| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| | |
|
| |
|
|
|
|
|
|
| |
With ERR_STATE out of the way, we can make CRYPTO_THREADID opaque.
The type is still accessed by used public API, but some of the public
API can also go away.
ok jsing
|
| |
|
|
|
|
|
| |
Long time neutered, only used (pointlessly without error checking) in the
error code until very recently.
ok jsing
|
| |
|
|
|
|
|
|
| |
This was neutered early on in the fork and has been rotting ever since.
Some parts of the API are still used, but it's easier to clean up when
most of the mess is gone.
ok jsing
|
| |
|
|
|
|
|
| |
This API intends to find the closest match to the needle. M2Crypto
exposes it because it can. This will be fixed by patching the port.
ok jsing
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
This removes internals of these two special snowflakes and will allow
further simplifications. Unfortunately, there are some pieces of
software that actually use LHASH_OF() (looking at you, pound, Ruby, and
openssl(1)), so we get to keep exposing this garbage, at least for now.
Expose lh_error() as a symbol to replace a macro reaching into _LHASH.
lh_down_load() is no longer available. _LHASH and _STACK are now opaque,
LHASH_NODE becomes internal-only.
from jsing
|
| |
|
|
|
|
|
| |
This could have been removed in an earlier bump. Now it's time for it to
say goodbye.
ok jsing
|
| |
|
|
|
|
|
|
| |
Yet another bit of extensibility that no one ever really used.
X509_LOOKUP_free() needs to stay because of ... rust-openssl
(and kdelibs4support).
ok jsing
|
| |
|
|
|
|
|
| |
Another thing that should never have leaked out of the library. It
will become internal entirely, where the code can be simplified greatly.
ok jsing
|
| |
|
|
|
|
|
|
|
| |
Most of this is the ability to add custom purposes. Also the astounding
X509_STORE_CTX_purpose_inherit(). The names are used by PHP, and M2Crypto
exposes X509_check_purpose(), so these remain public. Some weird, most
likely invalid, uses also remain in rust-openssl.
ok jsing
|
| |
|
|
|
|
|
|
|
|
| |
You used to be able to define your own X.509 extension handlers. Great.
Even greater: the verifier would ignore any custom extensions. So this
was only ever useful for serialization and deserialization. In other
words, almost entirely pointless. The API was also unused except for
a hack in kore-acme, which was fixed recently.
ok jsing
|
| |
|
|
|
|
|
|
|
| |
The ERR_STATE struct is an unused implementation detail of the horrific
error stack code. It is the last public consumer of CRYPTO_THREAD
internals. Make this and its accessor internal so we can make the
CRYPTO_THREAD struct opaque.
ok jsing
|
| |
|
|
|
|
|
|
| |
PKCS12 is a hot mess. Please participate in the survey at the end of
https://www.cs.auckland.ac.nz/~pgut001/pubs/pfx.html to increase its
credibility and unanimity.
ok jsing
|
| |
|
|
|
|
|
| |
This is another implementation detail that should never have leaked out
of the library. Only OBJ_create() ever used this.
ok jsing
|
| |
|
|
|
|
|
|
|
|
|
|
| |
The only reason this has still been part of the public API was that libssl
used it for cipher lookup. This was fixed by replacing the lookup by proper
bsearch() -- why OpenSSL felt the need to reinvent ANSI C API badly will
forever remain a mystery.
The stack code in libcrypto still uses a version of this. This should
be rewritten. It will be a bit easier once sk_find_ex() is removed.
ok jsing
|
| |
|
|
|
|
|
| |
This functionality has been disabled for a few months. Now it is high time
to garbage collect it.
ok jsing
|
| |
|
|
|
|
|
|
|
|
|
| |
This was deprecated in 0.9.8 and used until recently by rust-openssl
and by keynote (keynote has the excuse that it was written before the
deprecation). Fortunately Paul Kehrer fixed this in rust-openssl,
so we can garbage collect this turd. (It was replaced with the less
ergonomic DSA_generate_parameters_ex() to expose a new fancy way of
displaying dots, stars and pluses on key generation).
ok jsing
|
| |
|
|
|
|
|
|
|
| |
While it is a neat design detail of CMAC that you can resume it after
having finalized it, nothing uses this functionality and it adds some
gross things such as retaining intermediate secrets in the CMAC ctx.
