summaryrefslogtreecommitdiff
path: root/src/lib (follow)
Commit message (Collapse)AuthorAgeFilesLines
...
* Simplify engine.htb2024-03-021-45/+1
| | | | | | Garbage collect some more of this former horror show. ok jsing
* Garbage collect CUSTOM_KEY_LENGTH/SET_KEY_LENGTHtb2024-03-021-4/+1
| | | | | | | These are unused defines that used to add unwanted complications in EVP_CIPHER_CTX_set_key_lenght(). ok jsing
* Remove more PBE stuff from the public APItb2024-03-027-35/+24
| | | | | | | This is still needed internally for CMS and its predecessors. This removal will enable disentangling some of its innards. ok jsing
* Remove most PBEPARAM stuff from public visibilitytb2024-03-026-50/+40
| | | | | | The struct itself needs to remain public, unfortunately. ok jsing
* Remove a lot of PKCS12 garbage from the public APItb2024-03-0213-205/+94
| | | | | | | | PKCS12 is a hot mess. Please participate in the survey at the end of https://www.cs.auckland.ac.nz/~pgut001/pubs/pfx.html to increase its credibility and unanimity. ok jsing
* Remove RC4-HMAC-MD5 and AES-{128,256}-CBC-HMAC-SHA-1tb2024-03-026-951/+3
| | | | | | | "Stitched" mode AEADs were removed from libssl a long time ago. Nothing uses these CIPHERs anymore. ok jsing
* Make legacy cipher methods internaltb2024-03-023-14/+8
| | | | | | | These are ASN.1 handlers for CIPHERs, still used by CMS and its predecessors. They should never have been public. ok jsing
* Remove EVP_PBE_* API from public visibilitytb2024-03-024-67/+6
| | | | | | | You can no longer add your custom PBE algorithm. Pity. EVP_PBE_CipherInit() stays for internal use, the rest goes away copmletely. ok jsing
* Remove EVP_PKEY_meth_*() APItb2024-03-023-260/+2
| | | | | | After ameth, the second bit of custom EVP_PKEY API removal. ok jsing
* Remove the ameth libtb2024-03-024-239/+2
| | | | | | | | This is accessor API for ASN.1 methods needed for custom PKEYs. Nothing has ever used this. This has been neutered for months. The EVP_PKEY_asn1_* API that needs to stay was moved elsewhere. ok jsing
* Remove EVP_MD_meth* againtb2024-03-023-145/+2
| | | | | | | | | | | Erlang upstream disabled the otp_test_engine for LibreSSL >= 3.5 without explanation. It was the only reason we added this garbage API in the first place. Meanwhile libfido2 started using it for a mock up of OpenSSL 3's broken fetch design with old API. This is pointless, so all this garbage goes away again (in particular we can remove the absolutely horrifying EVP_MD_meth_set_app_datasize() again). ok jsing
* Fix signature and semantics of EVP_{CIPHER,MD}_CTX_init()tb2024-03-023-13/+13
| | | | | | | | | | | | | | When the EVP_CIPHER_CTX and the EVP_MD_CTX were still expected to live on the stack, these initialization APIs were wrappers around memset. In OpenSSL 1.1, somebody removed them and carelessly made _init() an alias of _reset() aka _cleanup(). As a consequence, both signature and semantics changed. Unsurprisingly, there is now code out there that actually uses the new semantics, which causes leaks on LibreSSL and older OpenSSL. This aligns our _init() with OpenSSL 1.1 semantics. ok jsing
* Remove unused OBJ_create_and_add_object()tb2024-03-021-3/+1
| | | | | | This is an alias for OBJ_create(). I haven't dug into its history. ok jsing
* Remove no longer supported OBJ_NAME_TYPEstb2024-03-021-4/+2
| | | | | | | | | OBJ_NAME_TYPE_PKEY_METH and OBJ_NAME_TYPE_COMP_METH were never used as far as I can tell. Unfortunately, PHP and Python still use the weirdly named OBJ_NAME_do_all*() API to list available ciphers and digests, so the MD and CIPHER variants need to remain public. ok jsing
* Make OBJ_add_object() statictb2024-03-025-9/+4
| | | | | | | This is another implementation detail that should never have leaked out of the library. Only OBJ_create() ever used this. ok jsing
* Remove OBJ_bsearch_()tb2024-03-026-36/+7
| | | | | | | | | | | | The only reason this has still been part of the public API was that libssl used it for cipher lookup. This was fixed by replacing the lookup by proper bsearch() -- why OpenSSL felt the need to reinvent ANSI C API badly will forever remain a mystery. The stack code in libcrypto still uses a version of this. This should be rewritten. It will be a bit easier once sk_find_ex() is removed. ok jsing
* Switch name member of OBJ_NAME to const void *tb2024-03-022-5/+5
| | | | | | Because this is the type it should have had from the get go. ok jsing
