Commit graph

60 commits

Author SHA1 Message Date
Dr. Matthias St. Pierre
0c994d54af Reorganize private crypto header files
Currently, there are two different directories which contain internal
header files of libcrypto which are meant to be shared internally:

While header files in 'include/internal' are intended to be shared
between libcrypto and libssl, the files in 'crypto/include/internal'
are intended to be shared inside libcrypto only.

To make things complicated, the include search path is set up in such
a way that the directive #include "internal/file.h" could refer to
a file in either of these two directoroes. This makes it necessary
in some cases to add a '_int.h' suffix to some files to resolve this
ambiguity:

  #include "internal/file.h"      # located in 'include/internal'
  #include "internal/file_int.h"  # located in 'crypto/include/internal'

This commit moves the private crypto headers from

  'crypto/include/internal'  to  'include/crypto'

As a result, the include directives become unambiguous

  #include "internal/file.h"       # located in 'include/internal'
  #include "crypto/file.h"         # located in 'include/crypto'

hence the superfluous '_int.h' suffixes can be stripped.

The files 'store_int.h' and 'store.h' need to be treated specially;
they are joined into a single file.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9681)
2019-09-27 23:57:58 +02:00
Pauli
1f5e0f9280 Use safestack.h exclusively internally.
Remove all stack headers from some includes that don't use them.

Avoid a genearic untyped stack use.

Update stack POD file to include the OPENSSL_sk_ API functions in the notes
section.  They were mentioned in the name section but not defined anywhere.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4430)
2017-09-28 13:14:33 +10:00
Bernd Edlinger
01b76c2c5d Add -Wundef to --strict-warnings options.
Avoid a -Wundef warning in refcount.h
Avoid a -Wundef warning in o_str.c
Avoid a -Wundef warning in testutil.h
Include internal/cryptlib.h before openssl/stack.h
to avoid use of undefined symbol OPENSSL_API_COMPAT.

Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2712)
2017-02-24 09:21:59 +01:00
Richard Levitte
6195848b2e X509_CRL_digest() - ensure precomputed sha1 hash before returning it
X509_CRL_digest() didn't check if the precomputed sha1 hash was actually
present.  This also makes sure there's an appropriate flag to check.

Reviewed-by: Kurt Roeckx <kurt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2314)
2017-01-28 20:07:04 +01:00
Richard Levitte
d62210af2e Fix no-ocsp
The use of EXFLAG_SET requires the inclusion of openssl/x509v3.h.
openssl/ocsp.h does that, except when OCSP is disabled.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2227)
2017-01-13 12:03:25 +01:00
Rich Salz
3e5d9da5fc Make X509_Digest,others public
Also, if want SHA1 then use the pre-computed value if there.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2223)
2017-01-12 16:39:41 -05:00
Rich Salz
b1322259d9 Copyright consolidation 09/10
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-05-17 14:53:16 -04:00
Matt Caswell
3e41ac3528 Fix no-ocsp
Misc fixes for no-ocsp

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-04-06 14:57:45 +01:00
Rich Salz
3c27208fab Remove #error from include files.
Don't have #error statements in header files, but instead wrap
the contents of that file in #ifndef OPENSSL_NO_xxx
This means it is now always safe to include the header file.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-03-20 19:48:36 -04:00
Rich Salz
349807608f Remove /* foo.c */ comments
This was done by the following
        find . -name '*.[ch]' | /tmp/pl
where /tmp/pl is the following three-line script:
        print unless $. == 1 && m@/\* .*\.[ch] \*/@;
        close ARGV if eof; # Close file to reset $.

And then some hand-editing of other files.

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
2016-01-26 16:40:43 -05:00
Dr. Stephen Henson
34a42e1489 embed CRL serial number and signature fields
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-10-15 15:36:58 +01:00
Dr. Stephen Henson
81e4943843 embed certificate serial number and signature fields
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-10-15 15:36:58 +01:00
Dr. Stephen Henson
6e63c142f2 Embed various signature algorithms.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-09-17 17:18:59 +01:00
Dr. Stephen Henson
95ed0e7c1f Embed X509_REQ_INFO
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-09-16 22:33:25 +01:00
Dr. Stephen Henson
5cf6abd805 Embed X509_CINF
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-09-16 22:33:25 +01:00
Dr. Stephen Henson
7aef39a72a X509_CRL_INFO embed
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-09-16 22:17:39 +01:00
Dr. Stephen Henson
124055a96e make X509_REQ opaque
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-08-31 20:58:33 +01:00
Richard Levitte
b39fc56061 Identify and move common internal libcrypto header files
There are header files in crypto/ that are used by a number of crypto/
submodules.  Move those to crypto/include/internal and adapt the
affected source code and Makefiles.

