Commit graph

21 commits

Author SHA1 Message Date
Matt Caswell
8aac5d2e5a Fix RSA dasync engine bug
When RSA went opaque a bug was introduced into the dasync engine where
the wrong function was being set for the rsa_priv_dec operation.

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
2016-05-17 16:37:45 +01:00
Matt Caswell
b3599dbb6a Rename int_*() functions to *_int()
There is a preference for suffixes to indicate that a function is internal
rather than prefixes. Note: the suffix is only required to disambiguate
internal functions and public symbols with the same name (but different
case)

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-04-13 08:59:03 +01:00
Matt Caswell
342c21cd8b Rename lots of *_intern or *_internal function to int_*
There was a lot of naming inconsistency, so we try and standardise on
one form.

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-04-13 08:52:34 +01:00
Richard Levitte
b72c912137 Make the RSA_METHOD structure opaque
Move rsa_meth_st away from public headers.
Add RSA_METHOD creator/destructor functions.
Add RSA_METHOD accessor/writer functions.
Adapt all other source to use the creator, destructor, accessors and writers.

Reviewed-by: Matt Caswell <matt@openssl.org>
2016-04-06 16:19:20 +02:00
Alessandro Ghedini
2f78195677 Use correct function ID in error path
This fixes "make update".

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
2016-03-09 01:20:53 +00:00
Matt Caswell
e38c2e8535 Refactor dasync cipher implementations to improve code reuse
Move out most of the boiler plate code that is common between aes128-cbc
and aes128-cbc-hmac-sha1 into helper functions to improve code reuse.

Reviewed-by: Tim Hudson <tjh@openssl.org>
2016-03-07 21:42:09 +00:00
Matt Caswell
11780ac3e2 Move the _hidden_* static variables in dasync to be constructed in bind
The _hidden_* variables were being created on-the-fly. It is better to
create them once up front during bind to avoid any potential race
conditions.

Reviewed-by: Tim Hudson <tjh@openssl.org>
2016-03-07 21:42:09 +00:00
Matt Caswell
44ab2dfdf9 Rename EVP_CIPHER_CTX_cipher_data to EVP_CIPHER_CTX_get_cipher_data
We had the function EVP_CIPHER_CTX_cipher_data which is newly added for
1.1.0. As we now also need an EVP_CIPHER_CTX_set_cipher_data it makes
more sense for the former to be called EVP_CIPHER_CTX_get_cipher_data.

Reviewed-by: Tim Hudson <tjh@openssl.org>
2016-03-07 21:42:09 +00:00
Matt Caswell
2f2c9caa72 Add dummy pipeline support for aes128_cbc_hmac_sha1
Add dummy pipline support to dasync for the aes128_cbc_hmac_sha1 cipher.
This is treated as an AEAD cipher.

Reviewed-by: Tim Hudson <tjh@openssl.org>
2016-03-07 21:39:27 +00:00
Matt Caswell
98ee75439d Update the dasync engine to add a pipeline cipher
Implement aes128-cbc as a pipeline capable cipher in the dasync engine.
As dasync is just a dummy engine, it actually just performs the parallel
encrypts/decrypts in serial.

Reviewed-by: Tim Hudson <tjh@openssl.org>
2016-03-07 21:26:04 +00:00
Alessandro Ghedini
b8972edad6 GH804: Fix unused-result warnings in dasync
Signed-off-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
2016-03-07 12:21:07 -05:00
Matt Caswell
ff75a25749 Refactor the async wait fd logic
Implementation experience has shown that the original plan for async wait
fds was too simplistic. Originally the async logic created a pipe internally
and user/engine code could then get access to it via API calls. It is more
flexible if the engine is able to create its own fd and provide it to the
async code.

Another issue is that there can be a lot of churn in the fd value within
the context of (say) a single SSL connection leading to continually adding
and removing fds from (say) epoll. It is better if we can provide some
stability of the fd value across a whole SSL connection. This is
problematic because an engine has no concept of an SSL connection.

This commit refactors things to introduce an ASYNC_WAIT_CTX which acts as a
proxy for an SSL connection down at the engine layer.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-02-29 12:58:44 +00:00
Matt Caswell
7b9f8f7f03 Auto init/deinit libcrypto
This builds on the previous commit to auto initialise/deinitialise
libcrypto.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-02-09 15:11:38 +00:00
Rich Salz
349807608f Remove /* foo.c */ comments
This was done by the following
        find . -name '*.[ch]' | /tmp/pl
where /tmp/pl is the following three-line script:
        print unless $. == 1 && m@/\* .*\.[ch] \*/@;
        close ARGV if eof; # Close file to reset $.

And then some hand-editing of other files.

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
2016-01-26 16:40:43 -05:00
Richard Levitte
cddcea8c4b Adapt all engines that add new EVP_MDs
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-12-07 17:39:23 +01:00
Richard Levitte
6e59a892db Adjust all accesses to EVP_MD_CTX to use accessor functions.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-12-07 17:39:23 +01:00
Dr. Stephen Henson
7f572e958b Remove legacy sign/verify from EVP_MD.
Remove sign/verify and required_pkey_type fields of EVP_MD: these are a
legacy from when digests were linked to public key types. All signing is
now handled by the corresponding EVP_PKEY_METHOD.

Only allow supported digest types in RSA EVP_PKEY_METHOD: other algorithms
already block unsupported types.

Remove now obsolete EVP_dss1() and EVP_ecdsa().

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-12-02 17:52:01 +00:00
Kurt Roeckx
652d4a8c83 Update dasync to use size_t for the sha1 update
Reviewed-by: Matt Caswell <matt@openssl.org>

MR #1350
2015-11-22 10:38:56 +01:00
Matt Caswell
46a283c01c Rename some daysnc functions for consistency
For some reason the dasync sha1 functions did not start with the
dasync prefix like all of the other functions do. Changed for
consistency.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-11-20 23:35:19 +00:00
Matt Caswell
f4da39d200 Initial Async notify code changes
Initial API implemented for notifying applications that an ASYNC_JOB
has completed. Currently only s_server is using this. The Dummy Async
engine "cheats" in that it notifies that it has completed *before* it
pauses the job. A normal async engine would not do that.

Only the posix version of this has been implemented so far, so it will
probably fail to compile on Windows at the moment.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-11-20 23:33:46 +00:00
Matt Caswell
a14e9ff713 Add the Dummy Async engine (dasync)
This engine is for developers of async aware applications. It simulates
asynchronous activity with external hardware. This initial version supports
SHA1 and RSA. Certain operations using those algorithms have async job
"pauses" in them - using the new libcrypto async capability.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-11-20 23:31:42 +00:00