| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This implements the do_all API by simple loops over the tables of
digests and ciphers. Since some ciphers are only available on some
platforms, we need to skip them if necessary. We use loops in each
of the functions rather the convoluted way of reducing some of the
loops to others.
Since the tables are sorted, as ensured by regress, both do_all() and
do_all_sorted() walk the lists in order. In particular, we no longer
need to allocate to be able to sort hash tables by name on the fly in a
void function that may end up doing nothing because allocation failed.
We still need to do an unchecked OPENSSL_init_crypto() call. But that's
what prayer and clean living are there for (as beck put it).
The OBJ_NAME API is completely misnamed. It has little to do with objects
and a lot to do with EVP. Therefore we implement what will remain from
its saner replacement in the evp directory, i.e., evp_names.c.
ok jsing
|
| |
|
|
|
|
|
|
| |
This is the corresponding commit for digests and their aliases. It
only adds a table to be used in upcoming commits. What was said
about ciphers applies mutatis mutandis to digests.
ok jsing
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This arranges the data provided by dynamic library initialization
in a static table and will help avoid gross code with missing error
checking and other defects on every use of the library. This table
isn't pretty due to various naming inconsistecies accumulated over
the decades. It will significantly simplify the implementation of
API such as EVP_get_cipherbyname() and EVP_CIPHER_do_all().
All the table does is map strings to ciphers, typically used on the
openssl(1) command line or in code it's the mechanism that underlies
the map from NID_chacha20 to the data returned by EVP_chacha20().
It's of course more complicated because it just had to be stupid.
This is one of the places where the use of bsearch() is justified.
The price to pay for the simplification is that adding custom aliases
and custom ciphers to this table will no longer be supported. It is
one significant user of the LHASH madness. That's just another piece
of the awful "toolkit aspect"-guided misdesign that contributes to
making this codebase so terrible.
A corresponding table for the digests will be added in the next
commit.
ok jsing
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This abomination of an API will be removed. Remove the hairy details of
its internals and make the documentation of X509_STORE_CTX_set_trust(3)
and X509_STORE_CTX_set_purpose(3) independent of it.
Neither of these two remaining APIs can be recommended. Once set, trust
and purpose are sticky. Setting the trust to a different (valid) value
will indicate success but leave the value unchanged. I suppose it means
the new trust value was successfully ignored. Also, setting the trust to
X509_TRUST_DEFAULT can succeed or fail depending on which OpenSSL
derivative you use. Setting the purpose will also set the trust (unless
it is already set). Setting some purposes may or may not fail depending
on the OpenSSL lib.
The only way you have a chance of knowing what will be set is by calling
only one of these functions directly after X509_STORE_CTX_init(). This
isn't really safe either because in some versions the user can override
the values stored in a global table by writing directly to it.
The actual contributions here are rather minimal. State more explicitly
that 0 is invalid (but results in success being returned), document the
error values to be accurate across implementations and call out some of
the nonsense in a CAVEATS section.
Many thanks to schwarze for the very helpful review with lots of input.
ok schwarze
|
| | |
|
| |
|
|
|
| |
Now they are next to the trstandard[] table and listed in the order they
appear in the table.
|
| | |
|
| |
|
|
|
| |
Hoist obj_trust() to the top and move the static default_trust() next
to its setter.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Split the two codepaths in x509_vfy_purpose_inherit() into its two callers.
What remains is gross, but at least a reader has a chance of following all
this nonsense without leaving a significant amount of hair behind.
In short, purpose and trust are only overridden if they're not already
set. Otherwise silently ignore valid purpose and trust identifiers that
were passed in and succeed. Error on almost all invalid trust or purpose
ids, except 0, because... well... who knows, really?
ok jsing
|
| |
|
|
|
|
| |
It's more explicit and not that much longer.
ok jsing
|
| |
|
|
| |
from jsing
|
| |
|
|
|
|
|
|
|
|
|
| |
The callback-based printing needs to die. But first BIO_set() will die.
We have a FILE *. We have fprintf(). No need to use a static BIO to dump
error codes to said stream.