* Remove unused public OBJ_NAME_* APItb2024-03-025-82/+3
| | | | | | | This functionality has been disabled for a few months. Now it is high time to garbage collect it. ok jsing
* Remove EVP_{add,delete}_{cipher,digest}_alias()tb2024-03-021-10/+1
| | | | | | | | These are macro wrappers around the neutered OBJ_NAME_{add,remove}() API (notice the consistency), which will be removed shortly. Only security/xca used to use this. ok jsing
* Remove EVP_add_{cipher,digest}() from public APItb2024-03-023-19/+2
| | | | | | | | | | | Ciphers and digests are now handled in a static lookup table and no longer by the associative array that used to underlie the OBJ_NAME API. Adding ciphers is no longer possible. What uses this API does so for historic reasons coming from a time where SHA-2 and some AES variants needed to be enabled explicitly. Ports doing this (PHP and DANE code) were fixed. ok jsing
* Remove DSA_generate_parameterstb2024-03-025-33/+3
| | | | | | | | | | | This was deprecated in 0.9.8 and used until recently by rust-openssl and by keynote (keynote has the excuse that it was written before the deprecation). Fortunately Paul Kehrer fixed this in rust-openssl, so we can garbage collect this turd. (It was replaced with the less ergonomic DSA_generate_parameters_ex() to expose a new fancy way of displaying dots, stars and pluses on key generation). ok jsing
* Remove CMAC_resume()tb2024-03-026-46/+5
| | | | | | | | | While it is a neat design detail of CMAC that you can resume it after having finalized it, nothing uses this functionality and it adds some gross things such as retaining intermediate secrets in the CMAC ctx. Once this is gone, we can simplify the CMAC code a bit. ok jsing
* Make BN_mod_exp2_mont() and BN_mod_exp_mont_word() internaltb2024-03-026-17/+10
| | | | | | | | The former could be useful but nothing uses it. The latter is a dangerous implementation detail of Montgomery exponentiation that should never have been leaked out of the library. Fix this. ok jsing
* Make BN_mod_exp_simple() internaltb2024-03-026-10/+7
| | | | | | | This function is very slow and useful for testing purposes only. It should never have been part of the public API. Remove it from there. ok jsing
* Remove BIO_set()tb2024-03-025-15/+3
| | | | | | | This used to be a dangerous implementation detail of BIO_new() that was never used outside of libcrypto. ok jsing
* Remove BIO_dump_*{cb,fp}()tb2024-03-025-53/+5
| | | | | | | These were disabled and the internals that need to remain were fixed. Time for this garbage to go. ok jsing
* Remove BIO_{sn,v,vsn}printf(3)tb2024-03-028-138/+18
| | | | | | | Unsued printing functionality. If something should need this we can readily add it back. ok jsing
* Expose OPENSSL_{gmtime,posix_to_tm,timegm,tm_to_posix}()tb2024-03-022-3/+5
| | | | | | | Apart from OPENSSL_gmtime(), which is OpenSSL API, this is BoringSSL's interface to deal with the time related portability and code mess. ok jsing
* Garbage collect ASN1_TIME_set_tm()tb2024-03-022-13/+2
| | | | | | This was a public helper that is no longer used internally either. ok jsing
* Remove beck's ASN.1 time API from public visibilitytb2024-03-027-20/+10
| | | | | | | | | | | | This API was needed since OpenSSL didn't have one. We now have variants of OpenSSL's API and will also expose BoringSSL's complementary API. The users of this API were ported to the OpenSSL variants and some may switch to BoringSSL's in the future. Part of it is still used internally. ASN1_time_tm_clamp_notafter() is still used by libtls (and only libtls). This will be fixed in a future bump. ok jsing
* Remove ASN1_PCTX nonsensetb2024-03-025-144/+3
| | | | | | | | This is only used by the fuzzing code. Another bit of poorly thought out extensibility that makes people pass NULL pointers to a bunch of APIs. ok jsing
* Make ASN1_add_oid_module internaltb2024-03-026-17/+5
| | | | ok jsing
* Remove unused M_ASN1_* macrostb2024-03-021-14/+1
| | | | | | | The last comsumer, telephony/asterisk, was adjusted a few months back. pointed out by brad ok jsing
* Remove unused, incomplete ub_* macrostb2024-03-021-12/+1
| | | | | | | The only consumer, a_strnid.c, has its own, slightly more complete, up to date, and less incorrect, version of these. ok jsing
* Remove DECLARE_STACK_OF(ASN1_STRING_TABLE)tb2024-03-021-4/+1
| | | | | | Another remnant of the unused ASN1_STRING_TABLE extensibility goes away. ok jsing