Once this is gone, we can simplify the CMAC code a bit.
ok jsing
|
| |
|
|
|
|
|
|
| |
The former could be useful but nothing uses it. The latter is a
dangerous implementation detail of Montgomery exponentiation that
should never have been leaked out of the library. Fix this.
ok jsing
|
| |
|
|
|
|
|
| |
This function is very slow and useful for testing purposes only. It
should never have been part of the public API. Remove it from there.
ok jsing
|
| |
|
|
|
|
|
| |
This used to be a dangerous implementation detail of BIO_new() that was
never used outside of libcrypto.
ok jsing
|
| |
|
|
|
|
|
| |
These were disabled and the internals that need to remain were fixed.
Time for this garbage to go.
ok jsing
|
| |
|
|
|
|
|
| |
Unsued printing functionality. If something should need this we can readily
add it back.
ok jsing
|
| |
|
|
|
|
|
|
|
|
|
|
| |
This API was needed since OpenSSL didn't have one. We now have variants
of OpenSSL's API and will also expose BoringSSL's complementary API. The
users of this API were ported to the OpenSSL variants and some may switch
to BoringSSL's in the future. Part of it is still used internally.
ASN1_time_tm_clamp_notafter() is still used by libtls (and only libtls).
This will be fixed in a future bump.
ok jsing
|
| |
|
|
|
|
|
|
| |
This is only used by the fuzzing code. Another bit of poorly thought
out extensibility that makes people pass NULL pointers to a bunch
of APIs.
ok jsing
|
| |
|
|
| |
ok jsing
|
| |
|
|
|
|
|
| |
This was API for the ASN1_STRING_TABLE extensibility which has been
neutered for months and was completely unused in the ecosystem.
ok jsing
|
| |
|
|
|
| |
These were incorrectly added to asn1.h. OPENSSL_gmtime is in crypto.h
and OPENSSL_timegm is already in posix_time.h
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The OpenSSL 1.1 API X509_STORE_get0_objects() is not thread safe. It
exposes a naked internal pointer containing certificates, CRLs and
cached objects added by X509_LOOKUP_hash_dir(). Thus, if the store is
shared between threads, it is not possible to inspect this pointer safely
since another thread could concurrently add to it. This may happen in
particular during certificate verification. This API led to security
issues in rust-openssl and is also problematic in current Python.
Other consumers of X509_STORE_get0_objects() are haproxy, isync, openvpn.
The solution is to take a snapshot of the state under a lock and return
that. This is what X509_STORE_get1_objects() does. It returns a newly
allocated stack that needs to be freed with sk_X509_OBJECT_pop_free(),
passing X509_OBJECT_free as a second argument.
Based on a diff by David Benjamin for BoringSSL.
https://boringssl-review.googlesource.com/c/boringssl/+/65787
ok beck jsing
PS: Variants of this have landed in Python and OpenSSL 3 as well. There the
sk_*deep_copy() API is used, which in OpenSSL relies on evaluating function
pointers after casts (BoringSSL fixed that). Instead of using this macro
insanity and exposing that garbage in public, we can do this by implementing
a pedestrian, static sk_X509_OBJECT_deep_copy() by hand.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is prepares to expose some internal API as OPENSSL_tm_to_posix() and
OPENSSL_posix_to_tm(). They will be used in libtls and ocspcheck(8) to get
rid of the portability nightmare that is timegm().
Also fix the location of OPENSSL_gmtime() and OPENSSL_timegm() (this API
is not yet exposed). The former is from OpenSSL and surprisingly lives in
crypto.h, not asn1.h, and the latter is BoringSSL API and lives in the new
posix_time.h.
Initial diff from beck, this pulls in further upstream work after review
feedback.
ok jsing
|
| |
|
|
|
|
|
|
|
|
|
| |
This matches when BoringSSL has done, and allows for getting
rid of the dependency on system timegm() and gmtime() in libtls.
which will make life easier for portable, and remove our
dependency on the potentially very slow system versions.
ok tb@ - tb will handle the minor bump bits and expose
on the next minor bump
CVS :----------------------------------------------------------------------
|
| |
|
|
|
| |
Some *_options() prototypes were left behind in headers. I will remove
them after my amd64 ports bulk completes.
|
| | |
|
| |
|
|
|
|
|
|
|
| |
This removes ASN1_BIT_STRING_name_print(), ASN1_BIT_STRING_{num,set}_asc().