This basically undoes an unrelated change of "Move crpytlib.h prior bio.h"
from 19 years ago (OpenSSL 25a66ee3). Except we don't cast and check len.
ok jsing (who had a nearly identical diff)
|
| |
|
|
| |
Noticed by anton
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Nothing uses this function, except two internal callers. So split its guts
temporarily into a helper function and disable the gross general case.
The internal helper can be simplified by observing that def_purpose == 0:
Overriding 0 by 0 doesn't do anything, so drop that bit. Rename ptmp into
purp, and inline X509_PURPOSE_get_by_id(), i.e., make appropriate checks and
subtract X509_PURPOSE_MIN. The fallback to X509_PURPOSE_get_by_id(0) will
always fail since X509_PURPOSE_MIN == 1. So ditch that call. In particular,
X509_STORE_CTX_set_purpose(ctx, X509_PURPOSE_ANY) fails in current because
of this. That's nonsense. So remove the purp->trust == X509_TRUST_DEFAULT
check as only change of behavior. This matches what OpenSSL do nowadays.
They now set def_purpose = purpose if purpose != 0 and def_purpose == 0,
so in all real-world uses of this function they will just fetch the same
purpose again and do not check for default trust the second time around.
Finally, X509_TRUST_get_by_id() is only used to ensure that a non-zero (or
overridden) trust is between X509_TRUST_MIN and X509_TRUST_MAX. So expand
that into its explicit form.
ok jsing
|
| |
|
|
|
|
| |
They are now unused and will join the exodus to the attic in the next bump.
ok jsing
|
| | |
|
| |
|
|
| |
CID 477172
|
| |
|
|
| |
Since x509_trs.c r1.33, this is a noop.
|
| |
|
|
|
| |
Make a few checks against 0 explicit to reduce noise in an upcoming diff
and tiny KNF tweaks.
|
| | |
|
| | |
|
| |
|
|
|
|
| |
No change in the generated aarch64 assembly apart from line number changes.
ok jsing
|
| |
|
|
|
|
|
|
|
| |
Use iv_len for the variables storing the IV length, formerly l and j.
Remove use of the unnecessary variable i and unindent the whole mess.
Some return values are fishy. That will be addressed in subsequent
commits.
ok jsing
|
| |
|
|
|
|
|
|
| |
This is pretty much identical to the X509_PURPOSE case: remove the stack
used for extending and overriding the trust table and make X509_TRUST_add()
always fail. Simplify some other bits accordingly.
ok jsing
|
| | |
|
| |
|
|
|
| |
Since x509_purp.c r1.34 this is a noop since there is nothing to clean up
anymore. Remove the last caller.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Another complication of dubious value that nobody's ever used. crl_init(),
crl_free() and the meth_data are dead weight, as are their accessors.
Inline def_crl_verify() in X509_CRL_verify() so that the latter becomes
the trivial wrapper of ASN1_item_verify() that one would expect it to be.
It is quite unclear what kind of customization would make sense here...
def_crl_lookup() is renamed into crl_lookup() and its two callers,
X509_CRL_lookup_by_{serial,cert}(), are moved below it so that we
don't need a prototype.
ok jsing
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Another bit of global state without lock protection. The by now familiar
complications of a stack to make this user configurable, which, of course,
no one ever did. The table is not currently const, and the API exposes its
entries directly, so anyone can modify it. This fits very well with the
safety guarantees of Rust's 'static lifetime, which is how rust-openssl
exposes it (for no good reason).
Remove the stack and make the X509_PURPOSE_add() API always fail.
Simplify the other bits accordingly.
In addition, this API inflicts the charming difference between purpose
identifiers and purpose indexes (the former minus one) onto the user.
Neither of the two obvious solutions to avoid this trap seems to have
crossed the implementer's mind.
ok jsing
|
| |
|
|
|
| |
Switch i to a size_t and improve a flag check. Part of an earlier diff
that was ok jsing but were lost when I reworked the diff.
|
| | |
|
| |
|
|
|
| |
Remove unnecessary parentheses and use a better place to break an overlong
line.
|
| |
|
|
|
|
|
| |
Use an error exit that frees the ui in case the UI_add_* fail. Also add
a few empty lines for readability.
ok joshua
|
| |
|
|
|
|
|
|
|
|
| |
This removes the global pkey_app_methods stack that was never cleaned up
and makes EVP_PKEY_meth_add0() always fail and push an error on the stack.
