SecBSD
/
src
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

sync with OpenBSD -current

This commit is contained in:
purplerain 2024-01-14 01:35:08 +00:00
parent a51405ccff
commit 4250ddb86f
Signed by: purplerain
GPG Key ID: F42C07F07E2E35B7
16 changed files with 2065 additions and 1231 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
lib/libcrypto/Makefile
View File

@ -1,4 +1,4 @@
# $OpenBSD: Makefile,v 1.162 2023/12/29 06:56:38 tb Exp $
# $OpenBSD: Makefile,v 1.166 2024/01/13 12:18:52 tb Exp $
LIB= crypto
LIBREBUILD=y
@ -348,7 +348,6 @@ SRCS+= err_prn.c
SRCS+= bio_b64.c
SRCS+= bio_enc.c
SRCS+= bio_md.c
SRCS+= c_all.c
SRCS+= e_aes.c
SRCS+= e_aes_cbc_hmac_sha1.c
SRCS+= e_bf.c
@ -372,6 +371,7 @@ SRCS+= evp_digest.c
SRCS+= evp_encode.c
SRCS+= evp_err.c
SRCS+= evp_key.c
SRCS+= evp_names.c
SRCS+= evp_pbe.c
SRCS+= evp_pkey.c
SRCS+= m_gost2814789.c
@ -387,7 +387,6 @@ SRCS+= m_sigver.c
SRCS+= m_sm3.c
SRCS+= m_streebog.c
SRCS+= m_wp.c
SRCS+= names.c
SRCS+= p5_crpt.c
SRCS+= p5_crpt2.c
SRCS+= p_legacy.c
@ -453,7 +452,6 @@ SRCS+= ofb128.c
SRCS+= xts128.c
# objects/
SRCS+= o_names.c
SRCS+= obj_dat.c
SRCS+= obj_err.c
SRCS+= obj_lib.c

23
lib/libcrypto/asn1/asn1_item.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: asn1_item.c,v 1.18 2023/11/09 11:36:39 tb Exp $ */
/* $OpenBSD: asn1_item.c,v 1.19 2024/01/13 13:59:18 joshua Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@ -222,13 +222,20 @@ int
ASN1_item_sign(const ASN1_ITEM *it, X509_ALGOR *algor1, X509_ALGOR *algor2,
ASN1_BIT_STRING *signature, void *asn, EVP_PKEY *pkey, const EVP_MD *type)
{
EVP_MD_CTX ctx;
EVP_MD_CTX_init(&ctx);
if (!EVP_DigestSignInit(&ctx, NULL, type, NULL, pkey)) {
EVP_MD_CTX_cleanup(&ctx);
return 0;
}
return ASN1_item_sign_ctx(it, algor1, algor2, signature, asn, &ctx);
EVP_MD_CTX *md_ctx = NULL;
int ret = 0;
if ((md_ctx = EVP_MD_CTX_new()) == NULL)
goto err;
if (!EVP_DigestSignInit(md_ctx, NULL, type, NULL, pkey))
goto err;
ret = ASN1_item_sign_ctx(it, algor1, algor2, signature, asn, md_ctx);
err:
EVP_MD_CTX_free(md_ctx);
return ret;
}
static int

25
lib/libcrypto/crypto_init.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: crypto_init.c,v 1.15 2024/01/07 19:59:32 tb Exp $ */
/* $OpenBSD: crypto_init.c,v 1.17 2024/01/13 17:04:29 tb Exp $ */
/*
* Copyright (c) 2018 Bob Beck <beck@openbsd.org>
*
@ -44,8 +44,6 @@ OPENSSL_init_crypto_internal(void)
OPENSSL_cpuid_setup();
ERR_load_crypto_strings();
OpenSSL_add_all_ciphers();
OpenSSL_add_all_digests();
}
int
@ -91,3 +89,24 @@ OPENSSL_cleanup(void)
crypto_init_cleaned_up = 1;
}
LCRYPTO_ALIAS(OPENSSL_cleanup);
void
OpenSSL_add_all_ciphers(void)
{
}
void
OpenSSL_add_all_digests(void)
{
}
void
OPENSSL_add_all_algorithms_noconf(void)
{
}
void
OPENSSL_add_all_algorithms_conf(void)
{
OPENSSL_config(NULL);
}

