| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
crypto.h already had the symbols not hidden behind LIBRESSL_INTERNAL
hidden - This now picks up the reset of them marking them as
LCRYPTO_UNUSED, and removes the LIBRESSL_INTERNAL guard.
These symbols will now be hidden, but if we use them inside
the library in a namespaced build we will get a deprecation
warning. use outside the library will be as with any other hidden
symbol, so fine.
ok tb@
|
| | |
|
| |
|
|
|
|
|
| |
This picks up most of the remaining public symbols in
x509.h
ok tb@
|
| |
|
|
|
|
| |
largely mechanically done by the guentherizer 9000
ok tb@
|
| |
|
|
| |
ok jsing
|
| |
|
|
| |
ok tb
|
| |
|
|
| |
ok tb
|
| |
|
|
| |
ok jsing
|
| |
|
|
| |
ok jsing tb
|
| |
|
|
| |
ok jsing beck
|
| |
|
|
| |
ok beck jsing
|
| |
|
|
| |
ok jsing tb beck
|
| |
|
|
| |
ok jsing
|
| | |
|
| |
|
|
|
|
|
|
| |
With ERR_STATE out of the way, we can make CRYPTO_THREADID opaque.
The type is still accessed by used public API, but some of the public
API can also go away.
ok jsing
|
| |
|
|
|
|
|
| |
Long time neutered, only used (pointlessly without error checking) in the
error code until very recently.
ok jsing
|
| |
|
|
|
|
|
|
| |
This was neutered early on in the fork and has been rotting ever since.
Some parts of the API are still used, but it's easier to clean up when
most of the mess is gone.
ok jsing
|
| |
|
|
|
|
|
| |
This API intends to find the closest match to the needle. M2Crypto
exposes it because it can. This will be fixed by patching the port.
ok jsing
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
This removes internals of these two special snowflakes and will allow
further simplifications. Unfortunately, there are some pieces of
software that actually use LHASH_OF() (looking at you, pound, Ruby, and
openssl(1)), so we get to keep exposing this garbage, at least for now.
Expose lh_error() as a symbol to replace a macro reaching into _LHASH.
lh_down_load() is no longer available. _LHASH and _STACK are now opaque,
LHASH_NODE becomes internal-only.
from jsing
|
| |
|
|
|
|
|
| |
This could have been removed in an earlier bump. Now it's time for it to
say goodbye.
ok jsing
|
| |
|
|
|
|
|
|
| |
Yet another bit of extensibility that no one ever really used.
X509_LOOKUP_free() needs to stay because of ... rust-openssl
(and kdelibs4support).
ok jsing
|
| |
|
|
|
|
|
| |
Another thing that should never have leaked out of the library. It
will become internal entirely, where the code can be simplified greatly.
ok jsing
|
| |
|
|
|
|
|
|
|
| |
Most of this is the ability to add custom purposes. Also the astounding
X509_STORE_CTX_purpose_inherit(). The names are used by PHP, and M2Crypto
exposes X509_check_purpose(), so these remain public. Some weird, most
likely invalid, uses also remain in rust-openssl.
ok jsing
|
| |
|
|
|
|
|
|
|
|
| |
You used to be able to define your own X.509 extension handlers. Great.
Even greater: the verifier would ignore any custom extensions. So this
was only ever useful for serialization and deserialization. In other
words, almost entirely pointless. The API was also unused except for
a hack in kore-acme, which was fixed recently.
ok jsing
|
| |
|
|
|
|
|
|
|
| |
The ERR_STATE struct is an unused implementation detail of the horrific
error stack code. It is the last public consumer of CRYPTO_THREAD
internals. Make this and its accessor internal so we can make the
CRYPTO_THREAD struct opaque.
ok jsing
|
| |
|
|
|
|
|
|
| |
PKCS12 is a hot mess. Please participate in the survey at the end of
https://www.cs.auckland.ac.nz/~pgut001/pubs/pfx.html to increase its
credibility and unanimity.
ok jsing
|
| |
|
|
|
|
|
| |
This is another implementation detail that should never have leaked out
of the library. Only OBJ_create() ever used this.
ok jsing
|
| |
|
|
|
|
|
|
|
|
|
|
| |
The only reason this has still been part of the public API was that libssl
used it for cipher lookup. This was fixed by replacing the lookup by proper
bsearch() -- why OpenSSL felt the need to reinvent ANSI C API badly will
forever remain a mystery.
The stack code in libcrypto still uses a version of this. This should
be rewritten. It will be a bit easier once sk_find_ex() is removed.
ok jsing
|
| |
|
|
|
|
|
| |
This functionality has been disabled for a few months. Now it is high time
to garbage collect it.
ok jsing
|
| |
|
|
|
|
|
|
|
|
|
| |
This was deprecated in 0.9.8 and used until recently by rust-openssl
and by keynote (keynote has the excuse that it was written before the
deprecation). Fortunately Paul Kehrer fixed this in rust-openssl,
so we can garbage collect this turd. (It was replaced with the less
ergonomic DSA_generate_parameters_ex() to expose a new fancy way of
displaying dots, stars and pluses on key generation).
ok jsing
|
| |
|
|
|
|
|
|
|
| |
While it is a neat design detail of CMAC that you can resume it after
having finalized it, nothing uses this functionality and it adds some
gross things such as retaining intermediate secrets in the CMAC ctx.