EVP_PKEY_meth_find() can now walk the list of PKEY_METHODs forward and
things become a bit cleaner. It's still all way more complicated than it
needs to be...
ok jsing
|
| |
|
|
|
|
|
|
|
| |
In order to determine whether GOST is properly enabled, libssl has various
weird dances. In this specific case, it calls EVP_PKEY_meth_find() to see
whether the relevant cipher is around. Check the same thing with an #ifdef
instead.
ok jsing
|
| |
|
|
|
|
|
|
| |
The EVP_CIPHER structs are static const data that the library returns when
you call EVP_aes_128_cbc(), for example. It makes no sense whatsoever to
hang user data off such a struct, but it's been there since forever.
ok jsing
|
| |
|
|
|
| |
Use better variable names without silly p prefix and use explicit checks
against NULL.
|
| |
|
|
|
|
|
|
|
| |
Use slightly better argument and variable names, do not pointlessly try
to match a string of negative length < -1, use a size_t for the strlen()
and preserve the logic that allows lookup by a string fragment rather
than a full string.
ok jsing
|
| |
|
|
|
|
|
|
|
| |
EVP_PKEY_asn1_find() finds the EVP_PKEY_ASN1_METHOD underlying the method
or alias with nid (or, rather, pkey_id) passed in. Now that we have the
base method stored in a pointer, we can return that method after a simple
lookup of said nid (or, rather, pkey_id).
ok jsing
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Every EVP_PKEY_ASN1_METHOD is either an ASN.1 method or an alias.
As such it resolves to an underlying ASN.1 method (in one step).
This information can be stored in a base_method pointer in allusion
to the pkey_base_id, which is the name for the nid (aka pkey_id aka
type) of the underlying method.
For an ASN.1 method, the base method is itself, so the base method
is set as a pointer to itself. For an alias it is of course a pointer
to the underlying method. Then obviously ameth->pkey_base_id is the
same as ameth->base_method->pkey_id, so rework all ASN.1 methods to
follow that.
ok jsing
|
| |
|
|
|
|
|
|
|
|
|
| |
The few pieces of the ameth lib that will stay in libcrypto were moved to
p_lib.c recently. The functions that still are in ameth_lib.c will be
removed in the next major bump. With disabled EVP_PKEY_asn1_add{0,_alias}()
API they are completely useless now and they are getting in the way of more
ameth surgery. Rip out their guts and turn them into stubs that do nothing
but push an error onto the stack.
ok jsing
|
| |
|
|
|
|
|
|
|
|
|
|
| |
For some reason DSA, GOST, and RSA had their ASN.1 methods stored in
an array. This is clumsy and the only benefit is that one saves a few
externs in p_lib.c. They were also arranged by ascending NID because
of bsearch() madness.
Split them up and arrange the methods by name, which is much saner
and simpler.
ok jsing
|
| |
|
|
|
|
|
|
|
|
| |
There are two unsigned char arrays of size EVP_MAX_IV_LENGTH to store the
IVs of block ciphers. In most modes, only iv is used, but in some modes iv
is modified and oiv is used to store the original IV. At the moment nothing
enforces that they are of the same length. Therefore make sure the correct
one or both are checked before writing to or reading from them.
ok miod
|
| |
|
|
|
|
|
| |
First came EVP_CIPHER_param_to_asn1() which wraps EVP_CIPHER_set_asn1_iv()
which was implemented last. Then came EVP_CIPHER_asn1_to_param() wrapping
EVP_CIPHER_get_asn1_iv(). Move each param function below the iv function
it wraps.
|
| | |
|
| |
|
|
|
|
| |
This isn't great since the struct is ordered in about the silliest way
imaginable, but it is better than it was before. Bringing order into
this mess is harder than solving a Rubik's cube.
|
| |
|
|
|
| |
These confusingly named getters were added "for convenience" in 1.1.
They fit best next to the EVP_CIPHER API.
|
| |
|
|
|
| |
They are now below the CMS ASN.1 IV stuff, but above the EVP_CIPHER_meth*
API, which are setters, in a way.
|
| |
|
|
| |
There's no need for a ret variable and else if/else
|
| | |
|
| | |
|