331
lib/libcrypto/evp/c_all.c
View File

@ -1,331 +0,0 @@
/* $OpenBSD: c_all.c,v 1.33 2023/10/24 13:09:54 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
* The implementation was written so as to conform with Netscapes SSL.
*
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
*
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* "This product includes cryptographic software written by
* Eric Young (eay@cryptsoft.com)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
* 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
*
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
#include <stdio.h>
#include <pthread.h>
#include <openssl/opensslconf.h>
#include <openssl/conf.h>
#include <openssl/evp.h>
#include <openssl/objects.h>
#include "cryptlib.h"
static void
OpenSSL_add_all_ciphers_internal(void)
{
#ifndef OPENSSL_NO_DES
EVP_add_cipher(EVP_des_cfb());
EVP_add_cipher(EVP_des_cfb1());
EVP_add_cipher(EVP_des_cfb8());
EVP_add_cipher(EVP_des_ede_cfb());
EVP_add_cipher(EVP_des_ede3_cfb());
EVP_add_cipher(EVP_des_ede3_cfb1());
EVP_add_cipher(EVP_des_ede3_cfb8());
EVP_add_cipher(EVP_des_ofb());
EVP_add_cipher(EVP_des_ede_ofb());
EVP_add_cipher(EVP_des_ede3_ofb());
EVP_add_cipher(EVP_desx_cbc());
EVP_add_cipher_alias(SN_desx_cbc, "DESX");
EVP_add_cipher_alias(SN_desx_cbc, "desx");
EVP_add_cipher(EVP_des_cbc());
EVP_add_cipher_alias(SN_des_cbc, "DES");
EVP_add_cipher_alias(SN_des_cbc, "des");
EVP_add_cipher(EVP_des_ede_cbc());
EVP_add_cipher(EVP_des_ede3_cbc());
EVP_add_cipher_alias(SN_des_ede3_cbc, "DES3");
EVP_add_cipher_alias(SN_des_ede3_cbc, "des3");
EVP_add_cipher(EVP_des_ecb());
EVP_add_cipher(EVP_des_ede());
EVP_add_cipher(EVP_des_ede3());
#endif
#ifndef OPENSSL_NO_RC4
EVP_add_cipher(EVP_rc4());
EVP_add_cipher(EVP_rc4_40());
#ifndef OPENSSL_NO_MD5
EVP_add_cipher(EVP_rc4_hmac_md5());
#endif
#endif
#ifndef OPENSSL_NO_IDEA
EVP_add_cipher(EVP_idea_ecb());
EVP_add_cipher(EVP_idea_cfb());
EVP_add_cipher(EVP_idea_ofb());
EVP_add_cipher(EVP_idea_cbc());
EVP_add_cipher_alias(SN_idea_cbc, "IDEA");
EVP_add_cipher_alias(SN_idea_cbc, "idea");
#endif
#ifndef OPENSSL_NO_RC2
EVP_add_cipher(EVP_rc2_ecb());
EVP_add_cipher(EVP_rc2_cfb());
EVP_add_cipher(EVP_rc2_ofb());
EVP_add_cipher(EVP_rc2_cbc());
EVP_add_cipher(EVP_rc2_40_cbc());
EVP_add_cipher(EVP_rc2_64_cbc());
EVP_add_cipher_alias(SN_rc2_cbc, "RC2");
EVP_add_cipher_alias(SN_rc2_cbc, "rc2");
#endif
#ifndef OPENSSL_NO_BF
EVP_add_cipher(EVP_bf_ecb());
EVP_add_cipher(EVP_bf_cfb());
EVP_add_cipher(EVP_bf_ofb());
EVP_add_cipher(EVP_bf_cbc());
EVP_add_cipher_alias(SN_bf_cbc, "BF");
EVP_add_cipher_alias(SN_bf_cbc, "bf");
EVP_add_cipher_alias(SN_bf_cbc, "blowfish");
#endif
#ifndef OPENSSL_NO_CAST
EVP_add_cipher(EVP_cast5_ecb());
EVP_add_cipher(EVP_cast5_cfb());
EVP_add_cipher(EVP_cast5_ofb());
EVP_add_cipher(EVP_cast5_cbc());
EVP_add_cipher_alias(SN_cast5_cbc, "CAST");
EVP_add_cipher_alias(SN_cast5_cbc, "cast");
EVP_add_cipher_alias(SN_cast5_cbc, "CAST-cbc");
EVP_add_cipher_alias(SN_cast5_cbc, "cast-cbc");
#endif
#ifndef OPENSSL_NO_AES
EVP_add_cipher(EVP_aes_128_ecb());
EVP_add_cipher(EVP_aes_128_cbc());
EVP_add_cipher(EVP_aes_128_ccm());
EVP_add_cipher(EVP_aes_128_cfb());
EVP_add_cipher(EVP_aes_128_cfb1());
EVP_add_cipher(EVP_aes_128_cfb8());
EVP_add_cipher(EVP_aes_128_ofb());
EVP_add_cipher(EVP_aes_128_ctr());
EVP_add_cipher(EVP_aes_128_gcm());
EVP_add_cipher(EVP_aes_128_wrap());
EVP_add_cipher(EVP_aes_128_xts());
EVP_add_cipher_alias(SN_aes_128_cbc, "AES128");
EVP_add_cipher_alias(SN_aes_128_cbc, "aes128");
EVP_add_cipher(EVP_aes_192_ecb());
EVP_add_cipher(EVP_aes_192_cbc());
EVP_add_cipher(EVP_aes_192_ccm());
EVP_add_cipher(EVP_aes_192_cfb());
EVP_add_cipher(EVP_aes_192_cfb1());
EVP_add_cipher(EVP_aes_192_cfb8());
EVP_add_cipher(EVP_aes_192_ofb());
EVP_add_cipher(EVP_aes_192_ctr());
EVP_add_cipher(EVP_aes_192_gcm());
EVP_add_cipher(EVP_aes_192_wrap());
EVP_add_cipher_alias(SN_aes_192_cbc, "AES192");
EVP_add_cipher_alias(SN_aes_192_cbc, "aes192");
EVP_add_cipher(EVP_aes_256_ecb());
EVP_add_cipher(EVP_aes_256_cbc());
EVP_add_cipher(EVP_aes_256_ccm());
EVP_add_cipher(EVP_aes_256_cfb());
EVP_add_cipher(EVP_aes_256_cfb1());
EVP_add_cipher(EVP_aes_256_cfb8());
EVP_add_cipher(EVP_aes_256_ofb());
EVP_add_cipher(EVP_aes_256_ctr());
EVP_add_cipher(EVP_aes_256_gcm());
EVP_add_cipher(EVP_aes_256_wrap());
EVP_add_cipher(EVP_aes_256_xts());
EVP_add_cipher_alias(SN_aes_256_cbc, "AES256");
EVP_add_cipher_alias(SN_aes_256_cbc, "aes256");
#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA1)
EVP_add_cipher(EVP_aes_128_cbc_hmac_sha1());
EVP_add_cipher(EVP_aes_256_cbc_hmac_sha1());
#endif
#endif
#ifndef OPENSSL_NO_CAMELLIA
EVP_add_cipher(EVP_camellia_128_ecb());
EVP_add_cipher(EVP_camellia_128_cbc());
EVP_add_cipher(EVP_camellia_128_cfb());
EVP_add_cipher(EVP_camellia_128_cfb1());
EVP_add_cipher(EVP_camellia_128_cfb8());
EVP_add_cipher(EVP_camellia_128_ofb());
EVP_add_cipher_alias(SN_camellia_128_cbc, "CAMELLIA128");
EVP_add_cipher_alias(SN_camellia_128_cbc, "camellia128");
EVP_add_cipher(EVP_camellia_192_ecb());
EVP_add_cipher(EVP_camellia_192_cbc());
EVP_add_cipher(EVP_camellia_192_cfb());
EVP_add_cipher(EVP_camellia_192_cfb1());
EVP_add_cipher(EVP_camellia_192_cfb8());
EVP_add_cipher(EVP_camellia_192_ofb());
EVP_add_cipher_alias(SN_camellia_192_cbc, "CAMELLIA192");
EVP_add_cipher_alias(SN_camellia_192_cbc, "camellia192");
EVP_add_cipher(EVP_camellia_256_ecb());
EVP_add_cipher(EVP_camellia_256_cbc());
EVP_add_cipher(EVP_camellia_256_cfb());
EVP_add_cipher(EVP_camellia_256_cfb1());
EVP_add_cipher(EVP_camellia_256_cfb8());
EVP_add_cipher(EVP_camellia_256_ofb());
EVP_add_cipher_alias(SN_camellia_256_cbc, "CAMELLIA256");
EVP_add_cipher_alias(SN_camellia_256_cbc, "camellia256");
#endif
#ifndef OPENSSL_NO_CHACHA
EVP_add_cipher(EVP_chacha20());
EVP_add_cipher_alias(SN_chacha20, "ChaCha20");
EVP_add_cipher_alias(LN_chacha20, "chacha20");
#endif
#if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305)
EVP_add_cipher(EVP_chacha20_poly1305());
#endif
#ifndef OPENSSL_NO_GOST
EVP_add_cipher(EVP_gost2814789_ecb());
EVP_add_cipher(EVP_gost2814789_cfb64());
EVP_add_cipher(EVP_gost2814789_cnt());
#endif
#ifndef OPENSSL_NO_SM4
EVP_add_cipher(EVP_sm4_ecb());
EVP_add_cipher(EVP_sm4_cbc());
EVP_add_cipher(EVP_sm4_cfb());
EVP_add_cipher(EVP_sm4_ofb());
EVP_add_cipher(EVP_sm4_ctr());
EVP_add_cipher_alias(SN_sm4_cbc, "SM4");
EVP_add_cipher_alias(SN_sm4_cbc, "sm4");
#endif
}
void
OpenSSL_add_all_ciphers(void)
{
static pthread_once_t add_all_ciphers_once = PTHREAD_ONCE_INIT;
(void) pthread_once(&add_all_ciphers_once, OpenSSL_add_all_ciphers_internal);
}
static void
OpenSSL_add_all_digests_internal(void)
{
#ifndef OPENSSL_NO_MD4
EVP_add_digest(EVP_md4());
#endif
#ifndef OPENSSL_NO_MD5
EVP_add_digest(EVP_md5());
EVP_add_digest(EVP_md5_sha1());
EVP_add_digest_alias(SN_md5, "ssl2-md5");
EVP_add_digest_alias(SN_md5, "ssl3-md5");
#endif
#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA1)
EVP_add_digest(EVP_sha1());
EVP_add_digest_alias(SN_sha1, "ssl3-sha1");
EVP_add_digest_alias(SN_sha1WithRSAEncryption, SN_sha1WithRSA);
#endif
#ifndef OPENSSL_NO_GOST
EVP_add_digest(EVP_gostr341194());
EVP_add_digest(EVP_gost2814789imit());
EVP_add_digest(EVP_streebog256());
EVP_add_digest(EVP_streebog512());
#endif
#ifndef OPENSSL_NO_RIPEMD
EVP_add_digest(EVP_ripemd160());
EVP_add_digest_alias(SN_ripemd160, "ripemd");
EVP_add_digest_alias(SN_ripemd160, "rmd160");
#endif
#ifndef OPENSSL_NO_SHA256
EVP_add_digest(EVP_sha224());
EVP_add_digest(EVP_sha256());
#endif
#ifndef OPENSSL_NO_SHA512
EVP_add_digest(EVP_sha384());
EVP_add_digest(EVP_sha512());
EVP_add_digest(EVP_sha512_224());
EVP_add_digest(EVP_sha512_256());
#endif
#ifndef OPENSSL_NO_SHA3
EVP_add_digest(EVP_sha3_224());
EVP_add_digest(EVP_sha3_256());
EVP_add_digest(EVP_sha3_384());
EVP_add_digest(EVP_sha3_512());
#endif
#ifndef OPENSSL_NO_SM3
EVP_add_digest(EVP_sm3());
#endif
#ifndef OPENSSL_NO_WHIRLPOOL
EVP_add_digest(EVP_whirlpool());
#endif
}
void
OpenSSL_add_all_digests(void)
{
static pthread_once_t add_all_digests_once = PTHREAD_ONCE_INIT;
(void) pthread_once(&add_all_digests_once, OpenSSL_add_all_digests_internal);
}
void
OPENSSL_add_all_algorithms_noconf(void)
{
OpenSSL_add_all_ciphers();
OpenSSL_add_all_digests();
}
void
OPENSSL_add_all_algorithms_conf(void)
{
OPENSSL_add_all_algorithms_noconf();
OPENSSL_config(NULL);
}

