From 4250ddb86f54075f5e56dc02217433bd0f331c0b Mon Sep 17 00:00:00 2001 From: purplerain Date: Sun, 14 Jan 2024 01:35:08 +0000 Subject: [PATCH] sync with OpenBSD -current --- lib/libcrypto/Makefile | 6 +- lib/libcrypto/asn1/asn1_item.c | 23 +- lib/libcrypto/crypto_init.c | 25 +- lib/libcrypto/evp/c_all.c | 331 --- lib/libcrypto/evp/evp_names.c | 1838 +++++++++++++++++ lib/libcrypto/evp/names.c | 239 --- lib/libcrypto/evp/pmeth_lib.c | 139 +- lib/libcrypto/man/OBJ_create.3 | 69 +- lib/libcrypto/objects/o_names.c | 363 ---- lib/libcrypto/objects/obj_dat.c | 20 +- lib/libcrypto/stack/stack.c | 5 +- lib/libcrypto/x509/x509_trs.c | 76 +- lib/libssl/man/BIO_f_ssl.3 | 27 +- sys/dev/pci/drm/drm_linux.c | 125 +- sys/dev/pci/drm/include/linux/component.h | 9 +- .../pci/drm/include/linux/platform_device.h | 1 + 16 files changed, 2065 insertions(+), 1231 deletions(-) delete mode 100644 lib/libcrypto/evp/c_all.c create mode 100644 lib/libcrypto/evp/evp_names.c delete mode 100644 lib/libcrypto/evp/names.c delete mode 100644 lib/libcrypto/objects/o_names.c diff --git a/lib/libcrypto/Makefile b/lib/libcrypto/Makefile index 2a12e43a7..0461363e3 100644 --- a/lib/libcrypto/Makefile +++ b/lib/libcrypto/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.162 2023/12/29 06:56:38 tb Exp $ +# $OpenBSD: Makefile,v 1.166 2024/01/13 12:18:52 tb Exp $ LIB= crypto LIBREBUILD=y @@ -348,7 +348,6 @@ SRCS+= err_prn.c SRCS+= bio_b64.c SRCS+= bio_enc.c SRCS+= bio_md.c -SRCS+= c_all.c SRCS+= e_aes.c SRCS+= e_aes_cbc_hmac_sha1.c SRCS+= e_bf.c @@ -372,6 +371,7 @@ SRCS+= evp_digest.c SRCS+= evp_encode.c SRCS+= evp_err.c SRCS+= evp_key.c +SRCS+= evp_names.c SRCS+= evp_pbe.c SRCS+= evp_pkey.c SRCS+= m_gost2814789.c @@ -387,7 +387,6 @@ SRCS+= m_sigver.c SRCS+= m_sm3.c SRCS+= m_streebog.c SRCS+= m_wp.c -SRCS+= names.c SRCS+= p5_crpt.c SRCS+= p5_crpt2.c SRCS+= p_legacy.c @@ -453,7 +452,6 @@ SRCS+= ofb128.c SRCS+= xts128.c # objects/ -SRCS+= o_names.c SRCS+= obj_dat.c SRCS+= obj_err.c SRCS+= obj_lib.c diff --git a/lib/libcrypto/asn1/asn1_item.c b/lib/libcrypto/asn1/asn1_item.c index 3f67e3fc3..18da77433 100644 --- a/lib/libcrypto/asn1/asn1_item.c +++ b/lib/libcrypto/asn1/asn1_item.c @@ -1,4 +1,4 @@ -/* $OpenBSD: asn1_item.c,v 1.18 2023/11/09 11:36:39 tb Exp $ */ +/* $OpenBSD: asn1_item.c,v 1.19 2024/01/13 13:59:18 joshua Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -222,13 +222,20 @@ int ASN1_item_sign(const ASN1_ITEM *it, X509_ALGOR *algor1, X509_ALGOR *algor2, ASN1_BIT_STRING *signature, void *asn, EVP_PKEY *pkey, const EVP_MD *type) { - EVP_MD_CTX ctx; - EVP_MD_CTX_init(&ctx); - if (!EVP_DigestSignInit(&ctx, NULL, type, NULL, pkey)) { - EVP_MD_CTX_cleanup(&ctx); - return 0; - } - return ASN1_item_sign_ctx(it, algor1, algor2, signature, asn, &ctx); + EVP_MD_CTX *md_ctx = NULL; + int ret = 0; + + if ((md_ctx = EVP_MD_CTX_new()) == NULL) + goto err; + if (!EVP_DigestSignInit(md_ctx, NULL, type, NULL, pkey)) + goto err; + + ret = ASN1_item_sign_ctx(it, algor1, algor2, signature, asn, md_ctx); + + err: + EVP_MD_CTX_free(md_ctx); + + return ret; } static int diff --git a/lib/libcrypto/crypto_init.c b/lib/libcrypto/crypto_init.c index 440128fe4..ed92c410c 100644 --- a/lib/libcrypto/crypto_init.c +++ b/lib/libcrypto/crypto_init.c @@ -1,4 +1,4 @@ -/* $OpenBSD: crypto_init.c,v 1.15 2024/01/07 19:59:32 tb Exp $ */ +/* $OpenBSD: crypto_init.c,v 1.17 2024/01/13 17:04:29 tb Exp $ */ /* * Copyright (c) 2018 Bob Beck * @@ -44,8 +44,6 @@ OPENSSL_init_crypto_internal(void) OPENSSL_cpuid_setup(); ERR_load_crypto_strings(); - OpenSSL_add_all_ciphers(); - OpenSSL_add_all_digests(); } int @@ -91,3 +89,24 @@ OPENSSL_cleanup(void) crypto_init_cleaned_up = 1; } LCRYPTO_ALIAS(OPENSSL_cleanup); + +void +OpenSSL_add_all_ciphers(void) +{ +} + +void +OpenSSL_add_all_digests(void) +{ +} + +void +OPENSSL_add_all_algorithms_noconf(void) +{ +} + +void +OPENSSL_add_all_algorithms_conf(void) +{ + OPENSSL_config(NULL); +} diff --git a/lib/libcrypto/evp/c_all.c b/lib/libcrypto/evp/c_all.c deleted file mode 100644 index ec38b108c..000000000 --- a/lib/libcrypto/evp/c_all.c +++ /dev/null @@ -1,331 +0,0 @@ -/* $OpenBSD: c_all.c,v 1.33 2023/10/24 13:09:54 tb Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include - -#include - -#include -#include -#include - -#include "cryptlib.h" - -static void -OpenSSL_add_all_ciphers_internal(void) -{ -#ifndef OPENSSL_NO_DES - EVP_add_cipher(EVP_des_cfb()); - EVP_add_cipher(EVP_des_cfb1()); - EVP_add_cipher(EVP_des_cfb8()); - EVP_add_cipher(EVP_des_ede_cfb()); - EVP_add_cipher(EVP_des_ede3_cfb()); - EVP_add_cipher(EVP_des_ede3_cfb1()); - EVP_add_cipher(EVP_des_ede3_cfb8()); - - EVP_add_cipher(EVP_des_ofb()); - EVP_add_cipher(EVP_des_ede_ofb()); - EVP_add_cipher(EVP_des_ede3_ofb()); - - EVP_add_cipher(EVP_desx_cbc()); - EVP_add_cipher_alias(SN_desx_cbc, "DESX"); - EVP_add_cipher_alias(SN_desx_cbc, "desx"); - - EVP_add_cipher(EVP_des_cbc()); - EVP_add_cipher_alias(SN_des_cbc, "DES"); - EVP_add_cipher_alias(SN_des_cbc, "des"); - EVP_add_cipher(EVP_des_ede_cbc()); - EVP_add_cipher(EVP_des_ede3_cbc()); - EVP_add_cipher_alias(SN_des_ede3_cbc, "DES3"); - EVP_add_cipher_alias(SN_des_ede3_cbc, "des3"); - - EVP_add_cipher(EVP_des_ecb()); - EVP_add_cipher(EVP_des_ede()); - EVP_add_cipher(EVP_des_ede3()); -#endif - -#ifndef OPENSSL_NO_RC4 - EVP_add_cipher(EVP_rc4()); - EVP_add_cipher(EVP_rc4_40()); -#ifndef OPENSSL_NO_MD5 - EVP_add_cipher(EVP_rc4_hmac_md5()); -#endif -#endif - -#ifndef OPENSSL_NO_IDEA - EVP_add_cipher(EVP_idea_ecb()); - EVP_add_cipher(EVP_idea_cfb()); - EVP_add_cipher(EVP_idea_ofb()); - EVP_add_cipher(EVP_idea_cbc()); - EVP_add_cipher_alias(SN_idea_cbc, "IDEA"); - EVP_add_cipher_alias(SN_idea_cbc, "idea"); -#endif - -#ifndef OPENSSL_NO_RC2 - EVP_add_cipher(EVP_rc2_ecb()); - EVP_add_cipher(EVP_rc2_cfb()); - EVP_add_cipher(EVP_rc2_ofb()); - EVP_add_cipher(EVP_rc2_cbc()); - EVP_add_cipher(EVP_rc2_40_cbc()); - EVP_add_cipher(EVP_rc2_64_cbc()); - EVP_add_cipher_alias(SN_rc2_cbc, "RC2"); - EVP_add_cipher_alias(SN_rc2_cbc, "rc2"); -#endif - -#ifndef OPENSSL_NO_BF - EVP_add_cipher(EVP_bf_ecb()); - EVP_add_cipher(EVP_bf_cfb()); - EVP_add_cipher(EVP_bf_ofb()); - EVP_add_cipher(EVP_bf_cbc()); - EVP_add_cipher_alias(SN_bf_cbc, "BF"); - EVP_add_cipher_alias(SN_bf_cbc, "bf"); - EVP_add_cipher_alias(SN_bf_cbc, "blowfish"); -#endif - -#ifndef OPENSSL_NO_CAST - EVP_add_cipher(EVP_cast5_ecb()); - EVP_add_cipher(EVP_cast5_cfb()); - EVP_add_cipher(EVP_cast5_ofb()); - EVP_add_cipher(EVP_cast5_cbc()); - EVP_add_cipher_alias(SN_cast5_cbc, "CAST"); - EVP_add_cipher_alias(SN_cast5_cbc, "cast"); - EVP_add_cipher_alias(SN_cast5_cbc, "CAST-cbc"); - EVP_add_cipher_alias(SN_cast5_cbc, "cast-cbc"); -#endif - -#ifndef OPENSSL_NO_AES - EVP_add_cipher(EVP_aes_128_ecb()); - EVP_add_cipher(EVP_aes_128_cbc()); - EVP_add_cipher(EVP_aes_128_ccm()); - EVP_add_cipher(EVP_aes_128_cfb()); - EVP_add_cipher(EVP_aes_128_cfb1()); - EVP_add_cipher(EVP_aes_128_cfb8()); - EVP_add_cipher(EVP_aes_128_ofb()); - EVP_add_cipher(EVP_aes_128_ctr()); - EVP_add_cipher(EVP_aes_128_gcm()); - EVP_add_cipher(EVP_aes_128_wrap()); - EVP_add_cipher(EVP_aes_128_xts()); - EVP_add_cipher_alias(SN_aes_128_cbc, "AES128"); - EVP_add_cipher_alias(SN_aes_128_cbc, "aes128"); - EVP_add_cipher(EVP_aes_192_ecb()); - EVP_add_cipher(EVP_aes_192_cbc()); - EVP_add_cipher(EVP_aes_192_ccm()); - EVP_add_cipher(EVP_aes_192_cfb()); - EVP_add_cipher(EVP_aes_192_cfb1()); - EVP_add_cipher(EVP_aes_192_cfb8()); - EVP_add_cipher(EVP_aes_192_ofb()); - EVP_add_cipher(EVP_aes_192_ctr()); - EVP_add_cipher(EVP_aes_192_gcm()); - EVP_add_cipher(EVP_aes_192_wrap()); - EVP_add_cipher_alias(SN_aes_192_cbc, "AES192"); - EVP_add_cipher_alias(SN_aes_192_cbc, "aes192"); - EVP_add_cipher(EVP_aes_256_ecb()); - EVP_add_cipher(EVP_aes_256_cbc()); - EVP_add_cipher(EVP_aes_256_ccm()); - EVP_add_cipher(EVP_aes_256_cfb()); - EVP_add_cipher(EVP_aes_256_cfb1()); - EVP_add_cipher(EVP_aes_256_cfb8()); - EVP_add_cipher(EVP_aes_256_ofb()); - EVP_add_cipher(EVP_aes_256_ctr()); - EVP_add_cipher(EVP_aes_256_gcm()); - EVP_add_cipher(EVP_aes_256_wrap()); - EVP_add_cipher(EVP_aes_256_xts()); - EVP_add_cipher_alias(SN_aes_256_cbc, "AES256"); - EVP_add_cipher_alias(SN_aes_256_cbc, "aes256"); -#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA1) - EVP_add_cipher(EVP_aes_128_cbc_hmac_sha1()); - EVP_add_cipher(EVP_aes_256_cbc_hmac_sha1()); -#endif -#endif - -#ifndef OPENSSL_NO_CAMELLIA - EVP_add_cipher(EVP_camellia_128_ecb()); - EVP_add_cipher(EVP_camellia_128_cbc()); - EVP_add_cipher(EVP_camellia_128_cfb()); - EVP_add_cipher(EVP_camellia_128_cfb1()); - EVP_add_cipher(EVP_camellia_128_cfb8()); - EVP_add_cipher(EVP_camellia_128_ofb()); - EVP_add_cipher_alias(SN_camellia_128_cbc, "CAMELLIA128"); - EVP_add_cipher_alias(SN_camellia_128_cbc, "camellia128"); - EVP_add_cipher(EVP_camellia_192_ecb()); - EVP_add_cipher(EVP_camellia_192_cbc()); - EVP_add_cipher(EVP_camellia_192_cfb()); - EVP_add_cipher(EVP_camellia_192_cfb1()); - EVP_add_cipher(EVP_camellia_192_cfb8()); - EVP_add_cipher(EVP_camellia_192_ofb()); - EVP_add_cipher_alias(SN_camellia_192_cbc, "CAMELLIA192"); - EVP_add_cipher_alias(SN_camellia_192_cbc, "camellia192"); - EVP_add_cipher(EVP_camellia_256_ecb()); - EVP_add_cipher(EVP_camellia_256_cbc()); - EVP_add_cipher(EVP_camellia_256_cfb()); - EVP_add_cipher(EVP_camellia_256_cfb1()); - EVP_add_cipher(EVP_camellia_256_cfb8()); - EVP_add_cipher(EVP_camellia_256_ofb()); - EVP_add_cipher_alias(SN_camellia_256_cbc, "CAMELLIA256"); - EVP_add_cipher_alias(SN_camellia_256_cbc, "camellia256"); -#endif - -#ifndef OPENSSL_NO_CHACHA - EVP_add_cipher(EVP_chacha20()); - EVP_add_cipher_alias(SN_chacha20, "ChaCha20"); - EVP_add_cipher_alias(LN_chacha20, "chacha20"); -#endif -#if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305) - EVP_add_cipher(EVP_chacha20_poly1305()); -#endif - -#ifndef OPENSSL_NO_GOST - EVP_add_cipher(EVP_gost2814789_ecb()); - EVP_add_cipher(EVP_gost2814789_cfb64()); - EVP_add_cipher(EVP_gost2814789_cnt()); -#endif - -#ifndef OPENSSL_NO_SM4 - EVP_add_cipher(EVP_sm4_ecb()); - EVP_add_cipher(EVP_sm4_cbc()); - EVP_add_cipher(EVP_sm4_cfb()); - EVP_add_cipher(EVP_sm4_ofb()); - EVP_add_cipher(EVP_sm4_ctr()); - EVP_add_cipher_alias(SN_sm4_cbc, "SM4"); - EVP_add_cipher_alias(SN_sm4_cbc, "sm4"); -#endif -} - -void -OpenSSL_add_all_ciphers(void) -{ - static pthread_once_t add_all_ciphers_once = PTHREAD_ONCE_INIT; - (void) pthread_once(&add_all_ciphers_once, OpenSSL_add_all_ciphers_internal); -} - -static void -OpenSSL_add_all_digests_internal(void) -{ -#ifndef OPENSSL_NO_MD4 - EVP_add_digest(EVP_md4()); -#endif - -#ifndef OPENSSL_NO_MD5 - EVP_add_digest(EVP_md5()); - EVP_add_digest(EVP_md5_sha1()); - EVP_add_digest_alias(SN_md5, "ssl2-md5"); - EVP_add_digest_alias(SN_md5, "ssl3-md5"); -#endif - -#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA1) - EVP_add_digest(EVP_sha1()); - EVP_add_digest_alias(SN_sha1, "ssl3-sha1"); - EVP_add_digest_alias(SN_sha1WithRSAEncryption, SN_sha1WithRSA); -#endif - -#ifndef OPENSSL_NO_GOST - EVP_add_digest(EVP_gostr341194()); - EVP_add_digest(EVP_gost2814789imit()); - EVP_add_digest(EVP_streebog256()); - EVP_add_digest(EVP_streebog512()); -#endif -#ifndef OPENSSL_NO_RIPEMD - EVP_add_digest(EVP_ripemd160()); - EVP_add_digest_alias(SN_ripemd160, "ripemd"); - EVP_add_digest_alias(SN_ripemd160, "rmd160"); -#endif -#ifndef OPENSSL_NO_SHA256 - EVP_add_digest(EVP_sha224()); - EVP_add_digest(EVP_sha256()); -#endif -#ifndef OPENSSL_NO_SHA512 - EVP_add_digest(EVP_sha384()); - EVP_add_digest(EVP_sha512()); - EVP_add_digest(EVP_sha512_224()); - EVP_add_digest(EVP_sha512_256()); -#endif -#ifndef OPENSSL_NO_SHA3 - EVP_add_digest(EVP_sha3_224()); - EVP_add_digest(EVP_sha3_256()); - EVP_add_digest(EVP_sha3_384()); - EVP_add_digest(EVP_sha3_512()); -#endif -#ifndef OPENSSL_NO_SM3 - EVP_add_digest(EVP_sm3()); -#endif -#ifndef OPENSSL_NO_WHIRLPOOL - EVP_add_digest(EVP_whirlpool()); -#endif -} - -void -OpenSSL_add_all_digests(void) -{ - static pthread_once_t add_all_digests_once = PTHREAD_ONCE_INIT; - (void) pthread_once(&add_all_digests_once, OpenSSL_add_all_digests_internal); -} - -void -OPENSSL_add_all_algorithms_noconf(void) -{ - OpenSSL_add_all_ciphers(); - OpenSSL_add_all_digests(); -} - -void -OPENSSL_add_all_algorithms_conf(void) -{ - OPENSSL_add_all_algorithms_noconf(); - OPENSSL_config(NULL); -} diff --git a/lib/libcrypto/evp/evp_names.c b/lib/libcrypto/evp/evp_names.c new file mode 100644 index 000000000..046391fe3 --- /dev/null +++ b/lib/libcrypto/evp/evp_names.c @@ -0,0 +1,1838 @@ +/* $OpenBSD: evp_names.c,v 1.7 2024/01/13 12:18:52 tb Exp $ */ +/* + * Copyright (c) 2023 Theo Buehler + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + */ + +#include +#include +#include + +#include +#include + +/* + * In the following two structs, .name is the lookup name that is used + * for EVP_get_cipherbyname() and EVP_get_digestbyname(), while .alias + * keeps track of the aliased name. + */ + +struct cipher_name { + const char *name; + const EVP_CIPHER *(*cipher)(void); + const char *alias; +}; + +struct digest_name { + const char *name; + const EVP_MD *(*digest)(void); + const char *alias; +}; + +/* + * Keep this table alphabetically sorted by increasing .name. + * regress/lib/libcrypto/evp/evp_test.c checks that. + */ + +static const struct cipher_name cipher_names[] = { +#ifndef OPENSSL_NO_AES + { + .name = SN_aes_128_cbc, + .cipher = EVP_aes_128_cbc, + }, + { + .name = SN_aes_128_cbc_hmac_sha1, + .cipher = EVP_aes_128_cbc_hmac_sha1, + }, + { + .name = SN_aes_128_cfb128, + .cipher = EVP_aes_128_cfb128, + }, + { + .name = SN_aes_128_cfb1, + .cipher = EVP_aes_128_cfb1, + }, + { + .name = SN_aes_128_cfb8, + .cipher = EVP_aes_128_cfb8, + }, + { + .name = SN_aes_128_ctr, + .cipher = EVP_aes_128_ctr, + }, + { + .name = SN_aes_128_ecb, + .cipher = EVP_aes_128_ecb, + }, + { + .name = SN_aes_128_ofb128, + .cipher = EVP_aes_128_ofb, + }, + { + .name = SN_aes_128_xts, + .cipher = EVP_aes_128_xts, + }, + + { + .name = SN_aes_192_cbc, + .cipher = EVP_aes_192_cbc, + }, + { + .name = SN_aes_192_cfb128, + .cipher = EVP_aes_192_cfb128, + }, + { + .name = SN_aes_192_cfb1, + .cipher = EVP_aes_192_cfb1, + }, + { + .name = SN_aes_192_cfb8, + .cipher = EVP_aes_192_cfb8, + }, + { + .name = SN_aes_192_ctr, + .cipher = EVP_aes_192_ctr, + }, + { + .name = SN_aes_192_ecb, + .cipher = EVP_aes_192_ecb, + }, + { + .name = SN_aes_192_ofb128, + .cipher = EVP_aes_192_ofb, + }, + + { + .name = SN_aes_256_cbc, + .cipher = EVP_aes_256_cbc, + }, + { + .name = SN_aes_256_cbc_hmac_sha1, + .cipher = EVP_aes_256_cbc_hmac_sha1, + }, + { + .name = SN_aes_256_cfb128, + .cipher = EVP_aes_256_cfb128, + }, + { + .name = SN_aes_256_cfb1, + .cipher = EVP_aes_256_cfb1, + }, + { + .name = SN_aes_256_cfb8, + .cipher = EVP_aes_256_cfb8, + }, + { + .name = SN_aes_256_ctr, + .cipher = EVP_aes_256_ctr, + }, + { + .name = SN_aes_256_ecb, + .cipher = EVP_aes_256_ecb, + }, + { + .name = SN_aes_256_ofb128, + .cipher = EVP_aes_256_ofb, + }, + { + .name = SN_aes_256_xts, + .cipher = EVP_aes_256_xts, + }, + + { + .name = "AES128", + .cipher = EVP_aes_128_cbc, + .alias = SN_aes_128_cbc, + }, + { + .name = "AES192", + .cipher = EVP_aes_192_cbc, + .alias = SN_aes_192_cbc, + }, + { + .name = "AES256", + .cipher = EVP_aes_256_cbc, + .alias = SN_aes_256_cbc, + }, +#endif /* OPENSSL_NO_AES */ + +#ifndef OPENSSL_NO_BF + { + .name = "BF", + .cipher = EVP_bf_cbc, + .alias = SN_bf_cbc, + }, + + { + .name = SN_bf_cbc, + .cipher = EVP_bf_cbc, + }, + { + .name = SN_bf_cfb64, + .cipher = EVP_bf_cfb64, + }, + { + .name = SN_bf_ecb, + .cipher = EVP_bf_ecb, + }, + { + .name = SN_bf_ofb64, + .cipher = EVP_bf_ofb, + }, +#endif + +#ifndef OPENSSL_NO_CAMELLIA + { + .name = SN_camellia_128_cbc, + .cipher = EVP_camellia_128_cbc, + }, + { + .name = SN_camellia_128_cfb128, + .cipher = EVP_camellia_128_cfb128, + }, + { + .name = SN_camellia_128_cfb1, + .cipher = EVP_camellia_128_cfb1, + }, + { + .name = SN_camellia_128_cfb8, + .cipher = EVP_camellia_128_cfb8, + }, + { + .name = SN_camellia_128_ecb, + .cipher = EVP_camellia_128_ecb, + }, + { + .name = SN_camellia_128_ofb128, + .cipher = EVP_camellia_128_ofb, + }, + + { + .name = SN_camellia_192_cbc, + .cipher = EVP_camellia_192_cbc, + }, + { + .name = SN_camellia_192_cfb128, + .cipher = EVP_camellia_192_cfb128, + }, + { + .name = SN_camellia_192_cfb1, + .cipher = EVP_camellia_192_cfb1, + }, + { + .name = SN_camellia_192_cfb8, + .cipher = EVP_camellia_192_cfb8, + }, + { + .name = SN_camellia_192_ecb, + .cipher = EVP_camellia_192_ecb, + }, + { + .name = SN_camellia_192_ofb128, + .cipher = EVP_camellia_192_ofb, + }, + + { + .name = SN_camellia_256_cbc, + .cipher = EVP_camellia_256_cbc, + }, + { + .name = SN_camellia_256_cfb128, + .cipher = EVP_camellia_256_cfb128, + }, + { + .name = SN_camellia_256_cfb1, + .cipher = EVP_camellia_256_cfb1, + }, + { + .name = SN_camellia_256_cfb8, + .cipher = EVP_camellia_256_cfb8, + }, + { + .name = SN_camellia_256_ecb, + .cipher = EVP_camellia_256_ecb, + }, + { + .name = SN_camellia_256_ofb128, + .cipher = EVP_camellia_256_ofb, + }, + + { + .name = "CAMELLIA128", + .cipher = EVP_camellia_128_cbc, + .alias = SN_camellia_128_cbc, + }, + { + .name = "CAMELLIA192", + .cipher = EVP_camellia_192_cbc, + .alias = SN_camellia_192_cbc, + }, + { + .name = "CAMELLIA256", + .cipher = EVP_camellia_256_cbc, + .alias = SN_camellia_256_cbc, + }, +#endif /* OPENSSL_NO_CAMELLIA */ + +#ifndef OPENSSL_NO_CAST + { + .name = "CAST", + .cipher = EVP_cast5_cbc, + .alias = SN_cast5_cbc, + }, + { + .name = "CAST-cbc", + .cipher = EVP_cast5_cbc, + .alias = SN_cast5_cbc, + }, + + { + .name = SN_cast5_cbc, + .cipher = EVP_cast5_cbc, + }, + { + .name = SN_cast5_cfb64, + .cipher = EVP_cast5_cfb, + }, + { + .name = SN_cast5_ecb, + .cipher = EVP_cast5_ecb, + }, + { + .name = SN_cast5_ofb64, + .cipher = EVP_cast5_ofb, + }, +#endif + +#ifndef OPENSSL_NO_CHACHA + { + .name = SN_chacha20, + .cipher = EVP_chacha20, + }, + { + .name = "ChaCha20", + .cipher = EVP_chacha20, + .alias = SN_chacha20, + }, +#endif /* OPENSSL_NO_CHACHA */ + +#if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305) + { + .name = SN_chacha20_poly1305, + .cipher = EVP_chacha20_poly1305, + }, +#endif /* OPENSSL_NO_CHACHA && OPENSSL_NO_POLY1305 */ + +#ifndef OPENSSL_NO_DES + { + .name = "DES", + .cipher = EVP_des_cbc, + .alias = SN_des_cbc, + }, + + { + .name = SN_des_cbc, + .cipher = EVP_des_cbc, + }, + { + .name = SN_des_cfb64, + .cipher = EVP_des_cfb64, + }, + { + .name = SN_des_cfb1, + .cipher = EVP_des_cfb1, + }, + { + .name = SN_des_cfb8, + .cipher = EVP_des_cfb8, + }, + { + .name = SN_des_ecb, + .cipher = EVP_des_ecb, + }, + { + .name = SN_des_ede_ecb, + .cipher = EVP_des_ede, + }, + { + .name = SN_des_ede_cbc, + .cipher = EVP_des_ede_cbc, + }, + { + .name = SN_des_ede_cfb64, + .cipher = EVP_des_ede_cfb64, + }, + { + .name = SN_des_ede_ofb64, + .cipher = EVP_des_ede_ofb, + }, + { + .name = SN_des_ede3_ecb, + .cipher = EVP_des_ede3_ecb, + }, + { + .name = SN_des_ede3_cbc, + .cipher = EVP_des_ede3_cbc, + }, + { + .name = SN_des_ede3_cfb64, + .cipher = EVP_des_ede3_cfb, + }, + { + .name = SN_des_ede3_cfb1, + .cipher = EVP_des_ede3_cfb1, + }, + { + .name = SN_des_ede3_cfb8, + .cipher = EVP_des_ede3_cfb8, + }, + { + .name = SN_des_ede3_ofb64, + .cipher = EVP_des_ede3_ofb, + }, + { + .name = SN_des_ofb64, + .cipher = EVP_des_ofb, + }, + + { + .name = "DES3", + .cipher = EVP_des_ede3_cbc, + .alias = SN_des_ede3_cbc, + }, + + { + .name = "DESX", + .cipher = EVP_desx_cbc, + .alias = SN_desx_cbc, + }, + { + .name = SN_desx_cbc, + .cipher = EVP_desx_cbc, + }, +#endif /* OPENSSL_NO_DES */ + +#ifndef OPENSSL_NO_GOST + { + .name = LN_id_Gost28147_89, + .cipher = EVP_gost2814789_cfb64, + }, +#endif /* OPENSSL_NO_GOST */ + +#ifndef OPENSSL_NO_IDEA + { + .name = "IDEA", + .cipher = EVP_idea_cbc, + .alias = SN_idea_cbc, + }, + + { + .name = SN_idea_cbc, + .cipher = EVP_idea_cbc, + }, + { + .name = SN_idea_cfb64, + .cipher = EVP_idea_cfb64, + }, + { + .name = SN_idea_ecb, + .cipher = EVP_idea_ecb, + }, + { + .name = SN_idea_ofb64, + .cipher = EVP_idea_ofb, + }, +#endif /* OPENSSL_NO_IDEA */ + +#ifndef OPENSSL_NO_RC2 + { + .name = "RC2", + .cipher = EVP_rc2_cbc, + .alias = SN_rc2_cbc, + }, + + { + .name = SN_rc2_40_cbc, + .cipher = EVP_rc2_40_cbc, + }, + { + .name = SN_rc2_64_cbc, + .cipher = EVP_rc2_64_cbc, + }, + { + .name = SN_rc2_cbc, + .cipher = EVP_rc2_cbc, + }, + { + .name = SN_rc2_cfb64, + .cipher = EVP_rc2_cfb64, + }, + { + .name = SN_rc2_ecb, + .cipher = EVP_rc2_ecb, + }, + { + .name = SN_rc2_ofb64, + .cipher = EVP_rc2_ofb, + }, +#endif /* OPENSSL_NO_RC2 */ + +#ifndef OPENSSL_NO_RC4 + { + .name = SN_rc4, + .cipher = EVP_rc4, + }, + { + .name = SN_rc4_40, + .cipher = EVP_rc4_40, + }, + { + .name = SN_rc4_hmac_md5, + .cipher = EVP_rc4_hmac_md5, + }, +#endif /* OPENSSL_NO_RC4 */ + +#ifndef OPENSSL_NO_SM4 + { + .name = "SM4", + .cipher = EVP_sm4_cbc, + .alias = SN_sm4_cbc, + }, + + { + .name = SN_sm4_cbc, + .cipher = EVP_sm4_cbc, + }, + { + .name = SN_sm4_cfb128, + .cipher = EVP_sm4_cfb128, + }, + { + .name = SN_sm4_ctr, + .cipher = EVP_sm4_ctr, + }, + { + .name = SN_sm4_ecb, + .cipher = EVP_sm4_ecb, + }, + { + .name = SN_sm4_ofb128, + .cipher = EVP_sm4_ofb, + }, +#endif /* OPENSSL_NO_SM4 */ + +#ifndef OPENSSL_NO_AES + { + .name = LN_aes_128_cbc, + .cipher = EVP_aes_128_cbc, + }, + { + .name = LN_aes_128_cbc_hmac_sha1, + .cipher = EVP_aes_128_cbc_hmac_sha1, + }, + { + .name = LN_aes_128_ccm, + .cipher = EVP_aes_128_ccm, + }, + { + .name = LN_aes_128_cfb128, + .cipher = EVP_aes_128_cfb128, + }, + { + .name = LN_aes_128_cfb1, + .cipher = EVP_aes_128_cfb1, + }, + { + .name = LN_aes_128_cfb8, + .cipher = EVP_aes_128_cfb8, + }, + { + .name = LN_aes_128_ctr, + .cipher = EVP_aes_128_ctr, + }, + { + .name = LN_aes_128_ecb, + .cipher = EVP_aes_128_ecb, + }, + { + .name = LN_aes_128_gcm, + .cipher = EVP_aes_128_gcm, + }, + { + .name = LN_aes_128_ofb128, + .cipher = EVP_aes_128_ofb, + }, + { + .name = LN_aes_128_xts, + .cipher = EVP_aes_128_xts, + }, + + { + .name = LN_aes_192_cbc, + .cipher = EVP_aes_192_cbc, + }, + { + .name = LN_aes_192_ccm, + .cipher = EVP_aes_192_ccm, + }, + { + .name = LN_aes_192_cfb128, + .cipher = EVP_aes_192_cfb128, + }, + { + .name = LN_aes_192_cfb1, + .cipher = EVP_aes_192_cfb1, + }, + { + .name = LN_aes_192_cfb8, + .cipher = EVP_aes_192_cfb8, + }, + { + .name = LN_aes_192_ctr, + .cipher = EVP_aes_192_ctr, + }, + { + .name = LN_aes_192_ecb, + .cipher = EVP_aes_192_ecb, + }, + { + .name = LN_aes_192_gcm, + .cipher = EVP_aes_192_gcm, + }, + { + .name = LN_aes_192_ofb128, + .cipher = EVP_aes_192_ofb, + }, + + { + .name = LN_aes_256_cbc, + .cipher = EVP_aes_256_cbc, + }, + { + .name = LN_aes_256_cbc_hmac_sha1, + .cipher = EVP_aes_256_cbc_hmac_sha1, + }, + { + .name = LN_aes_256_ccm, + .cipher = EVP_aes_256_ccm, + }, + { + .name = LN_aes_256_cfb128, + .cipher = EVP_aes_256_cfb128, + }, + { + .name = LN_aes_256_cfb1, + .cipher = EVP_aes_256_cfb1, + }, + { + .name = LN_aes_256_cfb8, + .cipher = EVP_aes_256_cfb8, + }, + { + .name = LN_aes_256_ctr, + .cipher = EVP_aes_256_ctr, + }, + { + .name = LN_aes_256_ecb, + .cipher = EVP_aes_256_ecb, + }, + { + .name = LN_aes_256_gcm, + .cipher = EVP_aes_256_gcm, + }, + { + .name = LN_aes_256_ofb128, + .cipher = EVP_aes_256_ofb, + }, + { + .name = LN_aes_256_xts, + .cipher = EVP_aes_256_xts, + }, + + { + .name = "aes128", + .cipher = EVP_aes_128_cbc, + .alias = SN_aes_128_cbc, + }, + { + .name = "aes192", + .cipher = EVP_aes_192_cbc, + .alias = SN_aes_192_cbc, + }, + { + .name = "aes256", + .cipher = EVP_aes_256_cbc, + .alias = SN_aes_256_cbc, + }, +#endif /* OPENSSL_NO_AES */ + +#ifndef OPENSSL_NO_BF + { + .name = "bf", + .cipher = EVP_bf_cbc, + .alias = SN_bf_cbc, + }, + + { + .name = LN_bf_cbc, + .cipher = EVP_bf_cbc, + }, + { + .name = LN_bf_cfb64, + .cipher = EVP_bf_cfb64, + }, + { + .name = LN_bf_ecb, + .cipher = EVP_bf_ecb, + }, + { + .name = LN_bf_ofb64, + .cipher = EVP_bf_ofb, + }, + + { + .name = "blowfish", + .cipher = EVP_bf_cbc, + .alias = SN_bf_cbc, + }, +#endif /* OPENSSL_NO_BF */ + +#ifndef OPENSSL_NO_CAMELLIA + { + .name = LN_camellia_128_cbc, + .cipher = EVP_camellia_128_cbc, + }, + { + .name = LN_camellia_128_cfb128, + .cipher = EVP_camellia_128_cfb128, + }, + { + .name = LN_camellia_128_cfb1, + .cipher = EVP_camellia_128_cfb1, + }, + { + .name = LN_camellia_128_cfb8, + .cipher = EVP_camellia_128_cfb8, + }, + { + .name = LN_camellia_128_ecb, + .cipher = EVP_camellia_128_ecb, + }, + { + .name = LN_camellia_128_ofb128, + .cipher = EVP_camellia_128_ofb, + }, + + { + .name = LN_camellia_192_cbc, + .cipher = EVP_camellia_192_cbc, + }, + { + .name = LN_camellia_192_cfb128, + .cipher = EVP_camellia_192_cfb128, + }, + { + .name = LN_camellia_192_cfb1, + .cipher = EVP_camellia_192_cfb1, + }, + { + .name = LN_camellia_192_cfb8, + .cipher = EVP_camellia_192_cfb8, + }, + { + .name = LN_camellia_192_ecb, + .cipher = EVP_camellia_192_ecb, + }, + { + .name = LN_camellia_192_ofb128, + .cipher = EVP_camellia_192_ofb, + }, + + { + .name = LN_camellia_256_cbc, + .cipher = EVP_camellia_256_cbc, + }, + { + .name = LN_camellia_256_cfb128, + .cipher = EVP_camellia_256_cfb128, + }, + { + .name = LN_camellia_256_cfb1, + .cipher = EVP_camellia_256_cfb1, + }, + { + .name = LN_camellia_256_cfb8, + .cipher = EVP_camellia_256_cfb8, + }, + { + .name = LN_camellia_256_ecb, + .cipher = EVP_camellia_256_ecb, + }, + { + .name = LN_camellia_256_ofb128, + .cipher = EVP_camellia_256_ofb, + }, + + { + .name = "camellia128", + .cipher = EVP_camellia_128_cbc, + .alias = SN_camellia_128_cbc, + }, + { + .name = "camellia192", + .cipher = EVP_camellia_192_cbc, + .alias = SN_camellia_192_cbc, + }, + { + .name = "camellia256", + .cipher = EVP_camellia_256_cbc, + .alias = SN_camellia_256_cbc, + }, +#endif /* OPENSSL_NO_CAMELLIA */ + +#ifndef OPENSSL_NO_CAST + { + .name = "cast", + .cipher = EVP_cast5_cbc, + .alias = SN_cast5_cbc, + }, + { + .name = "cast-cbc", + .cipher = EVP_cast5_cbc, + .alias = SN_cast5_cbc, + }, + + { + .name = LN_cast5_cbc, + .cipher = EVP_cast5_cbc, + }, + { + .name = LN_cast5_cfb64, + .cipher = EVP_cast5_cfb, + }, + { + .name = LN_cast5_ecb, + .cipher = EVP_cast5_ecb, + }, + { + .name = LN_cast5_ofb64, + .cipher = EVP_cast5_ofb, + }, +#endif + +#ifndef OPENSSL_NO_CHACHA + { + .name = LN_chacha20, + .cipher = EVP_chacha20, + }, + { + .name = "chacha20", + .cipher = EVP_chacha20, + .alias = LN_chacha20, + }, + + { + .name = LN_chacha20_poly1305, + .cipher = EVP_chacha20_poly1305, + }, +#endif + +#ifndef OPENSSL_NO_DES + { + .name = "des", + .cipher = EVP_des_cbc, + .alias = SN_des_cbc, + }, + + { + .name = LN_des_cbc, + .cipher = EVP_des_cbc, + }, + { + .name = LN_des_cfb64, + .cipher = EVP_des_cfb64, + }, + { + .name = LN_des_cfb1, + .cipher = EVP_des_cfb1, + }, + { + .name = LN_des_cfb8, + .cipher = EVP_des_cfb8, + }, + { + .name = LN_des_ecb, + .cipher = EVP_des_ecb, + }, + { + .name = LN_des_ede_ecb, + .cipher = EVP_des_ede, + }, + { + .name = LN_des_ede_cbc, + .cipher = EVP_des_ede_cbc, + }, + { + .name = LN_des_ede_cfb64, + .cipher = EVP_des_ede_cfb64, + }, + { + .name = LN_des_ede_ofb64, + .cipher = EVP_des_ede_ofb, + }, + { + .name = LN_des_ede3_ecb, + .cipher = EVP_des_ede3_ecb, + }, + { + .name = LN_des_ede3_cbc, + .cipher = EVP_des_ede3_cbc, + }, + { + .name = LN_des_ede3_cfb64, + .cipher = EVP_des_ede3_cfb, + }, + { + .name = LN_des_ede3_cfb1, + .cipher = EVP_des_ede3_cfb1, + }, + { + .name = LN_des_ede3_cfb8, + .cipher = EVP_des_ede3_cfb8, + }, + { + .name = LN_des_ede3_ofb64, + .cipher = EVP_des_ede3_ofb, + }, + { + .name = LN_des_ofb64, + .cipher = EVP_des_ofb, + }, + + { + .name = "des3", + .cipher = EVP_des_ede3_cbc, + .alias = SN_des_ede3_cbc, + }, + + { + .name = "desx", + .cipher = EVP_desx_cbc, + .alias = SN_desx_cbc, + }, + { + .name = LN_desx_cbc, + .cipher = EVP_desx_cbc, + }, +#endif /* OPENSSL_NO_DES */ + +#ifndef OPENSSL_NO_GOST + { + .name = SN_id_Gost28147_89, + .cipher = EVP_gost2814789_cfb64, + }, + { + .name = SN_gost89_cnt, + .cipher = EVP_gost2814789_cnt, + }, + { + .name = SN_gost89_ecb, + .cipher = EVP_gost2814789_ecb, + }, +#endif /* OPENSSL_NO_GOST */ + +#ifndef OPENSSL_NO_AES + { + .name = SN_aes_128_ccm, + .cipher = EVP_aes_128_ccm, + }, + { + .name = SN_aes_128_gcm, + .cipher = EVP_aes_128_gcm, + }, + { + .name = SN_id_aes128_wrap, + .cipher = EVP_aes_128_wrap, + }, + + { + .name = SN_aes_192_ccm, + .cipher = EVP_aes_192_ccm, + }, + { + .name = SN_aes_192_gcm, + .cipher = EVP_aes_192_gcm, + }, + { + .name = SN_id_aes192_wrap, + .cipher = EVP_aes_192_wrap, + }, + + { + .name = SN_aes_256_ccm, + .cipher = EVP_aes_256_ccm, + }, + { + .name = SN_aes_256_gcm, + .cipher = EVP_aes_256_gcm, + }, + { + .name = SN_id_aes256_wrap, + .cipher = EVP_aes_256_wrap, + }, +#endif /* OPENSSL_NO_AES */ + +#ifndef OPENSSL_NO_IDEA + { + .name = "idea", + .cipher = EVP_idea_cbc, + .alias = SN_idea_cbc, + }, + + { + .name = LN_idea_cbc, + .cipher = EVP_idea_cbc, + }, + { + .name = LN_idea_cfb64, + .cipher = EVP_idea_cfb64, + }, + { + .name = LN_idea_ecb, + .cipher = EVP_idea_ecb, + }, + { + .name = LN_idea_ofb64, + .cipher = EVP_idea_ofb, + }, +#endif /* OPENSSL_NO_IDEA */ + +#ifndef OPENSSL_NO_RC2 + { + .name = "rc2", + .cipher = EVP_rc2_cbc, + .alias = SN_rc2_cbc, + }, + + { + .name = LN_rc2_40_cbc, + .cipher = EVP_rc2_40_cbc, + }, + { + .name = LN_rc2_64_cbc, + .cipher = EVP_rc2_64_cbc, + }, + { + .name = LN_rc2_cbc, + .cipher = EVP_rc2_cbc, + }, + { + .name = LN_rc2_cfb64, + .cipher = EVP_rc2_cfb64, + }, + { + .name = LN_rc2_ecb, + .cipher = EVP_rc2_ecb, + }, + { + .name = LN_rc2_ofb64, + .cipher = EVP_rc2_ofb, + }, +#endif /* OPENSSL_NO_RC2 */ + +#ifndef OPENSSL_NO_RC4 + { + .name = LN_rc4, + .cipher = EVP_rc4, + }, + { + .name = LN_rc4_40, + .cipher = EVP_rc4_40, + }, + { + .name = LN_rc4_hmac_md5, + .cipher = EVP_rc4_hmac_md5, + }, +#endif /* OPENSSL_NO_RC4 */ + +#ifndef OPENSSL_NO_SM4 + { + .name = "sm4", + .cipher = EVP_sm4_cbc, + .alias = SN_sm4_cbc, + }, + + { + .name = LN_sm4_cbc, + .cipher = EVP_sm4_cbc, + }, + { + .name = LN_sm4_cfb128, + .cipher = EVP_sm4_cfb128, + }, + { + .name = LN_sm4_ctr, + .cipher = EVP_sm4_ctr, + }, + { + .name = LN_sm4_ecb, + .cipher = EVP_sm4_ecb, + }, + { + .name = LN_sm4_ofb128, + .cipher = EVP_sm4_ofb, + }, +#endif /* OPENSSL_NO_SM4 */ +}; + +#define N_CIPHER_NAMES (sizeof(cipher_names) / sizeof(cipher_names[0])) + +/* + * Keep this table alphabetically sorted by increasing .name. + * regresss/lib/libcrypto/evp/evp_test.c checks that. + */ + +static const struct digest_name digest_names[] = { +#ifndef OPENSSL_NO_GOST + { + .name = LN_id_Gost28147_89_MAC, + .digest = EVP_gost2814789imit, + }, + { + .name = LN_id_tc26_gost3411_2012_512, + .digest = EVP_streebog512, + }, + { + .name = LN_id_tc26_gost3411_2012_256, + .digest = EVP_streebog256, + }, + { + .name = LN_id_GostR3411_94, + .digest = EVP_gostr341194, + }, +#endif /* OPENSSL_NO_GOST */ + +#ifndef OPENSSL_NO_MD4 + { + .name = SN_md4, + .digest = EVP_md4, + }, +#endif /* OPENSSL_NO_MD4 */ + +#ifndef OPENSSL_NO_MD5 + { + .name = SN_md5, + .digest = EVP_md5, + }, +#endif /* OPENSSL_NO_MD5 */ + +#if !defined(OPENSSL_NO_MD5) && !defined(OPENSSL_NO_SHA1) + { + .name = SN_md5_sha1, + .digest = EVP_md5_sha1, + }, +#endif /* OPENSSL_NO_MD5 && OPENSSL_NO_SHA1 */ + +#ifndef OPENSSL_NO_RIPEMD + { + .name = SN_ripemd160, + .digest = EVP_ripemd160, + }, +#endif /* OPENSSL_NO_RIPEMD */ + +#ifndef OPENSSL_NO_RSA +#ifndef OPENSSL_NO_MD4 + { + .name = SN_md4WithRSAEncryption, + .digest = EVP_md4, + .alias = SN_md4, + }, +#endif /* OPENSSL_NO_MD4 */ +#ifndef OPENSSL_NO_MD5 + { + .name = SN_md5WithRSAEncryption, + .digest = EVP_md5, + .alias = SN_md5, + }, +#endif /* OPENSSL_NO_MD5 */ +#ifndef OPENSSL_NO_RIPEMD + { + .name = SN_ripemd160WithRSA, + .digest = EVP_ripemd160, + .alias = SN_ripemd160, + }, +#endif /* OPENSSL_NO_RIPEMD */ +#ifndef OPENSSL_NO_SHA1 + { + .name = SN_sha1WithRSAEncryption, + .digest = EVP_sha1, + .alias = SN_sha1, + }, + { + .name = SN_sha1WithRSA, + .digest = EVP_sha1, + .alias = SN_sha1, /* XXX - alias to SN_sha1WithRSAEncryption? */ + }, +#endif /* OPENSSL_NO_SHA1 */ +#ifndef OPENSSL_NO_SHA256 + { + .name = SN_sha224WithRSAEncryption, + .digest = EVP_sha224, + .alias = SN_sha224, + }, + { + .name = SN_sha256WithRSAEncryption, + .digest = EVP_sha256, + .alias = SN_sha256, + }, +#endif /* OPENSSL_NO_SHA256 */ +#ifndef OPENSSL_NO_SHA3 + { + .name = LN_RSA_SHA3_224, + .digest = EVP_sha3_224, + .alias = SN_sha3_224, + }, + { + .name = LN_RSA_SHA3_256, + .digest = EVP_sha3_256, + .alias = SN_sha3_256, + }, + { + .name = LN_RSA_SHA3_384, + .digest = EVP_sha3_384, + .alias = SN_sha3_384, + }, + { + .name = LN_RSA_SHA3_512, + .digest = EVP_sha3_512, + .alias = SN_sha3_512, + }, +#endif /* OPENSSL_NO_SHA3 */ +#ifndef OPENSSL_NO_SHA512 + { + .name = SN_sha384WithRSAEncryption, + .digest = EVP_sha384, + .alias = SN_sha384, + }, + { + .name = SN_sha512WithRSAEncryption, + .digest = EVP_sha512, + .alias = SN_sha512, + }, + { + .name = SN_sha512_224WithRSAEncryption, + .digest = EVP_sha512_224, + .alias = SN_sha512_224, + }, + { + .name = SN_sha512_256WithRSAEncryption, + .digest = EVP_sha512_256, + .alias = SN_sha512_256, + }, +#endif /* OPENSSL_NO_SHA256 */ +#ifndef OPENSSL_NO_SM4 + { + .name = SN_sm3WithRSAEncryption, + .digest = EVP_sm3, + .alias = SN_sm3, + }, +#endif +#endif /* OPENSSL_NO_RSA */ + +#ifndef OPENSSL_NO_SHA1 + { + .name = SN_sha1, + .digest = EVP_sha1, + }, +#endif /* OPENSSL_NO_SHA1 */ +#ifndef OPENSSL_NO_SHA256 + { + .name = SN_sha224, + .digest = EVP_sha224, + }, + { + .name = SN_sha256, + .digest = EVP_sha256, + }, +#endif /* OPENSSL_NO_SHA256 */ +#ifndef OPENSSL_NO_SHA3 + { + .name = SN_sha3_224, + .digest = EVP_sha3_224, + }, + { + .name = SN_sha3_256, + .digest = EVP_sha3_256, + }, + { + .name = SN_sha3_384, + .digest = EVP_sha3_384, + }, + { + .name = SN_sha3_512, + .digest = EVP_sha3_512, + }, +#endif /* OPENSSL_NO_SHA3 */ + +#ifndef OPENSSL_NO_SHA512 + { + .name = SN_sha384, + .digest = EVP_sha384, + }, + { + .name = SN_sha512, + .digest = EVP_sha512, + }, + { + .name = SN_sha512_224, + .digest = EVP_sha512_224, + }, + { + .name = SN_sha512_256, + .digest = EVP_sha512_256, + }, +#endif /* OPENSSL_NO_SHA512 */ +#ifndef OPENSSL_NO_SM3 + { + .name = SN_sm3, + .digest = EVP_sm3, + }, +#endif /* OPENSSL_NO_SM3 */ + +#ifndef OPENSSL_NO_GOST + { + .name = SN_id_Gost28147_89_MAC, + .digest = EVP_gost2814789imit, + }, +#endif /* OPENSSL_NO_GOST */ + +#if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_SHA3) + { + .name = SN_RSA_SHA3_224, + .digest = EVP_sha3_224, + .alias = SN_sha3_224, + }, + { + .name = SN_RSA_SHA3_256, + .digest = EVP_sha3_256, + .alias = SN_sha3_256, + }, + { + .name = SN_RSA_SHA3_384, + .digest = EVP_sha3_384, + .alias = SN_sha3_384, + }, + { + .name = SN_RSA_SHA3_512, + .digest = EVP_sha3_512, + .alias = SN_sha3_512, + }, +#endif /* OPENSSL_NO_RSA && OPENSSL_NO_SHA3 */ + +#ifndef OPENSSL_NO_MD4 + { + .name = LN_md4, + .digest = EVP_md4, + }, +#endif /* OPENSSL_NO_MD4 */ +#if !defined(OPENSSL_NO_MD4) && !defined(OPENSSL_NO_RSA) + { + .name = LN_md4WithRSAEncryption, + .digest = EVP_md4, + .alias = SN_md4, + }, +#endif /* OPENSSL_NO_MD4 */ + +#if !defined(OPENSSL_NO_MD5) + { + .name = LN_md5, + .digest = EVP_md5, + }, +#endif /* OPENSSL_NO_MD5 */ +#if !defined(OPENSSL_NO_MD5) && !defined(OPENSSL_NO_SHA1) + { + .name = LN_md5_sha1, + .digest = EVP_md5_sha1, + }, +#endif /* OPENSSL_NO_MD5 && OPENSSL_NO_SHA1 */ +#if !defined(OPENSSL_NO_MD5) && !defined(OPENSSL_NO_RSA) + { + .name = LN_md5WithRSAEncryption, + .digest = EVP_md5, + .alias = SN_md5, + }, +#endif + +#ifndef OPENSSL_NO_GOST + { + .name = SN_id_GostR3411_94, + .digest = EVP_gostr341194, + }, +#endif /* OPENSSL_NO_GOST */ + +#ifndef OPENSSL_NO_RIPEMD + { + .name = "ripemd", + .digest = EVP_ripemd160, + .alias = SN_ripemd160, + }, + { + .name = LN_ripemd160, + .digest = EVP_ripemd160, + }, +#ifndef OPENSSL_NO_RSA + { + .name = LN_ripemd160WithRSA, + .digest = EVP_ripemd160, + .alias = SN_ripemd160, + }, +#endif /* OPENSSL_NO_RSA */ + { + .name = "rmd160", + .digest = EVP_ripemd160, + .alias = SN_ripemd160, + }, +#endif /* OPENSSL_NO_RIPEMD */ + +#ifndef OPENSSL_NO_SHA1 + { + .name = LN_sha1, + .digest = EVP_sha1, + }, +#endif /* OPENSSL_NO_SHA1 */ +#if !defined(OPENSSL_NO_SHA1) && !defined(OPENSSL_NO_RSA) + { + .name = LN_sha1WithRSAEncryption, + .digest = EVP_sha1, + .alias = SN_sha1, + }, +#endif /* OPENSSL_NO_SHA1 && OPENSSL_NO_RSA */ + +#ifndef OPENSSL_NO_SHA256 + { + .name = LN_sha224, + .digest = EVP_sha224, + }, +#ifndef OPENSSL_NO_RSA + { + .name = LN_sha224WithRSAEncryption, + .digest = EVP_sha224, + .alias = SN_sha224, + }, +#endif /* OPENSSL_NO_RSA */ + { + .name = LN_sha256, + .digest = EVP_sha256, + }, +#ifndef OPENSSL_NO_RSA + { + .name = LN_sha256WithRSAEncryption, + .digest = EVP_sha256, + .alias = SN_sha256, + }, +#endif /* OPENSSL_NO_RSA */ +#endif /* OPENSSL_NO_SHA256 */ + +#ifndef OPENSSL_NO_SHA3 + { + .name = LN_sha3_224, + .digest = EVP_sha3_224, + }, + { + .name = LN_sha3_256, + .digest = EVP_sha3_256, + }, + { + .name = LN_sha3_384, + .digest = EVP_sha3_384, + }, + { + .name = LN_sha3_512, + .digest = EVP_sha3_512, + }, +#endif /* OPENSSL_NO_SHA3 */ + +#ifndef OPENSSL_NO_SHA512 + { + .name = LN_sha384, + .digest = EVP_sha384, + }, +#ifndef OPENSSL_NO_RSA + { + .name = LN_sha384WithRSAEncryption, + .digest = EVP_sha384, + .alias = SN_sha384, + }, +#endif /* OPENSSL_NO_RSA */ + { + .name = LN_sha512, + .digest = EVP_sha512, + }, + { + .name = LN_sha512_224, + .digest = EVP_sha512_224, + }, +#ifndef OPENSSL_NO_RSA + { + .name = LN_sha512_224WithRSAEncryption, + .digest = EVP_sha512_224, + .alias = SN_sha512_224, + }, +#endif + { + .name = LN_sha512_256, + .digest = EVP_sha512_256, + }, +#ifndef OPENSSL_NO_RSA + { + .name = LN_sha512_256WithRSAEncryption, + .digest = EVP_sha512_256, + .alias = SN_sha512_256, + }, + { + .name = LN_sha512WithRSAEncryption, + .digest = EVP_sha512, + .alias = SN_sha512, + }, +#endif +#endif /* OPENSSL_NO_SHA512 */ + +#ifndef OPENSSL_NO_SM3 + { + .name = LN_sm3, + .digest = EVP_sm3, + }, +#endif /* OPENSSL_NO_SM3 */ +#if !defined(OPENSSL_NO_SM3) && !defined(OPENSSL_NO_RSA) + { + .name = LN_sm3WithRSAEncryption, + .digest = EVP_sm3, + .alias = SN_sm3, + }, +#endif /* OPENSSL_NO_SM3 && OPENSSL_NO_RSA */ + +#ifndef OPENSSL_NO_MD5 + { + .name = "ssl2-md5", + .digest = EVP_md5, + .alias = SN_md5, + }, + { + .name = "ssl3-md5", + .digest = EVP_md5, + .alias = SN_md5, + }, +#endif /* OPENSSL_NO_MD5 */ + +#ifndef OPENSSL_NO_SHA1 + { + .name = "ssl3-sha1", + .digest = EVP_sha1, + .alias = SN_sha1, + }, +#endif /* OPENSSL_NO_SHA1 */ + +#ifndef OPENSSL_NO_GOST + { + .name = SN_id_tc26_gost3411_2012_256, + .digest = EVP_streebog256, + }, + { + .name = SN_id_tc26_gost3411_2012_512, + .digest = EVP_streebog512, + }, +#endif /* OPENSSL_NO_GOST */ + +#ifndef OPENSSL_NO_WHIRLPOOL + { + .name = SN_whirlpool, + .digest = EVP_whirlpool, + }, +#endif +}; + +#define N_DIGEST_NAMES (sizeof(digest_names) / sizeof(digest_names[0])) + +void +EVP_CIPHER_do_all_sorted(void (*fn)(const EVP_CIPHER *, const char *, + const char *, void *), void *arg) +{ + size_t i; + + /* Prayer and clean living lets you ignore errors, OpenSSL style. */ + (void)OPENSSL_init_crypto(0, NULL); + + for (i = 0; i < N_CIPHER_NAMES; i++) { + const struct cipher_name *cipher = &cipher_names[i]; + const EVP_CIPHER *evp_cipher; + + if ((evp_cipher = cipher->cipher()) == NULL) + continue; + + if (cipher->alias != NULL) + fn(NULL, cipher->name, cipher->alias, arg); + else + fn(evp_cipher, cipher->name, NULL, arg); + } +} + +void +EVP_CIPHER_do_all(void (*fn)(const EVP_CIPHER *, const char *, const char *, + void *), void *arg) +{ + EVP_CIPHER_do_all_sorted(fn, arg); +} + +void +EVP_MD_do_all_sorted(void (*fn)(const EVP_MD *, const char *, const char *, + void *), void *arg) +{ + size_t i; + + /* Prayer and clean living lets you ignore errors, OpenSSL style. */ + (void)OPENSSL_init_crypto(0, NULL); + + for (i = 0; i < N_DIGEST_NAMES; i++) { + const struct digest_name *digest = &digest_names[i]; + const EVP_MD *evp_md; + + if ((evp_md = digest->digest()) == NULL) + continue; + + if (digest->alias != NULL) + fn(NULL, digest->name, digest->alias, arg); + else + fn(evp_md, digest->name, NULL, arg); + } +} + +void +EVP_MD_do_all(void (*fn)(const EVP_MD *, const char *, const char *, void *), + void *arg) +{ + EVP_MD_do_all_sorted(fn, arg); +} + +/* + * The OBJ_NAME API is completely misnamed. It has little to do with objects + * and a lot to do with EVP. Therefore we implement a saner replacement for + * the part of the old madness that we need to keep in the evp directory. + */ + +static int +OBJ_NAME_from_cipher_name(OBJ_NAME *obj_name, const struct cipher_name *cipher) +{ + const EVP_CIPHER *evp_cipher; + + if ((evp_cipher = cipher->cipher()) == NULL) + return 0; + + obj_name->type = OBJ_NAME_TYPE_CIPHER_METH; + obj_name->name = cipher->name; + if (cipher->alias != NULL) { + obj_name->alias = OBJ_NAME_ALIAS; + obj_name->data = cipher->alias; + } else { + obj_name->alias = 0; + obj_name->data = (const char *)evp_cipher; + } + + return 1; +} + +static void +OBJ_NAME_do_all_ciphers(void (*fn)(const OBJ_NAME *, void *), void *arg) +{ + size_t i; + + for (i = 0; i < N_CIPHER_NAMES; i++) { + const struct cipher_name *cipher = &cipher_names[i]; + OBJ_NAME name; + + if (OBJ_NAME_from_cipher_name(&name, cipher)) + fn(&name, arg); + } +} + +static int +OBJ_NAME_from_digest_name(OBJ_NAME *obj_name, const struct digest_name *digest) +{ + const EVP_MD *evp_md; + + if ((evp_md = digest->digest()) == NULL) + return 0; + + obj_name->type = OBJ_NAME_TYPE_MD_METH; + obj_name->name = digest->name; + if (digest->alias != NULL) { + obj_name->alias = OBJ_NAME_ALIAS; + obj_name->data = digest->alias; + } else { + obj_name->alias = 0; + obj_name->data = (const char *)evp_md; + } + + return 1; +} + +static void +OBJ_NAME_do_all_digests(void (*fn)(const OBJ_NAME *, void *), void *arg) +{ + size_t i; + + for (i = 0; i < N_DIGEST_NAMES; i++) { + const struct digest_name *digest = &digest_names[i]; + OBJ_NAME name; + + if (OBJ_NAME_from_digest_name(&name, digest)) + fn(&name, arg); + } +} + +void +OBJ_NAME_do_all_sorted(int type, void (*fn)(const OBJ_NAME *, void *), void *arg) +{ + /* Prayer and clean living lets you ignore errors, OpenSSL style. */ + (void)OPENSSL_init_crypto(0, NULL); + + if (type == OBJ_NAME_TYPE_CIPHER_METH) + OBJ_NAME_do_all_ciphers(fn, arg); + if (type == OBJ_NAME_TYPE_MD_METH) + OBJ_NAME_do_all_digests(fn, arg); +} +LCRYPTO_ALIAS(OBJ_NAME_do_all_sorted); + +void +OBJ_NAME_do_all(int type, void (*fn)(const OBJ_NAME *, void *), void *arg) +{ + OBJ_NAME_do_all_sorted(type, fn, arg); +} +LCRYPTO_ALIAS(OBJ_NAME_do_all); + +static int +cipher_cmp(const void *a, const void *b) +{ + return strcmp(a, ((const struct cipher_name *)b)->name); +} + +const EVP_CIPHER * +EVP_get_cipherbyname(const char *name) +{ + const struct cipher_name *cipher; + + if (!OPENSSL_init_crypto(0, NULL)) + return NULL; + + if ((cipher = bsearch(name, cipher_names, N_CIPHER_NAMES, + sizeof(*cipher), cipher_cmp)) == NULL) + return NULL; + + return cipher->cipher(); +} + +static int +digest_cmp(const void *a, const void *b) +{ + return strcmp(a, ((const struct digest_name *)b)->name); +} + +const EVP_MD * +EVP_get_digestbyname(const char *name) +{ + const struct digest_name *digest; + + if (!OPENSSL_init_crypto(0, NULL)) + return NULL; + + if ((digest = bsearch(name, digest_names, N_DIGEST_NAMES, + sizeof(*digest), digest_cmp)) == NULL) + return NULL; + + return digest->digest(); +} + +/* + * XXX - this is here because most of its job was to clean up the dynamic + * tables of ciphers and digests. If we get an evp_lib.c again, it should + * probably move there. + */ + +void +EVP_cleanup(void) +{ +} + +/* + * XXX - Remove all the garbage below in the next bump. + */ + +int +EVP_add_cipher(const EVP_CIPHER *c) +{ + return 1; +} + +int +EVP_add_digest(const EVP_MD *md) +{ + return 1; +} + +int +OBJ_NAME_init(void) +{ + OBJerror(ERR_R_DISABLED); + return 0; +} +LCRYPTO_ALIAS(OBJ_NAME_init); + +int +OBJ_NAME_new_index(unsigned long (*hash_func)(const char *), + int (*cmp_func)(const char *, const char *), + void (*free_func)(const char *, int, const char *)) +{ + OBJerror(ERR_R_DISABLED); + return 0; +} +LCRYPTO_ALIAS(OBJ_NAME_new_index); + +const char * +OBJ_NAME_get(const char *name, int type) +{ + OBJerror(ERR_R_DISABLED); + return NULL; +} +LCRYPTO_ALIAS(OBJ_NAME_get); + +int +OBJ_NAME_add(const char *name, int type, const char *data) +{ + /* No error to avoid polluting xca's error stack. */ + return 0; +} +LCRYPTO_ALIAS(OBJ_NAME_add); + +int +OBJ_NAME_remove(const char *name, int type) +{ + OBJerror(ERR_R_DISABLED); + return 0; +} +LCRYPTO_ALIAS(OBJ_NAME_remove); + +void +OBJ_NAME_cleanup(int type) +{ +} +LCRYPTO_ALIAS(OBJ_NAME_cleanup); diff --git a/lib/libcrypto/evp/names.c b/lib/libcrypto/evp/names.c deleted file mode 100644 index a96301ed5..000000000 --- a/lib/libcrypto/evp/names.c +++ /dev/null @@ -1,239 +0,0 @@ -/* $OpenBSD: names.c,v 1.22 2023/12/15 14:22:10 tb Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include - -#include -#include -#include - -#include "evp_local.h" - -extern int obj_cleanup_defer; -void check_defer(int nid); - -int -EVP_add_cipher(const EVP_CIPHER *c) -{ - int r; - - if (c == NULL) - return 0; - - r = OBJ_NAME_add(OBJ_nid2sn(c->nid), OBJ_NAME_TYPE_CIPHER_METH, - (const char *)c); - if (r == 0) - return (0); - check_defer(c->nid); - r = OBJ_NAME_add(OBJ_nid2ln(c->nid), OBJ_NAME_TYPE_CIPHER_METH, - (const char *)c); - return (r); -} - -int -EVP_add_digest(const EVP_MD *md) -{ - int r; - const char *name; - - name = OBJ_nid2sn(md->type); - r = OBJ_NAME_add(name, OBJ_NAME_TYPE_MD_METH, (const char *)md); - if (r == 0) - return (0); - check_defer(md->type); - r = OBJ_NAME_add(OBJ_nid2ln(md->type), OBJ_NAME_TYPE_MD_METH, - (const char *)md); - if (r == 0) - return (0); - - if (md->pkey_type && md->type != md->pkey_type) { - r = OBJ_NAME_add(OBJ_nid2sn(md->pkey_type), - OBJ_NAME_TYPE_MD_METH|OBJ_NAME_ALIAS, name); - if (r == 0) - return (0); - check_defer(md->pkey_type); - r = OBJ_NAME_add(OBJ_nid2ln(md->pkey_type), - OBJ_NAME_TYPE_MD_METH|OBJ_NAME_ALIAS, name); - } - return (r); -} - -const EVP_CIPHER * -EVP_get_cipherbyname(const char *name) -{ - if (!OPENSSL_init_crypto(0, NULL)) - return NULL; - - return (const EVP_CIPHER *)OBJ_NAME_get(name, OBJ_NAME_TYPE_CIPHER_METH); -} - -const EVP_MD * -EVP_get_digestbyname(const char *name) -{ - if (!OPENSSL_init_crypto(0, NULL)) - return NULL; - - return (const EVP_MD *)OBJ_NAME_get(name, OBJ_NAME_TYPE_MD_METH); -} - -void -EVP_cleanup(void) -{ - OBJ_NAME_cleanup(OBJ_NAME_TYPE_CIPHER_METH); - OBJ_NAME_cleanup(OBJ_NAME_TYPE_MD_METH); - /* The above calls will only clean out the contents of the name - hash table, but not the hash table itself. The following line - does that part. -- Richard Levitte */ - OBJ_NAME_cleanup(-1); - - if (obj_cleanup_defer == 2) { - obj_cleanup_defer = 0; - OBJ_cleanup(); - } -} - -struct doall_cipher { - void *arg; - void (*fn)(const EVP_CIPHER *ciph, const char *from, const char *to, - void *arg); -}; - -static void -do_all_cipher_fn(const OBJ_NAME *nm, void *arg) -{ - struct doall_cipher *dc = arg; - - if (nm->alias) - dc->fn(NULL, nm->name, nm->data, dc->arg); - else - dc->fn((const EVP_CIPHER *)nm->data, nm->name, NULL, dc->arg); -} - -void -EVP_CIPHER_do_all(void (*fn)(const EVP_CIPHER *ciph, const char *from, - const char *to, void *x), void *arg) -{ - struct doall_cipher dc; - - /* Prayer and clean living lets you ignore errors, OpenSSL style */ - (void) OPENSSL_init_crypto(0, NULL); - - dc.fn = fn; - dc.arg = arg; - OBJ_NAME_do_all(OBJ_NAME_TYPE_CIPHER_METH, do_all_cipher_fn, &dc); -} - -void -EVP_CIPHER_do_all_sorted(void (*fn)(const EVP_CIPHER *ciph, const char *from, - const char *to, void *x), void *arg) -{ - struct doall_cipher dc; - - /* Prayer and clean living lets you ignore errors, OpenSSL style */ - (void) OPENSSL_init_crypto(0, NULL); - - dc.fn = fn; - dc.arg = arg; - OBJ_NAME_do_all_sorted(OBJ_NAME_TYPE_CIPHER_METH, - do_all_cipher_fn, &dc); -} - -struct doall_md { - void *arg; - void (*fn)(const EVP_MD *ciph, const char *from, const char *to, - void *arg); -}; - -static void -do_all_md_fn(const OBJ_NAME *nm, void *arg) -{ - struct doall_md *dc = arg; - - if (nm->alias) - dc->fn(NULL, nm->name, nm->data, dc->arg); - else - dc->fn((const EVP_MD *)nm->data, nm->name, NULL, dc->arg); -} - -void -EVP_MD_do_all(void (*fn)(const EVP_MD *md, const char *from, const char *to, - void *x), void *arg) -{ - struct doall_md dc; - - /* Prayer and clean living lets you ignore errors, OpenSSL style */ - (void) OPENSSL_init_crypto(0, NULL); - - dc.fn = fn; - dc.arg = arg; - OBJ_NAME_do_all(OBJ_NAME_TYPE_MD_METH, do_all_md_fn, &dc); -} - -void -EVP_MD_do_all_sorted(void (*fn)(const EVP_MD *md, - const char *from, const char *to, void *x), void *arg) -{ - struct doall_md dc; - - /* Prayer and clean living lets you ignore errors, OpenSSL style */ - (void) OPENSSL_init_crypto(0, NULL); - - dc.fn = fn; - dc.arg = arg; - OBJ_NAME_do_all_sorted(OBJ_NAME_TYPE_MD_METH, do_all_md_fn, &dc); -} diff --git a/lib/libcrypto/evp/pmeth_lib.c b/lib/libcrypto/evp/pmeth_lib.c index 604181d31..67ab72eff 100644 --- a/lib/libcrypto/evp/pmeth_lib.c +++ b/lib/libcrypto/evp/pmeth_lib.