The header files that got moved are:

crypto/cryptolib.h
crypto/md32_common.h

Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-05-14 17:21:40 +02:00
Matt Caswell
0f113f3ee4 Run util/openssl-format-source -v -c .
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22 09:20:09 +00:00
Rich Salz
4b618848f9 Cleanup OPENSSL_NO_xxx, part 1
OPENSSL_NO_RIPEMD160, OPENSSL_NO_RIPEMD merged into OPENSSL_NO_RMD160
OPENSSL_NO_FP_API merged into OPENSSL_NO_STDIO
Two typo's on #endif comments fixed:
	OPENSSL_NO_ECB fixed to OPENSSL_NO_OCB
	OPENSSL_NO_HW_SureWare fixed to OPENSSL_NO_HW_SUREWARE

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-01-14 15:57:28 -05:00
Dr. Stephen Henson
684400ce19 Fix various certificate fingerprint issues.
By using non-DER or invalid encodings outside the signed portion of a
certificate the fingerprint can be changed without breaking the signature.
Although no details of the signed portion of the certificate can be changed
this can cause problems with some applications: e.g. those using the
certificate fingerprint for blacklists.

1. Reject signatures with non zero unused bits.

If the BIT STRING containing the signature has non zero unused bits reject
the signature. All current signature algorithms require zero unused bits.

2. Check certificate algorithm consistency.

Check the AlgorithmIdentifier inside TBS matches the one in the
certificate signature. NB: this will result in signature failure
errors for some broken certificates.

3. Check DSA/ECDSA signatures use DER.

Reencode DSA/ECDSA signatures and compare with the original received
signature. Return an error if there is a mismatch.

This will reject various cases including garbage after signature
(thanks to Antti Karjalainen and Tuomo Untinen from the Codenomicon CROSS
program for discovering this case) and use of BER or invalid ASN.1 INTEGERs
(negative or with leading zeroes).

CVE-2014-8275
Reviewed-by: Emilia Käsper <emilia@openssl.org>
2015-01-05 14:35:19 +00:00
Dr. Stephen Henson
c71fdaed58 Reencode with X509_CRL_ctx_sign too. 2013-06-05 15:06:03 +01:00
Dr. Stephen Henson
c6d8adb8a4 Reencode certificates in X509_sign_ctx.
Reencode certificates in X509_sign_ctx as well as X509_sign.

This was causing a problem in the x509 application when it modified an
existing certificate.
2013-05-02 12:19:40 +01:00
Dr. Stephen Henson
f404278186 add wrapper function for certificate download 2012-11-29 01:15:09 +00:00
Dr. Stephen Henson
6f9076ff37 Generalise OCSP I/O functions to support dowloading of other ASN1
structures using HTTP. Add wrapper function to handle CRL download.
2012-11-28 16:22:53 +00:00
Dr. Stephen Henson
39239280f3 Add call to ENGINE_register_all_complete() to ENGINE_load_builtin_engines(),
this means that some implementations will be used automatically, e.g. aesni,
we do this for cryptodev anyway.

Setup cpuid in ENGINE_load_builtin_engines() too as some ENGINEs use it.
2010-10-03 18:58:09 +00:00
Dr. Stephen Henson
8d207ee3d1 add X509_CRL_sign_ctx function 2010-03-14 12:52:38 +00:00
Nils Larsch
1611b9ed80 remove SSLEAY_MACROS code 2006-11-06 19:53:39 +00:00
Dr. Stephen Henson
010fa0b331 Tidy up CRL handling by checking for critical extensions when it is
loaded. Add new function X509_CRL_get0_by_serial() to lookup a revoked
entry to avoid the need to access the structure directly.

Add new X509_CRL_METHOD to allow common CRL operations (verify, lookup) to be
redirected.
2006-09-21 12:42:15 +00:00
Nils Larsch
3eeaab4bed make
./configure no-deprecated [no-dsa] [no-dh] [no-ec] [no-rsa]
    	make depend all test
work again

PR: 1159
2005-07-16 12:37:36 +00:00
Ben Laurie
41a15c4f0f Give everything prototypes (well, everything that's actually used). 2005-03-31 09:26:39 +00:00
Dr. Stephen Henson
c162b132eb Automatically mark the CRL cached encoding as invalid when some operations
are performed.
2004-12-09 13:35:06 +00:00
Geoff Thorpe
60a938c6bc (oops) Apologies all, that last header-cleanup commit was from the wrong
tree. This further reduces header interdependencies, and makes some
associated cleanups.
2004-04-19 18:09:28 +00:00
Bodo Möller
14a7cfb32a use a generic EC_KEY structure (EC keys are not ECDSA specific)
Submitted by: Nils Larsch
2002-08-07 10:49:54 +00:00
Bodo Möller
4d94ae00d5 ECDSA support
Submitted by: Nils Larsch <nla@trustcenter.de>
2002-02-13 18:21:51 +00:00
Dr. Stephen Henson
20d2186c87 Retain compatibility of EVP_DigestInit() and EVP_DigestFinal()
with existing code.

Modify library to use digest *_ex() functions.
2001-10-16 01:24:29 +00:00
Dr. Stephen Henson
1241126adf More linker bloat reorganisation:
Split private key PEM and normal PEM handling. Private key
handling needs to link in stuff like PKCS#8.