1838
lib/libcrypto/evp/evp_names.c Normal file
View File

File diff suppressed because it is too large Load Diff

239
lib/libcrypto/evp/names.c
View File

@ -1,239 +0,0 @@
/* $OpenBSD: names.c,v 1.22 2023/12/15 14:22:10 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
* The implementation was written so as to conform with Netscapes SSL.
*
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
*
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* "This product includes cryptographic software written by
* Eric Young (eay@cryptsoft.com)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
* 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
*
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
#include <stdio.h>
#include <openssl/evp.h>
#include <openssl/objects.h>
#include <openssl/x509.h>
#include "evp_local.h"
extern int obj_cleanup_defer;
void check_defer(int nid);
int
EVP_add_cipher(const EVP_CIPHER *c)
{
int r;
if (c == NULL)
return 0;
r = OBJ_NAME_add(OBJ_nid2sn(c->nid), OBJ_NAME_TYPE_CIPHER_METH,
(const char *)c);
if (r == 0)
return (0);
check_defer(c->nid);
r = OBJ_NAME_add(OBJ_nid2ln(c->nid), OBJ_NAME_TYPE_CIPHER_METH,
(const char *)c);
return (r);
}
int
EVP_add_digest(const EVP_MD *md)
{
int r;
const char *name;
name = OBJ_nid2sn(md->type);
r = OBJ_NAME_add(name, OBJ_NAME_TYPE_MD_METH, (const char *)md);
if (r == 0)
return (0);
check_defer(md->type);
r = OBJ_NAME_add(OBJ_nid2ln(md->type), OBJ_NAME_TYPE_MD_METH,
(const char *)md);
if (r == 0)
return (0);
if (md->pkey_type && md->type != md->pkey_type) {
r = OBJ_NAME_add(OBJ_nid2sn(md->pkey_type),
OBJ_NAME_TYPE_MD_METH|OBJ_NAME_ALIAS, name);
if (r == 0)
return (0);
check_defer(md->pkey_type);
r = OBJ_NAME_add(OBJ_nid2ln(md->pkey_type),
OBJ_NAME_TYPE_MD_METH|OBJ_NAME_ALIAS, name);
}
return (r);
}
const EVP_CIPHER *
EVP_get_cipherbyname(const char *name)
{
if (!OPENSSL_init_crypto(0, NULL))
return NULL;
return (const EVP_CIPHER *)OBJ_NAME_get(name, OBJ_NAME_TYPE_CIPHER_METH);
}
const EVP_MD *
EVP_get_digestbyname(const char *name)
{
if (!OPENSSL_init_crypto(0, NULL))
return NULL;
return (const EVP_MD *)OBJ_NAME_get(name, OBJ_NAME_TYPE_MD_METH);
}
void
EVP_cleanup(void)
{
OBJ_NAME_cleanup(OBJ_NAME_TYPE_CIPHER_METH);
OBJ_NAME_cleanup(OBJ_NAME_TYPE_MD_METH);
/* The above calls will only clean out the contents of the name
hash table, but not the hash table itself. The following line
does that part. -- Richard Levitte */
OBJ_NAME_cleanup(-1);
if (obj_cleanup_defer == 2) {
obj_cleanup_defer = 0;
OBJ_cleanup();
}
}
struct doall_cipher {
void *arg;
void (*fn)(const EVP_CIPHER *ciph, const char *from, const char *to,
void *arg);
};
static void
do_all_cipher_fn(const OBJ_NAME *nm, void *arg)
{
struct doall_cipher *dc = arg;
if (nm->alias)
dc->fn(NULL, nm->name, nm->data, dc->arg);
else
dc->fn((const EVP_CIPHER *)nm->data, nm->name, NULL, dc->arg);
}
void
EVP_CIPHER_do_all(void (*fn)(const EVP_CIPHER *ciph, const char *from,
const char *to, void *x), void *arg)
{
struct doall_cipher dc;
/* Prayer and clean living lets you ignore errors, OpenSSL style */
(void) OPENSSL_init_crypto(0, NULL);
dc.fn = fn;
dc.arg = arg;
OBJ_NAME_do_all(OBJ_NAME_TYPE_CIPHER_METH, do_all_cipher_fn, &dc);
}
void
EVP_CIPHER_do_all_sorted(void (*fn)(const EVP_CIPHER *ciph, const char *from,
const char *to, void *x), void *arg)
{
struct doall_cipher dc;
/* Prayer and clean living lets you ignore errors, OpenSSL style */
(void) OPENSSL_init_crypto(0, NULL);
dc.fn = fn;
dc.arg = arg;
OBJ_NAME_do_all_sorted(OBJ_NAME_TYPE_CIPHER_METH,
do_all_cipher_fn, &dc);
}
struct doall_md {
void *arg;
void (*fn)(const EVP_MD *ciph, const char *from, const char *to,
void *arg);
};
static void
do_all_md_fn(const OBJ_NAME *nm, void *arg)
{
struct doall_md *dc = arg;
if (nm->alias)
dc->fn(NULL, nm->name, nm->data, dc->arg);
else
dc->fn((const EVP_MD *)nm->data, nm->name, NULL, dc->arg);
}
void
EVP_MD_do_all(void (*fn)(const EVP_MD *md, const char *from, const char *to,
void *x), void *arg)
{
struct doall_md dc;
/* Prayer and clean living lets you ignore errors, OpenSSL style */
(void) OPENSSL_init_crypto(0, NULL);
dc.fn = fn;
dc.arg = arg;
OBJ_NAME_do_all(OBJ_NAME_TYPE_MD_METH, do_all_md_fn, &dc);
}
void
EVP_MD_do_all_sorted(void (*fn)(const EVP_MD *md,
const char *from, const char *to, void *x), void *arg)
{
struct doall_md dc;
/* Prayer and clean living lets you ignore errors, OpenSSL style */
(void) OPENSSL_init_crypto(0, NULL);
dc.fn = fn;
dc.arg = arg;
OBJ_NAME_do_all_sorted(OBJ_NAME_TYPE_MD_METH, do_all_md_fn, &dc);
}

