - including RPKI (RFC 6480) - have been built on top of it, which means it is necessary to support CMS, in order to support RPKI. This imports around 6,000 lines of code from OpenSSL 1.1.1, which is still under the original OpenSSL license. Further work will occur in tree. Requested by and discussed with many. ok deraadt@ tb@
* Remove cms.jsing2016-09-041-934/+0
| | | | ok beck@, guenther@, tedu@
* X509_free(3) is NULL-safe, so remove NULL checks before its calls.mmcc2016-03-111-3/+2
| | | | ok doug@
* GOST crypto algorithms (well, most of them), ported from the removed GOSTmiod2014-11-091-1/+3
| | | | | | | | | | | | engine to regular EVP citizens, contributed by Dmitry Eremin-Solenikov; libcrypto bits only for now. This is a verbatim import of Dmitry's work, and does not compile in this state; the forthcoming commits will address these issues. None of the GOST code is enabled in libcrypto yet, for it still gets compiled with OPENSSL_NO_GOST defined. However, the public header gost.h will be installed.
* if (x) FOO_free(x) -> FOO_free(x).miod2014-07-121-3/+2
| | | | | | | Improves readability, keeps the code smaller so that it is warmer in your cache. review & ok deraadt@
* Fix version number processing in cms_sd_set_version(); OpenSSL PR #3249 viamiod2014-07-111-3/+3
| | | | OpenSSL trunk.
* Only import cryptlib.h in the four source files that actually need it.jsing2014-07-111-5/+5
| | | | | | | | Remove the openssl public includes from cryptlib.h and add a small number of includes into the source files that actually need them. While here, also sort/group/tidy the includes. ok beck@ miod@
* tags as requested by miod and teduderaadt2014-06-121-1/+1
|
* KNF.jsing2014-05-241-380/+330
|
* if (x) free(x) -> free(x); semantic patch generated with coccinelle, carefullymiod2014-05-221-2/+1
| | | | eyeballed before applying. Contributed by Cyril Roelandt on tech@
* Change library to use intrinsic memory allocation functions instead ofbeck2014-04-171-7/+7
| | | | | | | | OPENSSL_foo wrappers. This changes: OPENSSL_malloc->malloc OPENSSL_free->free OPENSSL_relloc->realloc OPENSSL_freeFunc->free
* import OpenSSL-1.0.1cdjm2012-10-131-1/+2
|
* import OpenSSL-1.0.0adjm2010-10-011-78/+48
|
* import openssl-0.9.8jdjm2009-01-091-1/+1
|
* import of OpenSSL 0.9.8hdjm2008-09-061-0/+1014
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-08-25 08:48:07 +0000