Relocate the ASN1 *_dup() functions, to the relevant ASN1
modules using new macro IMPLEMENT_ASN1_DUP_FUNCTION. Previously
these were all in crypto/x509/x_all.c along with every ASN1
BIO/fp function which linked in *every* ASN1 function if
a single dup was used.

Move the authority key id ASN1 structure to a separate file.
This is used in the X509 routines and its previous location
linked in all the v3 extension code.

Also move ASN1_tag2bit to avoid linking in a_bytes.c which
is now largely obsolete.

So far under Linux stripped binary with single PEM_read_X509
is now 238K compared to 380K before these changes.
2001-07-27 02:22:42 +00:00
Dr. Stephen Henson
bb5ea36b96 Initial support for ASN1_ITEM_FUNCTION option to
change the way ASN1 modules are exported.

Still needs a bit of work for example the hack which a
dummy function prototype to avoid compilers warning about
multiple ;s.
2001-02-23 03:16:09 +00:00
Richard Levitte
cf1b7d9664 Make all configuration macros available for application by making
sure they are available in opensslconf.h, by giving them names starting
with "OPENSSL_" to avoid conflicts with other packages and by making
sure e_os2.h will cover all platform-specific cases together with
opensslconf.h.

I've checked fairly well that nothing breaks with this (apart from
external software that will adapt if they have used something like
NO_KRB5), but I can't guarantee it completely, so a review of this
change would be a good thing.
2001-02-19 16:06:34 +00:00
Dr. Stephen Henson
88ce56f8c1 Various function for commmon operations. 2001-02-02 00:45:54 +00:00
Dr. Stephen Henson
4e1209ebf8 ASN1_ITEM versions of ASN1_d2i_{fp, bio} and replacement of
most of the old wrappers. A few of the old versions remain
because they are non standard and the corresponding ASN1
code has not been reimplemented yet.
2000-12-30 02:40:26 +00:00
Dr. Stephen Henson
78d3b819f0 Replace the old ASN1_dup() with ASN1_item_dup() and
zap some evil function pointers casts along the way...
2000-12-29 18:23:55 +00:00
Dr. Stephen Henson
73e92de577 Add NO_ASN1_OLD to remove some old style functions:
currently OpenSSL itself wont compile with this set
because some old style stuff remains.

Change old functions X509_sign(), X509_verify() etc
to use new item based functions.

Replace OCSP function declarations with DECLARE macros.
2000-12-28 22:24:50 +00:00
Dr. Stephen Henson
bd08a2bd0c Add 'rsautl' low level RSA utility.
Add DER public key routines.

Add -passin argument to 'ca' utility.

Document sign and verify options to dgst.
2000-09-03 23:13:48 +00:00
Geoff Thorpe
ccd86b68ef The previous commit to crypto/stack/*.[ch] pulled the type-safety strings
yet tighter, and also put some heat on the rest of the library by
insisting (correctly) that compare callbacks used in stacks are prototyped
with "const" parameters. This has led to a depth-first explosion of
compiler warnings in the code where 1 constification has led to 3 or 4
more. Fortunately these have all been resolved to completion and the code
seems cleaner as a result - in particular many of the _cmp() functions
should have been prototyped with "const"s, and now are. There was one
little problem however;

X509_cmp() should by rights compare "const X509 *" pointers, and it is now
declared as such. However, it's internal workings can involve
recalculating hash values and extensions if they have not already been
setup. Someone with a more intricate understanding of the flow control of
X509 might be able to tighten this up, but for now - this seemed the
obvious place to stop the "depth-first" constification of the code by
using an evil cast (they have migrated all the way here from safestack.h).

Fortunately, this is the only place in the code where this was required
to complete these type-safety changes, and it's reasonably clear and
commented, and seemed the least unacceptable of the options. Trying to
take the constification further ends up exploding out considerably, and
indeed leads directly into generalised ASN functions which are not likely
to cooperate well with this.
2000-06-01 02:36:58 +00:00
Dr. Stephen Henson
439df5087f Fix c_rehash script, add -fingerprint option to crl. 2000-05-18 00:33:00 +00:00
Dr. Stephen Henson
20432eae41 Fix some of the command line password stuff. New function
that can automatically determine the type of a DER encoded
"traditional" format private key and change some of the
d2i functions to use it instead of requiring the application
to work out the key type.
2000-01-01 16:42:49 +00:00
Dr. Stephen Henson
e6f3c5850e New {i2d,d2i}_PrivateKey_{bio, fp} functions. 1999-12-26 19:20:03 +00:00
Dr. Stephen Henson
36217a9424 Allow passwords to be included on command line for a few
more utilities.
1999-12-24 23:53:57 +00:00
Dr. Stephen Henson
9868232ae1 Initial trust code: allow setting of trust checking functions
in a table. Doesn't do too much yet.

Make the -<digestname> options in 'x509' affect all relevant
options.

Change the name of the 'notrust' options to 'reject' as this
causes less confusion and is a better description of the
effect.

A few constification changes.
1999-11-27 01:14:04 +00:00