* Remove ASN1_STRING_TABLE_{add,cleanup}tb2024-03-025-27/+3
| | | | | | | This was API for the ASN1_STRING_TABLE extensibility which has been neutered for months and was completely unused in the ecosystem. ok jsing
* const correct ASN1_STRING_TABLE_get()tb2024-03-022-7/+6
| | | | | | | | The ability of modifying the ASN1_STRING_TABLE was removed and the table is now static. Stop casting away const. The only consumer, security/xca, is already fixed. ok jsing
* Add mkdtemps(3), like mkdtemp(3) but with a suffix.millert2024-03-012-8/+32
| | | | OK deraadt@ tb@
* Fix OPENSSL_{gmtime,timegm} in namespace buildtb2024-03-012-4/+3
| | | | | These were incorrectly added to asn1.h. OPENSSL_gmtime is in crypto.h and OPENSSL_timegm is already in posix_time.h
* Small tweak for X509_check_purpose()tb2024-02-281-4/+6
| | | | ok jsing
* Use an accessor instead of reaching into X509_PURPOSEtb2024-02-281-2/+2
| | | | ok jsing
* align read-only sections on masm/windows to 64 bytesbcook2024-02-271-1/+9
| | | | | | | Avoid conflicts where alignment is specified later in the underlying assembly. ok tb@
* Neuter OBJ_bsearch{_,ex_}()tb2024-02-262-31/+40
| | | | | | | | | Make these functions always fail. A copy of OBJ_bsearch_ex_() is kept in stack.c, where it is still used by internal_find() for sk_find{,_ex}(). sk_find_ex() will be removed in the upcoming bump, and then we can simplify or rewrite what's still needed. ok jsing
* Add a few missing endbr64 to libcryptotb2024-02-242-0/+6
| | | | | | | | gcm_{gmult,ghash}_4bit(), aesni_ccm64_decrypt_blocks(), aes_cbc_encrypt(), and aesni_xts_{en,de}crypt() were overlooked in previous passes. Found with a diff for ld.lld by kettenis ok kettenis
* Replace uses of endbr64 with _CET_ENDBR from cet.htb2024-02-2430-110/+132
| | | | | | | | | cet.h is needed for other platforms to emit the relevant .gnu.properties sections that are necessary for them to enable IBT. It also avoids issues with older toolchains on macOS that explode on encountering endbr64. based on a diff by kettenis ok beck kettenis
* Remove custom key length handlingtb2024-02-241-5/+1
| | | | | | | | | | | No cipher in libcrypto is marked EVP_CIPH_CUSTOM_KEY_LENGTH and no control handler deals with EVP_CTRL_SET_KEY_LENGTH, which means that this code is dead as far as libcrypto is concerned. Almost nothing uses EVP_CIPHER_meth* (this was added for a single project) and nothing sets a custom ctrl. This isn't going to change anyway since EVP_CIPHER_meth* is deprecated in order to promote more provider beauty. ok beck jsing
* Remove last calls to CRYPTO_{push,pop}_info()tb2024-02-241-9/+3
| | | | | | | These don't do anything but return 0 and will be garbage collected in the upcoming bump. ok jsing
* err.c: fix incorrect line wrappingtb2024-02-241-5/+5
|
* Prepare to provide X509_STORE_get1_objects()tb2024-02-234-3/+73
| | | | | | | | | | | | | | | | | | | | | | | | | | | | The OpenSSL 1.1 API X509_STORE_get0_objects() is not thread safe. It exposes a naked internal pointer containing certificates, CRLs and cached objects added by X509_LOOKUP_hash_dir(). Thus, if the store is shared between threads, it is not possible to inspect this pointer safely since another thread could concurrently add to it. This may happen in particular during certificate verification. This API led to security issues in rust-openssl and is also problematic in current Python. Other consumers of X509_STORE_get0_objects() are haproxy, isync, openvpn. The solution is to take a snapshot of the state under a lock and return that. This is what X509_STORE_get1_objects() does. It returns a newly allocated stack that needs to be freed with sk_X509_OBJECT_pop_free(), passing X509_OBJECT_free as a second argument. Based on a diff by David Benjamin for BoringSSL. https://boringssl-review.googlesource.com/c/boringssl/+/65787 ok beck jsing PS: Variants of this have landed in Python and OpenSSL 3 as well. There the sk_*deep_copy() API is used, which in OpenSSL relies on evaluating function pointers after casts (BoringSSL fixed that). Instead of using this macro insanity and exposing that garbage in public, we can do this by implementing a pedestrian, static sk_X509_OBJECT_deep_copy() by hand.
* Remove ASN1_time_clamp_notafter() prototypetb2024-02-231-3/+1
| | | | | There is now a prototype in x509_internal.h, so no need to repeat that here.
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-20 10:03:08 +0000