| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
| |
Switch i to a size_t and improve a flag check. Part of an earlier diff
that was ok jsing but were lost when I reworked the diff.
|
| |
|
|
|
| |
Use better variable names without silly p prefix and use explicit checks
against NULL.
|
| |
|
|
|
|
|
|
|
| |
Use slightly better argument and variable names, do not pointlessly try
to match a string of negative length < -1, use a size_t for the strlen()
and preserve the logic that allows lookup by a string fragment rather
than a full string.
ok jsing
|
| |
|
|
|
|
|
|
|
| |
EVP_PKEY_asn1_find() finds the EVP_PKEY_ASN1_METHOD underlying the method
or alias with nid (or, rather, pkey_id) passed in. Now that we have the
base method stored in a pointer, we can return that method after a simple
lookup of said nid (or, rather, pkey_id).
ok jsing
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Every EVP_PKEY_ASN1_METHOD is either an ASN.1 method or an alias.
As such it resolves to an underlying ASN.1 method (in one step).
This information can be stored in a base_method pointer in allusion
to the pkey_base_id, which is the name for the nid (aka pkey_id aka
type) of the underlying method.
For an ASN.1 method, the base method is itself, so the base method
is set as a pointer to itself. For an alias it is of course a pointer
to the underlying method. Then obviously ameth->pkey_base_id is the
same as ameth->base_method->pkey_id, so rework all ASN.1 methods to
follow that.
ok jsing
|
| |
|
|
|
|
|
|
|
|
|
|
| |
For some reason DSA, GOST, and RSA had their ASN.1 methods stored in
an array. This is clumsy and the only benefit is that one saves a few
externs in p_lib.c. They were also arranged by ascending NID because
of bsearch() madness.
Split them up and arrange the methods by name, which is much saner
and simpler.
ok jsing
|
| |
|
|
|
|
|
| |
This was only used to avoid an ameth lookup in EVP_PKEY_set_type(), a
micro-optimization that was removed in p_lib.c r1.48.
ok jsing
|
| |
|
|
|
|
|
|
| |
Most of these functions are only called from this file internally apart
from the pem_str lookups from pem/. In the next major bump we can then
remove asn/ameth_lib.c. Also move EVP_PKEY_ASN1_METHOD to evp_local.h.
While this is used to dispatch to various ASN.1 decoding routines, it
doesn't fit into asn1/ at all.
|
| |
|
|
| |
ok jsing
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
These two functions previously wrapped a pkey_set_type() helper, which
was an utter mess because of ENGINE. With the long awaited departure of
ENGINE, this function became a lot simpler. A further simplification is
obtained by not doing the optimization to avoid an ameth lookup: this
requires walking a list of 11 ameths. We should consider bsearch()...
With this gone and a saner implementation of EVP_PKEY_free_it(), we can
implement these functions with a dozen lines of code each.
ok jsing
|
| |
|
|
|
|
|
|
| |
Use pkey instead of x, remove the pointless variable i, no need to check
for NULL before sk_X509_ATTRIBUTE_pop_free(), switch to freezero() to
leave fewer invalid pointers around.
ok jsing
|
| |
|
|
| |
ok jsing
|
| | |
|
| |
|
|
|
|
| |
Rename the variable from x into pkey, make it NULL safe and unindent.
ok jsing
|
| |
|
|
| |
ok jsing
|
| |
|
|
| |
ok jsing
|
| |
|
|
|
|
| |
There is no need for a local variable and a ternary operator here.
ok jsing
|
| |
|
|
| |
ok jsing
|
| |
|
|
|
|
|
|
| |
This removes the remaining ENGINE members from various internal structs
and functions. Any ENGINE passed into a public API is now completely
ignored functions returning an ENGINE always return NULL.
ok jsing
|
| |
|
|
|
|
|
| |
This is mechanical apart from a few manual edits to avoid doubled empty
lines.
ok jsing
|
| |
|
|
|
|
|
| |
Avoids a bit of code duplication and reduces the probability of a fix being
applied to only one of get0 and get1 (which happend in p_lib.c r1.35).
ok jsing
|
| | |
|
| |
|
|
|
|
| |
It currently returns NULL. This is OpenSSL 4088b926 + De Morgan.
ok jsing
|
| |
|
|
|
|
|
|
| |
me aliasing symbols not in the headers I was procesing.