Once this is gone, we can simplify the CMAC code a bit.
ok jsing
|
| |
|
|
|
|
|
|
| |
The former could be useful but nothing uses it. The latter is a
dangerous implementation detail of Montgomery exponentiation that
should never have been leaked out of the library. Fix this.
ok jsing
|
| |
|
|
|
|
|
| |
This function is very slow and useful for testing purposes only. It
should never have been part of the public API. Remove it from there.
ok jsing
|
| |
|
|
|
|
|
| |
This used to be a dangerous implementation detail of BIO_new() that was
never used outside of libcrypto.
ok jsing
|
| |
|
|
|
|
|
| |
These were disabled and the internals that need to remain were fixed.
Time for this garbage to go.
ok jsing
|
| |
|
|
|
|
|
| |
Unsued printing functionality. If something should need this we can readily
add it back.
ok jsing
|
| |
|
|
|
|
|
|
|
|
|
|
| |
This API was needed since OpenSSL didn't have one. We now have variants
of OpenSSL's API and will also expose BoringSSL's complementary API. The
users of this API were ported to the OpenSSL variants and some may switch
to BoringSSL's in the future. Part of it is still used internally.
ASN1_time_tm_clamp_notafter() is still used by libtls (and only libtls).
This will be fixed in a future bump.
ok jsing
|
| |
|
|
|
|
|
|
| |
This is only used by the fuzzing code. Another bit of poorly thought
out extensibility that makes people pass NULL pointers to a bunch
of APIs.
ok jsing
|
| |
|
|
| |
ok jsing
|
| |
|
|
|
|
|
| |
This was API for the ASN1_STRING_TABLE extensibility which has been
neutered for months and was completely unused in the ecosystem.
ok jsing
|
| |
|
|
|
| |
These were incorrectly added to asn1.h. OPENSSL_gmtime is in crypto.h
and OPENSSL_timegm is already in posix_time.h
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The OpenSSL 1.1 API X509_STORE_get0_objects() is not thread safe. It
exposes a naked internal pointer containing certificates, CRLs and
cached objects added by X509_LOOKUP_hash_dir(). Thus, if the store is
shared between threads, it is not possible to inspect this pointer safely
since another thread could concurrently add to it. This may happen in
particular during certificate verification. This API led to security
issues in rust-openssl and is also problematic in current Python.
Other consumers of X509_STORE_get0_objects() are haproxy, isync, openvpn.
The solution is to take a snapshot of the state under a lock and return
that. This is what X509_STORE_get1_objects() does. It returns a newly
allocated stack that needs to be freed with sk_X509_OBJECT_pop_free(),
passing X509_OBJECT_free as a second argument.
Based on a diff by David Benjamin for BoringSSL.
https://boringssl-review.googlesource.com/c/boringssl/+/65787
ok beck jsing
PS: Variants of this have landed in Python and OpenSSL 3 as well. There the
sk_*deep_copy() API is used, which in OpenSSL relies on evaluating function
pointers after casts (BoringSSL fixed that). Instead of using this macro
insanity and exposing that garbage in public, we can do this by implementing
a pedestrian, static sk_X509_OBJECT_deep_copy() by hand.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is prepares to expose some internal API as OPENSSL_tm_to_posix() and
OPENSSL_posix_to_tm(). They will be used in libtls and ocspcheck(8) to get
rid of the portability nightmare that is timegm().
Also fix the location of OPENSSL_gmtime() and OPENSSL_timegm() (this API
is not yet exposed). The former is from OpenSSL and surprisingly lives in
crypto.h, not asn1.h, and the latter is BoringSSL API and lives in the new
posix_time.h.
Initial diff from beck, this pulls in further upstream work after review
feedback.
ok jsing
|
| |
|
|
|
|
|
|
|
|
|
| |
This matches when BoringSSL has done, and allows for getting
rid of the dependency on system timegm() and gmtime() in libtls.
which will make life easier for portable, and remove our
dependency on the potentially very slow system versions.
ok tb@ - tb will handle the minor bump bits and expose
on the next minor bump
CVS :----------------------------------------------------------------------
|
| |
|
|
|
| |
Some *_options() prototypes were left behind in headers. I will remove
them after my amd64 ports bulk completes.
|
| | |
|
| |
|
|
|
|
|
|
|
| |
This removes ASN1_BIT_STRING_name_print(), ASN1_BIT_STRING_{num,set}_asc().
Before trust was properly handled using OIDs, there was a period where it
used bit strings. The actual interfaces used in openssl x509 were removed,
but the functions they wrapped remained unused for the next 24 years.
ok jsing
|
| |
|
|
|
|
|
|
| |
This was added with the TS code for no discernible reason. I could not
find a single consumer. In the unlikely event that you need this, it is
easy enough to write a better version of it yourself.
ok jsing
|
| |
|
|
|
|
|
| |
Add accessors for the syntax versions of ContentInfo and SignerInfo.
These will be used soon in rpki-client for some more compliance checks.
ok job jsing
|
| |
|
|
|
|
|
|
| |
Another bit of unused extensibility that was responsible for a lot
of complexity until recently. This removes the remaining stubs from
the public API.
ok jsing
|