139
lib/libcrypto/evp/pmeth_lib.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: pmeth_lib.c,v 1.36 2024/01/04 20:15:01 tb Exp $ */
/* $OpenBSD: pmeth_lib.c,v 1.37 2024/01/13 12:46:59 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 2006.
*/
@ -101,14 +101,14 @@ static const EVP_PKEY_METHOD *pkey_methods[] = {
#define N_PKEY_METHODS (sizeof(pkey_methods) / sizeof(pkey_methods[0]))
const EVP_PKEY_METHOD *
EVP_PKEY_meth_find(int type)
static const EVP_PKEY_METHOD *
evp_pkey_method_find(int nid)
{
size_t i;
for (i = 0; i < N_PKEY_METHODS; i++) {
const EVP_PKEY_METHOD *pmeth = pkey_methods[i];
if (pmeth->pkey_id == type)
if (pmeth->pkey_id == nid)
return pmeth;
}
@ -116,18 +116,18 @@ EVP_PKEY_meth_find(int type)
}
static EVP_PKEY_CTX *
evp_pkey_ctx_new(EVP_PKEY *pkey, int id)
evp_pkey_ctx_new(EVP_PKEY *pkey, int nid)
{
EVP_PKEY_CTX *pkey_ctx = NULL;
const EVP_PKEY_METHOD *pmeth;
if (id == -1) {
if (nid == -1) {
if (pkey == NULL || pkey->ameth == NULL)
return NULL;
id = pkey->ameth->pkey_id;
nid = pkey->ameth->pkey_id;
}
if ((pmeth = EVP_PKEY_meth_find(id)) == NULL) {
if ((pmeth = evp_pkey_method_find(nid)) == NULL) {
EVPerror(EVP_R_UNSUPPORTED_ALGORITHM);
goto err;
}
@ -154,50 +154,6 @@ evp_pkey_ctx_new(EVP_PKEY *pkey, int id)
return NULL;
}
EVP_PKEY_METHOD*
EVP_PKEY_meth_new(int id, int flags)
{
EVP_PKEY_METHOD *pmeth;
if ((pmeth = calloc(1, sizeof(EVP_PKEY_METHOD))) == NULL)
return NULL;
pmeth->pkey_id = id;
pmeth->flags = flags | EVP_PKEY_FLAG_DYNAMIC;
return pmeth;
}
void
EVP_PKEY_meth_get0_info(int *ppkey_id, int *pflags, const EVP_PKEY_METHOD *meth)
{
if (ppkey_id)
*ppkey_id = meth->pkey_id;
if (pflags)
*pflags = meth->flags;
}
void
EVP_PKEY_meth_copy(EVP_PKEY_METHOD *dst, const EVP_PKEY_METHOD *src)
{
EVP_PKEY_METHOD preserve;
preserve.pkey_id = dst->pkey_id;
preserve.flags = dst->flags;
*dst = *src;
dst->pkey_id = preserve.pkey_id;
dst->flags = preserve.flags;
}
void
EVP_PKEY_meth_free(EVP_PKEY_METHOD *pmeth)
{
if (pmeth && (pmeth->flags & EVP_PKEY_FLAG_DYNAMIC))
free(pmeth);
}
EVP_PKEY_CTX *
EVP_PKEY_CTX_new(EVP_PKEY *pkey, ENGINE *engine)
{
@ -205,9 +161,9 @@ EVP_PKEY_CTX_new(EVP_PKEY *pkey, ENGINE *engine)
}
EVP_PKEY_CTX *
EVP_PKEY_CTX_new_id(int id, ENGINE *engine)
EVP_PKEY_CTX_new_id(int nid, ENGINE *engine)
{
return evp_pkey_ctx_new(NULL, id);
return evp_pkey_ctx_new(NULL, nid);
}
EVP_PKEY_CTX *
@ -241,13 +197,6 @@ EVP_PKEY_CTX_dup(EVP_PKEY_CTX *pctx)
return NULL;
}
int
EVP_PKEY_meth_add0(const EVP_PKEY_METHOD *pmeth)
{
EVPerror(ERR_R_DISABLED);
return 0;
}
void
EVP_PKEY_CTX_free(EVP_PKEY_CTX *ctx)
{
@ -399,25 +348,62 @@ EVP_PKEY_CTX_get_app_data(EVP_PKEY_CTX *ctx)
return ctx->app_data;
}
/*
* Remove all the functions below in the next major bump
*/
const EVP_PKEY_METHOD *
EVP_PKEY_meth_find(int type)
{
EVPerror(ERR_R_DISABLED);
return NULL;
}
EVP_PKEY_METHOD*
EVP_PKEY_meth_new(int id, int flags)
{
EVPerror(ERR_R_DISABLED);
return NULL;
}
void
EVP_PKEY_meth_get0_info(int *ppkey_id, int *pflags, const EVP_PKEY_METHOD *meth)
{
}
void
EVP_PKEY_meth_copy(EVP_PKEY_METHOD *dst, const EVP_PKEY_METHOD *src)
{
}
void
EVP_PKEY_meth_free(EVP_PKEY_METHOD *pmeth)
{
}
int
EVP_PKEY_meth_add0(const EVP_PKEY_METHOD *pmeth)
{
EVPerror(ERR_R_DISABLED);
return 0;
}
void
EVP_PKEY_meth_set_init(EVP_PKEY_METHOD *pmeth,
int (*init)(EVP_PKEY_CTX *ctx))
{
pmeth->init = init;
}
void
EVP_PKEY_meth_set_copy(EVP_PKEY_METHOD *pmeth,
int (*copy)(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src))
{
pmeth->copy = copy;
}
void
EVP_PKEY_meth_set_cleanup(EVP_PKEY_METHOD *pmeth,
void (*cleanup)(EVP_PKEY_CTX *ctx))
{
pmeth->cleanup = cleanup;
}
void
@ -425,8 +411,6 @@ EVP_PKEY_meth_set_paramgen(EVP_PKEY_METHOD *pmeth,
int (*paramgen_init)(EVP_PKEY_CTX *ctx),
int (*paramgen)(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey))
{
pmeth->paramgen_init = paramgen_init;
pmeth->paramgen = paramgen;
}
void
@ -434,8 +418,6 @@ EVP_PKEY_meth_set_keygen(EVP_PKEY_METHOD *pmeth,
int (*keygen_init)(EVP_PKEY_CTX *ctx),
int (*keygen)(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey))
{
pmeth->keygen_init = keygen_init;
pmeth->keygen = keygen;
}
void
@ -444,8 +426,6 @@ EVP_PKEY_meth_set_sign(EVP_PKEY_METHOD *pmeth,
int (*sign)(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
const unsigned char *tbs, size_t tbslen))
{
pmeth->sign_init = sign_init;
pmeth->sign = sign;
}
void
@ -454,8 +434,6 @@ EVP_PKEY_meth_set_verify(EVP_PKEY_METHOD *pmeth,
int (*verify)(EVP_PKEY_CTX *ctx, const unsigned char *sig, size_t siglen,
const unsigned char *tbs, size_t tbslen))
{
pmeth->verify_init = verify_init;
pmeth->verify = verify;
}
void
@ -465,8 +443,6 @@ EVP_PKEY_meth_set_verify_recover(EVP_PKEY_METHOD *pmeth,
unsigned char *sig, size_t *siglen,
const unsigned char *tbs, size_t tbslen))
{
pmeth->verify_recover_init = verify_recover_init;
pmeth->verify_recover = verify_recover;
}
void
@ -475,8 +451,6 @@ EVP_PKEY_meth_set_signctx(EVP_PKEY_METHOD *pmeth,
int (*signctx)(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
EVP_MD_CTX *mctx))
{
pmeth->signctx_init = signctx_init;
pmeth->signctx = signctx;
}
void
@ -485,8 +459,6 @@ EVP_PKEY_meth_set_verifyctx(EVP_PKEY_METHOD *pmeth,
int (*verifyctx)(EVP_PKEY_CTX *ctx, const unsigned char *sig, int siglen,
EVP_MD_CTX *mctx))
{
pmeth->verifyctx_init = verifyctx_init;
pmeth->verifyctx = verifyctx;
}
void
@ -495,8 +467,6 @@ EVP_PKEY_meth_set_encrypt(EVP_PKEY_METHOD *pmeth,
int (*encryptfn)(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
const unsigned char *in, size_t inlen))
{
pmeth->encrypt_init = encrypt_init;
pmeth->encrypt = encryptfn;
}
void
@ -505,8 +475,6 @@ EVP_PKEY_meth_set_decrypt(EVP_PKEY_METHOD *pmeth,
int (*decrypt)(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
const unsigned char *in, size_t inlen))
{
pmeth->decrypt_init = decrypt_init;
pmeth->decrypt = decrypt;
}
void
@ -514,8 +482,6 @@ EVP_PKEY_meth_set_derive(EVP_PKEY_METHOD *pmeth,
int (*derive_init)(EVP_PKEY_CTX *ctx),
int (*derive)(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen))
{
pmeth->derive_init = derive_init;
pmeth->derive = derive;
}
void
@ -523,26 +489,21 @@ EVP_PKEY_meth_set_ctrl(EVP_PKEY_METHOD *pmeth,
int (*ctrl)(EVP_PKEY_CTX *ctx, int type, int p1, void *p2),
int (*ctrl_str)(EVP_PKEY_CTX *ctx, const char *type, const char *value))
{
pmeth->ctrl = ctrl;
pmeth->ctrl_str = ctrl_str;
}
void
EVP_PKEY_meth_set_check(EVP_PKEY_METHOD *pmeth, int (*check)(EVP_PKEY *pkey))
{
pmeth->check = check;
}
void
EVP_PKEY_meth_set_public_check(EVP_PKEY_METHOD *pmeth,
int (*public_check)(EVP_PKEY *pkey))
{
pmeth->public_check = public_check;
}
void
EVP_PKEY_meth_set_param_check(EVP_PKEY_METHOD *pmeth,
int (*param_check)(EVP_PKEY *pkey))
{
pmeth->param_check = param_check;
}