This unbreaks the namespace build so it will pass again
ok tb@
|
| |
|
|
|
|
| |
(part 2 of commit)
ok jsing@
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Libcrypto currently has a mess of *_lcl.h, *_locl.h, and *_local.h names
used for internal headers. Move all these headers we inherited from
OpenSSL to *_local.h, reserving the name *_internal.h for our own code.
Similarly, move dtls_locl.h and ssl_locl.h to dtls_local and ssl_local.h.
constant_time_locl.h is moved to constant_time.h since it's special.
Adjust all .c files in libcrypto, libssl and regress.
The diff is mechanical with the exception of tls13_quic.c, where
#include <ssl_locl.h> was fixed manually.
discussed with jsing,
no objection bcook
|
| |
|
|
|
|
|
|
| |
Now that EVP_PKEY is opaque, there is no reason to keep the ptr member
of the pkey union as a weird char pointer, a void pointer will do. This
avoids a few stupid casts and simplifies an upcoming diff.
ok jsing
|
| |
|
|
|
|
| |
This will be needed to deal with Curve25519 based keys.
ok beck@ tb@
|
| |
|
|
|
|
|
| |
This also provides a pkey_security_bits member to the PKEY ASN.1 methods
and a corresponding setter EVP_PKEY_asn1_set_security_bits().
ok beck jsing
|
| |
|
|
|
|
| |
CID 24778
ok jsing@ millert@ tb@
|
| |
|
|
|
|
| |
evp.h will be moved to evp_locl.h in an upcoming bump.
ok inoguchi
|
| |
|
|
|
|
|
| |
sebastia ran into this when attempting to update security/hcxtools.
This will be tested via wycheproof.go once the symbol is public.
ok jsing, tested by sebastia
|
| |
|
|
|
|
| |
freely licensed.
From jsing
|
| |
|
|
|
| |
tested in a bulk build by sthen
ok jsing
|
| |
|
|
|
| |
tested in a bulk build by sthen
ok beck (as part of a larger diff)
|
| |
|
|
|
| |
tested in a bulk build by sthen
ok beck (as part of a larger diff)
|
| |
|
|
|
|
|
|
|
|
|
| |
OpenSSL commit 7c96dbcdab9 by Rich Salz.
This cleans up the caller side quite a bit and reduces the number of
lines enclosed in #ifndef OPENSSL_NO_ENGINE. codesearch.debian.net
shows that almost nothing checks the return value of ENGINE_finish().
While there, replace a few nearby 'if (!ptr)' with 'if (ptr == NULL)'.
ok jsing, tested by & ok inoguchi
|
| |
|
|
| |
ok jsing
|
| |
|
|
|
|
| |
EVP_PKEY_get0_{DH,DSA,RSA}(), RSA_{g,s}et0_key().
ok jsing
|
| | |
|
| |
|
|
|
|
| |
as was done earlier in libssl. Thanks inoguchi@ for noticing
libssl had more reacharounds into this.
ok jsing@ inoguchi@
|
| | |
|
| |
|
|
|
|
|
|
| |
Remove the openssl public includes from cryptlib.h and add a small number
of includes into the source files that actually need them. While here,
also sort/group/tidy the includes.
ok beck@ miod@
|
| |
|
|
|
|
|
|
|
| |
an OPENSSL_NO_* define. This avoids relying on something else pulling it
in for us, plus it fixes several cases where the #ifndef OPENSSL_NO_XYZ is
never going to do anything, since OPENSSL_NO_XYZ will never defined, due
to the fact that opensslconf.h has not been included.
This also includes some miscellaneous sorting/tidying of headers.
|
| | |
|
| |
|
|
| |
ok miod
|
| | |
|
| |
|
|
| |
ok miod
|
| |
|
|
|
|
|
|
| |
OPENSSL_foo wrappers. This changes:
OPENSSL_malloc->malloc
OPENSSL_free->free
OPENSSL_relloc->realloc
OPENSSL_freeFunc->free
|