Before trust was properly handled using OIDs, there was a period where it
used bit strings. The actual interfaces used in openssl x509 were removed,
but the functions they wrapped remained unused for the next 24 years.
ok jsing
|
| |
|
|
|
|
|
|
| |
This was added with the TS code for no discernible reason. I could not
find a single consumer. In the unlikely event that you need this, it is
easy enough to write a better version of it yourself.
ok jsing
|
| |
|
|
|
|
|
| |
Add accessors for the syntax versions of ContentInfo and SignerInfo.
These will be used soon in rpki-client for some more compliance checks.
ok job jsing
|
| |
|
|
|
|
|
|
| |
Another bit of unused extensibility that was responsible for a lot
of complexity until recently. This removes the remaining stubs from
the public API.
ok jsing
|
| |
|
|
|
|
|
| |
Ever wondered how many entries populate the various err hashes?
Me neither. Remove this garbage.
ok jsing
|
| |
|
|
|
|
|
| |
Much like ex_data, applications can make the library use their own error
stack implementation. Well, except as of right now they no longer can.
ok jsing
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
To state the obvious: library suffers from way too much extensibility. In
theory, applications can implement their own ex_data implementation. In
practice, none did. A glance at ex_data.c might give an idea as to why.
Make this internal so this particular turd can be replaced with something
slightly saner.
Also sync up the CRYPTO_EX_INDEX_* defines with OpenSSL - at least
the parts we support.
ok jsing
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is one of those strange things that should never have made it into
a security-oriented libraries. From BIO_s_bio.3:
.\" The following non-copying I/O functions are intentionally undocumented
.\" because they seem fragile and unused by anything:
It was used in a single place: the gorgeous ssltest. I'm not smart enough
to follow. Also:
/* WARNING: The non-copying interface is largely untested as of yet
* and may contain bugs. */
Oh, really? Into the great bitbucket in the sky you go.
ok jsing
|
| |
|
|
|
|
|
| |
Inconsistently named with the rest of the API, so OpenSSL 1.1 introduced
the same functions with a BN_ prefix. We'll keep the latter.
ok jsing
|
| |
|
|
|
|
|
|
|
|
| |
RSA is pretty bad. In my most optimistic moments I dream of a world that
stopped using it. That won't happen during my lifetime, unfortunately.
Blinding is one way of making it a little less leaky. Unfortunately this
side-channel leak mitigation leaked out of the library for no good reason.
Let's at least fix that aspect of it.
ok jsing
|
| |
|
|
|
|
|
|
|
|
| |
ASN1_bn_print() is a hilariously bad API that was replaced with a saner
interface internally. ASN1_buf_print() isn't terrible, but it is too
specialized to be of real use. It was only exposed because ASN1_bn_print()
was already there. Its only use had been in the EdDSA printing code before
it was replaced with an internal helper.
ok jsing
|
| |
|
|
|
|
|
| |
These were long removed from the public OpenSSL API, so we can do the
same. Remove ASN1_template_{d2i,i2d}() - those are unused internally.
ok jsing
|
| |
|
|
|
|
|
|
|
|
|
|
| |
With every bump we can remove a bit more of the ASN.1 BIO and the
streaming interface. At some point enough will be internal so that
we can rewrite it and bring it in a shape where mere mortals can
follow all the twists and turns. This is the next step: BIO_f_asn1(3)
goes away and takes BIO_asn1_{get,set}_{prefix,suffix}() with it,
a bunch of functions helping along in a write-after-free recently.
The getters go away, the setters stay for now.
ok jsing
|
| |
|
|
|
|
|
|
|
|
| |
ENGINE was special. It's horrible code even by the low standards of this
library. Some ports may now try to use the stubs which will fail, but
the fallout from this should be minimal. Of course there are various
language bindings that expose the ENGINE API. OpenSSL 3 disabling ENGINE
by default will likely help fixing this at some point.
ok jsing
|
| |
|
|
|
|
|
|
| |
DSO and in particular dlopen() was used for dynamic engines, which we
removed a long time ago and for dynamic conf modules, which we removed
only very recently. Now remove this dangerous interface.
ok jsing
|
| |
|
|
|
|
|
|
|
|
|
| |
opensslfeatures.h has long defined OPENSSL_NO_COMP and the build with
ZLIB was broken in openssl(1) since 2015 and in libcrypto since 2022.
ZLIB was unifdefed a while ago, now we can retire the public API.
The comp.h header stays devoid of code because a number of ports use it
for historic reasons.
ok jsing
|
| |
|
|
|
|
|
| |
The remaining two ECDH interfaces are relocated into ec.h. ecdh.h
remains. It does nothing but include ec.h.
ok jsing
|