69
lib/libcrypto/man/OBJ_create.3
View File

@ -1,4 +1,4 @@
.\" $OpenBSD: OBJ_create.3,v 1.8 2023/09/06 12:26:59 schwarze Exp $
.\" $OpenBSD: OBJ_create.3,v 1.9 2024/01/13 19:06:20 tb Exp $
.\" full merge up to:
.\" OpenSSL OBJ_nid2obj.pod 9b86974e Aug 17 15:21:33 2015 -0400
.\" selective merge up to:
@ -69,7 +69,7 @@
.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
.\" OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
.Dd $Mdocdate: September 6 2023 $
.Dd $Mdocdate: January 13 2024 $
.Dt OBJ_CREATE 3
.Os
.Sh NAME
@ -78,9 +78,7 @@
.Nm OBJ_create ,
.\" OBJ_create_and_add_object is a deprecated, unused alias for OBJ_create(3).
.Nm OBJ_create_objects ,
.Nm obj_cleanup_defer ,
.Nm OBJ_cleanup ,
.Nm check_defer
.Nm OBJ_cleanup
.Nd modify the table of ASN.1 object identifiers
.Sh SYNOPSIS
.In openssl/objects.h
@ -96,11 +94,8 @@
.Fc
.Ft int
.Fn OBJ_create_objects "BIO *in_bio"
.Vt extern int obj_cleanup_defer ;
.Ft void
.Fn OBJ_cleanup void
.Ft void
.Fn check_defer "int nid"
.Sh DESCRIPTION
.Fn OBJ_new_nid
returns the smallest currently unassigned ASN.1 numeric
@ -154,16 +149,6 @@ or a similar function and then calling
.Xr ASN1_OBJECT_free 3
on the returned pointer will have no effect.
.Pp
The global variable
.Va obj_cleanup_defer
controls the behaviour of
.Fn OBJ_cleanup
and
.Xr EVP_cleanup 3 .
.Pp
If
.Va obj_cleanup_defer
has the default value of 0,
.Fn OBJ_cleanup
resets the internal object table to its default state,
removing and freeing all objects that were added with
@ -171,47 +156,6 @@ removing and freeing all objects that were added with
.Fn OBJ_create ,
or
.Fn OBJ_create_objects .
Otherwise,
.Fn OBJ_cleanup
only sets
.Va obj_cleanup_defer
to 2, which defers the cleanup of the internal object table
to the next call of
.Xr EVP_cleanup 3 .
.Pp
By default,
.Xr EVP_cleanup 3
has no effect on the internal object table.
Only if
.Va obj_cleanup_defer
is 2, it resets
.Va obj_cleanup_defer
to 0 and calls
.Fn OBJ_cleanup ,
which then resets the table to its default state.
.Pp
The function
.Fn check_defer
sets
.Va obj_cleanup_defer
to 1 unless
.Fa nid
is a built-in numeric identifier, but it has no effect if
.Va obj_cleanup_defer
already differs from 0.
This function is called internally by various functions
in the EVP library, in particular by subroutines of
.Xr OpenSSL_add_all_ciphers 3
and
.Xr OpenSSL_add_all_digests 3 .
.Pp
To reliably reset the internal object table no matter what the
current state may be, an application program needs to call both
.Fn OBJ_cleanup
and
.Xr EVP_cleanup 3 ,
in this order.
The opposite order will usually not work.
.Sh RETURN VALUES
.Fn OBJ_new_nid
returns the new NID.
@ -256,7 +200,6 @@ obj = OBJ_nid2obj(new_nid);
.Ed
.Sh SEE ALSO
.Xr ASN1_OBJECT_new 3 ,
.Xr EVP_cleanup 3 ,
.Xr OBJ_NAME_add 3 ,
.Xr OBJ_nid2obj 3
.Sh HISTORY
@ -269,12 +212,6 @@ first appeared in SSLeay 0.8.0 and
in SSLeay 0.9.0.
These functions have been available since
.Ox 2.4 .
.Pp
.Va obj_cleanup_defer
and
.Fn check_defer
first appeared in OpenSSL 1.0.0 and have been available since
.Ox 4.9 .
.Sh CAVEATS
.Fn OBJ_add_object
indicates success even after adding an incomplete object that was created with

363
lib/libcrypto/objects/o_names.c
View File

@ -1,363 +0,0 @@
/* $OpenBSD: o_names.c,v 1.24 2023/07/08 12:27:51 beck Exp $ */
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <openssl/opensslconf.h>
#include <openssl/err.h>
#include <openssl/lhash.h>
#include <openssl/objects.h>
#include <openssl/safestack.h>
/* I use the ex_data stuff to manage the identifiers for the obj_name_types
* that applications may define. I only really use the free function field.
*/
DECLARE_LHASH_OF(OBJ_NAME);
static LHASH_OF(OBJ_NAME) *names_lh = NULL;
static int names_type_num = OBJ_NAME_TYPE_NUM;
typedef struct name_funcs_st {
unsigned long (*hash_func)(const char *name);
int (*cmp_func)(const char *a, const char *b);
void (*free_func)(const char *, int, const char *);
} NAME_FUNCS;
DECLARE_STACK_OF(NAME_FUNCS)
static STACK_OF(NAME_FUNCS) *name_funcs_stack;
/* The LHASH callbacks now use the raw "void *" prototypes and do per-variable
* casting in the functions. This prevents function pointer casting without the
* need for macro-generated wrapper functions. */
/* static unsigned long obj_name_hash(OBJ_NAME *a); */
static unsigned long obj_name_hash(const void *a_void);
/* static int obj_name_cmp(OBJ_NAME *a,OBJ_NAME *b); */
static int obj_name_cmp(const void *a_void, const void *b_void);
static IMPLEMENT_LHASH_HASH_FN(obj_name, OBJ_NAME)
static IMPLEMENT_LHASH_COMP_FN(obj_name, OBJ_NAME)
int
OBJ_NAME_init(void)
{
if (names_lh != NULL)
return (1);
names_lh = lh_OBJ_NAME_new();
return (names_lh != NULL);
}
LCRYPTO_ALIAS(OBJ_NAME_init);
int
OBJ_NAME_new_index(unsigned long (*hash_func)(const char *),
int (*cmp_func)(const char *, const char *),
void (*free_func)(const char *, int, const char *))
{
int ret;
int i;
NAME_FUNCS *name_funcs;
if (name_funcs_stack == NULL)
name_funcs_stack = sk_NAME_FUNCS_new_null();
if (name_funcs_stack == NULL)
return (0);
ret = names_type_num;
names_type_num++;
for (i = sk_NAME_FUNCS_num(name_funcs_stack); i < names_type_num; i++) {
name_funcs = malloc(sizeof(NAME_FUNCS));
if (!name_funcs) {
OBJerror(ERR_R_MALLOC_FAILURE);
return (0);
}
name_funcs->hash_func = lh_strhash;
name_funcs->cmp_func = strcmp;
name_funcs->free_func = NULL;
if (sk_NAME_FUNCS_push(name_funcs_stack, name_funcs) == 0) {
free(name_funcs);
OBJerror(ERR_R_MALLOC_FAILURE);
return (0);
}
}
name_funcs = sk_NAME_FUNCS_value(name_funcs_stack, ret);
if (hash_func != NULL)
name_funcs->hash_func = hash_func;
if (cmp_func != NULL)
name_funcs->cmp_func = cmp_func;
if (free_func != NULL)
name_funcs->free_func = free_func;
return (ret);
}
LCRYPTO_ALIAS(OBJ_NAME_new_index);
/* static int obj_name_cmp(OBJ_NAME *a, OBJ_NAME *b) */
static int
obj_name_cmp(const void *a_void, const void *b_void)
{
int ret;
const OBJ_NAME *a = (const OBJ_NAME *)a_void;
const OBJ_NAME *b = (const OBJ_NAME *)b_void;
ret = a->type - b->type;
if (ret == 0) {
if ((name_funcs_stack != NULL) &&
(sk_NAME_FUNCS_num(name_funcs_stack) > a->type)) {
ret = sk_NAME_FUNCS_value(name_funcs_stack,
a->type)->cmp_func(a->name, b->name);
} else
ret = strcmp(a->name, b->name);
}
return (ret);
}
/* static unsigned long obj_name_hash(OBJ_NAME *a) */
static unsigned long
obj_name_hash(const void *a_void)
{
unsigned long ret;
const OBJ_NAME *a = (const OBJ_NAME *)a_void;
if ((name_funcs_stack != NULL) &&
(sk_NAME_FUNCS_num(name_funcs_stack) > a->type)) {
ret = sk_NAME_FUNCS_value(name_funcs_stack,
a->type)->hash_func(a->name);
} else {
ret = lh_strhash(a->name);
}
ret ^= a->type;
return (ret);
}
const char *
OBJ_NAME_get(const char *name, int type)
{
OBJ_NAME on, *ret;
int num = 0, alias;
if (name == NULL)
return (NULL);
if ((names_lh == NULL) && !OBJ_NAME_init())
return (NULL);
alias = type&OBJ_NAME_ALIAS;
type&= ~OBJ_NAME_ALIAS;
on.name = name;
on.type = type;
for (;;) {
ret = lh_OBJ_NAME_retrieve(names_lh, &on);
if (ret == NULL)
return (NULL);
if ((ret->alias) && !alias) {
if (++num > 10)
return (NULL);
on.name = ret->data;
} else {
return (ret->data);
}
}
}
LCRYPTO_ALIAS(OBJ_NAME_get);
int
OBJ_NAME_add(const char *name, int type, const char *data)
{
OBJ_NAME *onp, *ret;
int alias;
if ((names_lh == NULL) && !OBJ_NAME_init())
return (0);
alias = type & OBJ_NAME_ALIAS;
type &= ~OBJ_NAME_ALIAS;
onp = malloc(sizeof(OBJ_NAME));
if (onp == NULL) {
/* ERROR */
return (0);
}
onp->name = name;
onp->alias = alias;
onp->type = type;
onp->data = data;
ret = lh_OBJ_NAME_insert(names_lh, onp);
if (ret != NULL) {
/* free things */
if ((name_funcs_stack != NULL) &&
(sk_NAME_FUNCS_num(name_funcs_stack) > ret->type)) {
/* XXX: I'm not sure I understand why the free
* function should get three arguments...
* -- Richard Levitte
*/
sk_NAME_FUNCS_value(
name_funcs_stack, ret->type)->free_func(
ret->name, ret->type, ret->data);
}
free(ret);
} else {
if (lh_OBJ_NAME_error(names_lh)) {
free(onp);
/* ERROR */
return (0);
}
}
return (1);
}
LCRYPTO_ALIAS(OBJ_NAME_add);
int
OBJ_NAME_remove(const char *name, int type)
{
OBJ_NAME on, *ret;
if (names_lh == NULL)
return (0);
type &= ~OBJ_NAME_ALIAS;
on.name = name;
on.type = type;
ret = lh_OBJ_NAME_delete(names_lh, &on);
if (ret != NULL) {
/* free things */
if ((name_funcs_stack != NULL) &&
(sk_NAME_FUNCS_num(name_funcs_stack) > ret->type)) {
/* XXX: I'm not sure I understand why the free
* function should get three arguments...
* -- Richard Levitte
*/
sk_NAME_FUNCS_value(
name_funcs_stack, ret->type)->free_func(
ret->name, ret->type, ret->data);
}
free(ret);
return (1);
} else
return (0);
}
LCRYPTO_ALIAS(OBJ_NAME_remove);
struct doall {
int type;
void (*fn)(const OBJ_NAME *, void *arg);
void *arg;
};
static void
do_all_fn_doall_arg(const OBJ_NAME *name, struct doall *d)
{
if (name->type == d->type)
d->fn(name, d->arg);
}
static IMPLEMENT_LHASH_DOALL_ARG_FN(do_all_fn, const OBJ_NAME, struct doall)
void
OBJ_NAME_do_all(int type, void (*fn)(const OBJ_NAME *, void *arg), void *arg)
{
struct doall d;
d.type = type;
d.fn = fn;
d.arg = arg;
lh_OBJ_NAME_doall_arg(names_lh, LHASH_DOALL_ARG_FN(do_all_fn),
struct doall, &d);
}
LCRYPTO_ALIAS(OBJ_NAME_do_all);
struct doall_sorted {
int type;
int n;
const OBJ_NAME **names;
};
static void
do_all_sorted_fn(const OBJ_NAME *name, void *d_)
{
struct doall_sorted *d = d_;
if (name->type != d->type)
return;
d->names[d->n++] = name;
}
static int
do_all_sorted_cmp(const void *n1_, const void *n2_)
{
const OBJ_NAME * const *n1 = n1_;
const OBJ_NAME * const *n2 = n2_;
return strcmp((*n1)->name, (*n2)->name);
}
void
OBJ_NAME_do_all_sorted(int type, void (*fn)(const OBJ_NAME *, void *arg),
void *arg)
{
struct doall_sorted d;
int n;
d.type = type;
d.names = reallocarray(NULL, lh_OBJ_NAME_num_items(names_lh),
sizeof *d.names);
d.n = 0;
if (d.names != NULL) {
OBJ_NAME_do_all(type, do_all_sorted_fn, &d);
qsort((void *)d.names, d.n, sizeof *d.names, do_all_sorted_cmp);
for (n = 0; n < d.n; ++n)
fn(d.names[n], arg);
free(d.names);
}
}
LCRYPTO_ALIAS(OBJ_NAME_do_all_sorted);
static int free_type;
static void
names_lh_free_doall(OBJ_NAME *onp)
{
if (onp == NULL)
return;
if (free_type < 0 || free_type == onp->type)
OBJ_NAME_remove(onp->name, onp->type);
}
static IMPLEMENT_LHASH_DOALL_FN(names_lh_free, OBJ_NAME)
static void
name_funcs_free(NAME_FUNCS *ptr)
{
free(ptr);
}
void
OBJ_NAME_cleanup(int type)
{
unsigned long down_load;
if (names_lh == NULL)
return;
free_type = type;
down_load = lh_OBJ_NAME_down_load(names_lh);
lh_OBJ_NAME_down_load(names_lh) = 0;
lh_OBJ_NAME_doall(names_lh, LHASH_DOALL_FN(names_lh_free));
if (type < 0) {
lh_OBJ_NAME_free(names_lh);
sk_NAME_FUNCS_pop_free(name_funcs_stack, name_funcs_free);
names_lh = NULL;
name_funcs_stack = NULL;
} else
lh_OBJ_NAME_down_load(names_lh) = down_load;
}
LCRYPTO_ALIAS(OBJ_NAME_cleanup);

20
lib/libcrypto/objects/obj_dat.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: obj_dat.c,v 1.82 2023/12/15 01:51:23 tb Exp $ */
/* $OpenBSD: obj_dat.c,v 1.84 2024/01/13 11:57:51 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@ -183,27 +183,9 @@ static IMPLEMENT_LHASH_DOALL_FN(cleanup1, ADDED_OBJ)
static IMPLEMENT_LHASH_DOALL_FN(cleanup2, ADDED_OBJ)
static IMPLEMENT_LHASH_DOALL_FN(cleanup3, ADDED_OBJ)
/* The purpose of obj_cleanup_defer is to avoid EVP_cleanup() attempting
* to use freed up OIDs. If necessary the actual freeing up of OIDs is
* delayed.
*/
int obj_cleanup_defer = 0;
void
check_defer(int nid)
{
if (!obj_cleanup_defer && nid >= NUM_NID)
obj_cleanup_defer = 1;
}
void
OBJ_cleanup(void)
{
if (obj_cleanup_defer) {
obj_cleanup_defer = 2;
return;
}
if (added == NULL)
return;
lh_ADDED_OBJ_down_load(added) = 0;

5
lib/libcrypto/stack/stack.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: stack.c,v 1.23 2023/04/24 15:35:22 beck Exp $ */
/* $OpenBSD: stack.c,v 1.24 2024/01/13 16:32:53 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@ -56,6 +56,7 @@
* [including the GNU Public Licence.]
*/
#include <errno.h>
#include <stdio.h>
#include <string.h>
@ -65,8 +66,6 @@
#undef MIN_NODES
#define MIN_NODES 4
#include <errno.h>
int
(*sk_set_cmp_func(_STACK *sk, int (*c)(const void *, const void *)))(
const void *, const void *)

76
lib/libcrypto/x509/x509_trs.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: x509_trs.c,v 1.39 2024/01/10 21:34:53 tb Exp $ */
/* $OpenBSD: x509_trs.c,v 1.40 2024/01/13 19:57:38 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 1999.
*/
@ -64,6 +64,7 @@
#include <openssl/x509.h>
#include <openssl/x509v3.h>
#include "crypto_internal.h"
#include "x509_local.h"
static int
@ -129,7 +130,7 @@ trust_1oid(X509_TRUST *trust, X509 *x, int flags)
* value to get an index into the table
*/
static X509_TRUST trstandard[] = {
static const X509_TRUST trstandard[] = {
{
.trust = X509_TRUST_COMPAT,
.check_trust = trust_compat,
@ -181,27 +182,17 @@ static X509_TRUST trstandard[] = {
#define X509_TRUST_COUNT (sizeof(trstandard) / sizeof(trstandard[0]))
static int (*default_trust)(int id, X509 *x, int flags) = obj_trust;
CTASSERT(X509_TRUST_MIN == 1 && X509_TRUST_MAX == X509_TRUST_COUNT);
int
(*X509_TRUST_set_default(int (*trust)(int , X509 *, int)))(int, X509 *, int)
X509_check_trust(X509 *x, int trust_id, int flags)
{
int (*oldtrust)(int , X509 *, int);
oldtrust = default_trust;
default_trust = trust;
return oldtrust;
}
LCRYPTO_ALIAS(X509_TRUST_set_default);
int
X509_check_trust(X509 *x, int id, int flags)
{
X509_TRUST *pt;
const X509_TRUST *trust;
int idx;
if (id == -1)
if (trust_id == -1)
return 1;
/*
* XXX beck/jsing This enables self signed certs to be trusted for
* an unspecified id/trust flag value (this is NOT the
@ -211,21 +202,36 @@ X509_check_trust(X509 *x, int id, int flags)
* This should be revisited, but changing the default "not default"
* may break things.
*/
if (id == 0) {
if (trust_id == 0) {
int rv;
rv = obj_trust(NID_anyExtendedKeyUsage, x, 0);
if (rv != X509_TRUST_UNTRUSTED)
return rv;
return trust_compat(NULL, x, 0);
}
idx = X509_TRUST_get_by_id(id);
if (idx == -1)
return default_trust(id, x, flags);
pt = X509_TRUST_get0(idx);
return pt->check_trust(pt, x, flags);
if (trust_id < X509_TRUST_MIN || trust_id > X509_TRUST_MAX)
return obj_trust(trust_id, x, flags);
idx = trust_id - X509_TRUST_MIN;
trust = &trstandard[idx];
return trust->check_trust((X509_TRUST *)trust, x, flags);
}
LCRYPTO_ALIAS(X509_check_trust);
/*
* Remove all the functions below in the next bump.
*/
int
(*X509_TRUST_set_default(int (*trust)(int , X509 *, int)))(int, X509 *, int)
{
X509error(ERR_R_DISABLED);
return NULL;
}
LCRYPTO_ALIAS(X509_TRUST_set_default);
int
X509_TRUST_get_count(void)
{
@ -236,36 +242,24 @@ LCRYPTO_ALIAS(X509_TRUST_get_count);
X509_TRUST *
X509_TRUST_get0(int idx)
{
if (idx < 0 || (size_t)idx >= X509_TRUST_COUNT)
return NULL;
return &trstandard[idx];
X509error(ERR_R_DISABLED);
return NULL;
}
LCRYPTO_ALIAS(X509_TRUST_get0);
int
X509_TRUST_get_by_id(int id)
{
/*
* Ensure the trust identifier is between MIN and MAX inclusive.
* If so, translate it into an index into the trstandard[] table.
*/
if (id < X509_TRUST_MIN || id > X509_TRUST_MAX)
return -1;
return id - X509_TRUST_MIN;
X509error(ERR_R_DISABLED);
return -1;
}
LCRYPTO_ALIAS(X509_TRUST_get_by_id);
int
X509_TRUST_set(int *t, int trust)
{
if (X509_TRUST_get_by_id(trust) == -1) {
X509error(X509_R_INVALID_TRUST);
return 0;
}
*t = trust;
return 1;
X509error(ERR_R_DISABLED);
return 0;
}
LCRYPTO_ALIAS(X509_TRUST_set);

27
lib/libssl/man/BIO_f_ssl.3
View File

@ -1,4 +1,4 @@
.\" $OpenBSD: BIO_f_ssl.3,v 1.14 2023/04/11 16:58:43 schwarze Exp $
.\" $OpenBSD: BIO_f_ssl.3,v 1.16 2024/01/13 18:37:51 tb Exp $
.\" full merge up to: OpenSSL f672aee4 Feb 9 11:52:40 2016 -0500
.\" selective merge up to: OpenSSL 61f805c1 Jan 16 01:01:46 2018 +0800
.\"
@ -50,7 +50,7 @@
.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
.\" OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
.Dd $Mdocdate: April 11 2023 $
.Dd $Mdocdate: January 13 2024 $
.Dt BIO_F_SSL 3
.Os
.Sh NAME
@ -491,12 +491,6 @@ char tmpbuf[1024];
SSL_CTX *ctx;
SSL *ssl;
ERR_load_crypto_strings();
ERR_load_SSL_strings();
OpenSSL_add_all_algorithms();
/* Might seed PRNG here */
ctx = SSL_CTX_new(SSLv23_server_method());
if (!SSL_CTX_use_certificate_file(ctx,"server.pem",SSL_FILETYPE_PEM)
@ -613,20 +607,3 @@ and
first appeared in SSLeay 0.9.0.
All these functions have been available since
.Ox 2.4 .
.Pp
In OpenSSL versions before 1.0.0 the
.Xr BIO_pop 3
call was handled incorrectly:
the I/O BIO reference count was incorrectly incremented (instead of
decremented) and dissociated with the
.Vt SSL
.Vt BIO
even if the
.Vt SSL
.Vt BIO
was not
explicitly being popped (e.g., a pop higher up the chain).
Applications which included workarounds for this bug (e.g., freeing BIOs more
than once) should be modified to handle this fix or they may free up an already
freed
.Vt BIO .

125
sys/dev/pci/drm/drm_linux.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: drm_linux.c,v 1.106 2024/01/06 09:33:08 kettenis Exp $ */
/* $OpenBSD: drm_linux.c,v 1.107 2024/01/13 10:00:27 kettenis Exp $ */
/*
* Copyright (c) 2013 Jonathan Gray <jsg@openbsd.org>
* Copyright (c) 2015, 2016 Mark Kettenis <kettenis@openbsd.org>
@ -3360,38 +3360,70 @@ iommu_attach_device(struct iommu_domain *domain, struct device *dev)
#include <linux/component.h>
struct component_match {
struct component {
struct device *dev;
struct device *adev;
const struct component_ops *ops;
SLIST_ENTRY(component) next;
};
SLIST_HEAD(,component) component_list = SLIST_HEAD_INITIALIZER(component_list);
int
component_compare_of(struct device *dev, void *data)
component_add(struct device *dev, const struct component_ops *ops)
{
STUB();
struct component *component;
component = malloc(sizeof(*component), M_DEVBUF, M_WAITOK | M_ZERO);
component->dev = dev;
component->ops = ops;
SLIST_INSERT_HEAD(&component_list, component, next);
return 0;
}
void
drm_of_component_match_add(struct device *master,
struct component_match **matchptr,
int (*compare)(struct device *, void *),
struct device_node *np)
int
component_bind_all(struct device *dev, void *data)
{
struct component_match *match;
struct component *component;
int ret = 0;
if (*matchptr == NULL) {
match = malloc(sizeof(struct component_match),
M_DEVBUF, M_WAITOK | M_ZERO);
match->dev = master;
*matchptr = match;
SLIST_FOREACH(component, &component_list, next) {
if (component->adev == dev) {
ret = component->ops->bind(component->dev, NULL, data);
if (ret)
break;
}
}
return ret;
}
struct component_match {
int (*compare)(struct device *, void *);
void *data;
};
int
component_master_add_with_match(struct device *dev,
const struct component_master_ops *ops, struct component_match *match)
{
ops->bind(match->dev);
struct component *component;
int found = 0;
int ret;
SLIST_FOREACH(component, &component_list, next) {
if (match->compare(component->dev, match->data)) {
component->adev = dev;
found = 1;
}
}
if (found) {
ret = ops->bind(dev);
if (ret)
return ret;
}
return 0;
}
@ -3407,10 +3439,22 @@ LIST_HEAD(, platform_device) pdev_list = LIST_HEAD_INITIALIZER(pdev_list);
void
platform_device_register(struct platform_device *pdev)
{
int i;
pdev->num_resources = pdev->faa->fa_nreg;
if (pdev->faa->fa_nreg > 0) {
pdev->resource = mallocarray(pdev->faa->fa_nreg,
sizeof(*pdev->resource), M_DEVBUF, M_WAITOK | M_ZERO);
for (i = 0; i < pdev->faa->fa_nreg; i++) {
pdev->resource[i].start = pdev->faa->fa_reg[i].addr;
pdev->resource[i].end = pdev->faa->fa_reg[i].addr +
pdev->faa->fa_reg[i].size - 1;
}
}
pdev->parent = pdev->dev.dv_parent;
pdev->node = pdev->faa->fa_node;
pdev->iot = pdev->faa->fa_iot;
pdev->dmat = pdev->faa->fa_dmat;
LIST_INSERT_HEAD(&pdev_list, pdev, next);
}
@ -3419,17 +3463,7 @@ platform_device_register(struct platform_device *pdev)
struct resource *
platform_get_resource(struct platform_device *pdev, u_int type, u_int num)
{
struct fdt_attach_args *faa = pdev->faa;
if (pdev->resource == NULL) {
pdev->resource = mallocarray(pdev->num_resources,
sizeof(*pdev->resource), M_DEVBUF, M_WAITOK | M_ZERO);
}
pdev->resource[num].start = faa->fa_reg[num].addr;
pdev->resource[num].end = faa->fa_reg[num].addr +
faa->fa_reg[num].size - 1;
KASSERT(num < pdev->num_resources);
return &pdev->resource[num];
}
@ -3437,20 +3471,20 @@ void __iomem *
devm_platform_ioremap_resource_byname(struct platform_device *pdev,
const char *name)
{
struct fdt_attach_args *faa = pdev->faa;
bus_space_handle_t ioh;
int err, idx;
idx = OF_getindex(faa->fa_node, name, "reg-names");
if (idx == -1 || idx >= faa->fa_nreg)
idx = OF_getindex(pdev->node, name, "reg-names");
if (idx == -1 || idx >= pdev->num_resources)
return ERR_PTR(-EINVAL);
err = bus_space_map(faa->fa_iot, faa->fa_reg[idx].addr,
faa->fa_reg[idx].size, BUS_SPACE_MAP_LINEAR, &ioh);
err = bus_space_map(pdev->iot, pdev->resource[idx].start,
pdev->resource[idx].end - pdev->resource[idx].start + 1,
BUS_SPACE_MAP_LINEAR, &ioh);
if (err)
return ERR_PTR(-err);
return bus_space_vaddr(faa->fa_iot, ioh);
return bus_space_vaddr(pdev->iot, ioh);
}
#include <dev/ofw/ofw_clock.h>
@ -3812,4 +3846,29 @@ __of_get_child_by_name(void *p, const char *name)
return (struct device_node *)(uintptr_t)child;
}
int
component_compare_of(struct device *dev, void *data)
{
struct platform_device *pdev = (struct platform_device *)dev;
return (pdev->node == (intptr_t)data);
}
void
drm_of_component_match_add(struct device *master,
struct component_match **matchptr,
int (*compare)(struct device *, void *),
struct device_node *np)
{
struct component_match *match;
if (*matchptr == NULL) {
match = malloc(sizeof(struct component_match),
M_DEVBUF, M_WAITOK | M_ZERO);
match->compare = compare;
match->data = np;
*matchptr = match;
}
}
#endif

9
sys/dev/pci/drm/include/linux/component.h
View File

@ -18,15 +18,10 @@ struct component_master_ops {
void (*unbind)(struct device *);
};
int component_add(struct device *, const struct component_ops *);
#define component_del(a, b)
#define component_add(a, b) 0
static inline int
component_bind_all(struct device *dev, void *data)
{
return 0;
}
int component_bind_all(struct device *, void *);
#define component_unbind_all(a, b)
int component_compare_of(struct device *, void *);

1
sys/dev/pci/drm/include/linux/platform_device.h
View File

@ -12,6 +12,7 @@ struct platform_device {
int num_resources;
struct resource *resource;
struct device *parent;
bus_space_tag_t iot;
bus_dma_tag_t dmat;
int node;