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pmeth_lib.c,v 1.36 2024/01/04 20:15:01 tb Exp $ */ +/* $OpenBSD: pmeth_lib.c,v 1.37 2024/01/13 12:46:59 tb Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2006. */ @@ -101,14 +101,14 @@ static const EVP_PKEY_METHOD *pkey_methods[] = { #define N_PKEY_METHODS (sizeof(pkey_methods) / sizeof(pkey_methods[0])) -const EVP_PKEY_METHOD * -EVP_PKEY_meth_find(int type) +static const EVP_PKEY_METHOD * +evp_pkey_method_find(int nid) { size_t i; for (i = 0; i < N_PKEY_METHODS; i++) { const EVP_PKEY_METHOD *pmeth = pkey_methods[i]; - if (pmeth->pkey_id == type) + if (pmeth->pkey_id == nid) return pmeth; } @@ -116,18 +116,18 @@ EVP_PKEY_meth_find(int type) } static EVP_PKEY_CTX * -evp_pkey_ctx_new(EVP_PKEY *pkey, int id) +evp_pkey_ctx_new(EVP_PKEY *pkey, int nid) { EVP_PKEY_CTX *pkey_ctx = NULL; const EVP_PKEY_METHOD *pmeth; - if (id == -1) { + if (nid == -1) { if (pkey == NULL || pkey->ameth == NULL) return NULL; - id = pkey->ameth->pkey_id; + nid = pkey->ameth->pkey_id; } - if ((pmeth = EVP_PKEY_meth_find(id)) == NULL) { + if ((pmeth = evp_pkey_method_find(nid)) == NULL) { EVPerror(EVP_R_UNSUPPORTED_ALGORITHM); goto err; } @@ -154,50 +154,6 @@ evp_pkey_ctx_new(EVP_PKEY *pkey, int id) return NULL; } -EVP_PKEY_METHOD* -EVP_PKEY_meth_new(int id, int flags) -{ - EVP_PKEY_METHOD *pmeth; - - if ((pmeth = calloc(1, sizeof(EVP_PKEY_METHOD))) == NULL) - return NULL; - - pmeth->pkey_id = id; - pmeth->flags = flags | EVP_PKEY_FLAG_DYNAMIC; - - return pmeth; -} - -void -EVP_PKEY_meth_get0_info(int *ppkey_id, int *pflags, const EVP_PKEY_METHOD *meth) -{ - if (ppkey_id) - *ppkey_id = meth->pkey_id; - if (pflags) - *pflags = meth->flags; -} - -void -EVP_PKEY_meth_copy(EVP_PKEY_METHOD *dst, const EVP_PKEY_METHOD *src) -{ - EVP_PKEY_METHOD preserve; - - preserve.pkey_id = dst->pkey_id; - preserve.flags = dst->flags; - - *dst = *src; - - dst->pkey_id = preserve.pkey_id; - dst->flags = preserve.flags; -} - -void -EVP_PKEY_meth_free(EVP_PKEY_METHOD *pmeth) -{ - if (pmeth && (pmeth->flags & EVP_PKEY_FLAG_DYNAMIC)) - free(pmeth); -} - EVP_PKEY_CTX * EVP_PKEY_CTX_new(EVP_PKEY *pkey, ENGINE *engine) { @@ -205,9 +161,9 @@ EVP_PKEY_CTX_new(EVP_PKEY *pkey, ENGINE *engine) } EVP_PKEY_CTX * -EVP_PKEY_CTX_new_id(int id, ENGINE *engine) +EVP_PKEY_CTX_new_id(int nid, ENGINE *engine) { - return evp_pkey_ctx_new(NULL, id); + return evp_pkey_ctx_new(NULL, nid); } EVP_PKEY_CTX * @@ -241,13 +197,6 @@ EVP_PKEY_CTX_dup(EVP_PKEY_CTX *pctx) return NULL; } -int -EVP_PKEY_meth_add0(const EVP_PKEY_METHOD *pmeth) -{ - EVPerror(ERR_R_DISABLED); - return 0; -} - void EVP_PKEY_CTX_free(EVP_PKEY_CTX *ctx) { @@ -399,25 +348,62 @@ EVP_PKEY_CTX_get_app_data(EVP_PKEY_CTX *ctx) return ctx->app_data; } +/* + * Remove all the functions below in the next major bump + */ + +const EVP_PKEY_METHOD * +EVP_PKEY_meth_find(int type) +{ + EVPerror(ERR_R_DISABLED); + return NULL; +} + +EVP_PKEY_METHOD* +EVP_PKEY_meth_new(int id, int flags) +{ + EVPerror(ERR_R_DISABLED); + return NULL; +} + +void +EVP_PKEY_meth_get0_info(int *ppkey_id, int *pflags, const EVP_PKEY_METHOD *meth) +{ +} + +void +EVP_PKEY_meth_copy(EVP_PKEY_METHOD *dst, const EVP_PKEY_METHOD *src) +{ +} + +void +EVP_PKEY_meth_free(EVP_PKEY_METHOD *pmeth) +{ +} + +int +EVP_PKEY_meth_add0(const EVP_PKEY_METHOD *pmeth) +{ + EVPerror(ERR_R_DISABLED); + return 0; +} + void EVP_PKEY_meth_set_init(EVP_PKEY_METHOD *pmeth, int (*init)(EVP_PKEY_CTX *ctx)) { - pmeth->init = init; } void EVP_PKEY_meth_set_copy(EVP_PKEY_METHOD *pmeth, int (*copy)(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src)) { - pmeth->copy = copy; } void EVP_PKEY_meth_set_cleanup(EVP_PKEY_METHOD *pmeth, void (*cleanup)(EVP_PKEY_CTX *ctx)) { - pmeth->cleanup = cleanup; } void @@ -425,8 +411,6 @@ EVP_PKEY_meth_set_paramgen(EVP_PKEY_METHOD *pmeth, int (*paramgen_init)(EVP_PKEY_CTX *ctx), int (*paramgen)(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)) { - pmeth->paramgen_init = paramgen_init; - pmeth->paramgen = paramgen; } void @@ -434,8 +418,6 @@ EVP_PKEY_meth_set_keygen(EVP_PKEY_METHOD *pmeth, int (*keygen_init)(EVP_PKEY_CTX *ctx), int (*keygen)(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)) { - pmeth->keygen_init = keygen_init; - pmeth->keygen = keygen; } void @@ -444,8 +426,6 @@ EVP_PKEY_meth_set_sign(EVP_PKEY_METHOD *pmeth, int (*sign)(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, const unsigned char *tbs, size_t tbslen)) { - pmeth->sign_init = sign_init; - pmeth->sign = sign; } void @@ -454,8 +434,6 @@ EVP_PKEY_meth_set_verify(EVP_PKEY_METHOD *pmeth, int (*verify)(EVP_PKEY_CTX *ctx, const unsigned char *sig, size_t siglen, const unsigned char *tbs, size_t tbslen)) { - pmeth->verify_init = verify_init; - pmeth->verify = verify; } void @@ -465,8 +443,6 @@ EVP_PKEY_meth_set_verify_recover(EVP_PKEY_METHOD *pmeth, unsigned char *sig, size_t *siglen, const unsigned char *tbs, size_t tbslen)) { - pmeth->verify_recover_init = verify_recover_init; - pmeth->verify_recover = verify_recover; } void @@ -475,8 +451,6 @@ EVP_PKEY_meth_set_signctx(EVP_PKEY_METHOD *pmeth, int (*signctx)(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, EVP_MD_CTX *mctx)) { - pmeth->signctx_init = signctx_init; - pmeth->signctx = signctx; } void @@ -485,8 +459,6 @@ EVP_PKEY_meth_set_verifyctx(EVP_PKEY_METHOD *pmeth, int (*verifyctx)(EVP_PKEY_CTX *ctx, const unsigned char *sig, int siglen, EVP_MD_CTX *mctx)) { - pmeth->verifyctx_init = verifyctx_init; - pmeth->verifyctx = verifyctx; } void @@ -495,8 +467,6 @@ EVP_PKEY_meth_set_encrypt(EVP_PKEY_METHOD *pmeth, int (*encryptfn)(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen, const unsigned char *in, size_t inlen)) { - pmeth->encrypt_init = encrypt_init; - pmeth->encrypt = encryptfn; } void @@ -505,8 +475,6 @@ EVP_PKEY_meth_set_decrypt(EVP_PKEY_METHOD *pmeth, int (*decrypt)(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen, const unsigned char *in, size_t inlen)) { - pmeth->decrypt_init = decrypt_init; - pmeth->decrypt = decrypt; } void @@ -514,8 +482,6 @@ EVP_PKEY_meth_set_derive(EVP_PKEY_METHOD *pmeth, int (*derive_init)(EVP_PKEY_CTX *ctx), int (*derive)(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen)) { - pmeth->derive_init = derive_init; - pmeth->derive = derive; } void @@ -523,26 +489,21 @@ EVP_PKEY_meth_set_ctrl(EVP_PKEY_METHOD *pmeth, int (*ctrl)(EVP_PKEY_CTX *ctx, int type, int p1, void *p2), int (*ctrl_str)(EVP_PKEY_CTX *ctx, const char *type, const char *value)) { - pmeth->ctrl = ctrl; - pmeth->ctrl_str = ctrl_str; } void EVP_PKEY_meth_set_check(EVP_PKEY_METHOD *pmeth, int (*check)(EVP_PKEY *pkey)) { - pmeth->check = check; } void EVP_PKEY_meth_set_public_check(EVP_PKEY_METHOD *pmeth, int (*public_check)(EVP_PKEY *pkey)) { - pmeth->public_check = public_check; } void EVP_PKEY_meth_set_param_check(EVP_PKEY_METHOD *pmeth, int (*param_check)(EVP_PKEY *pkey)) { - pmeth->param_check = param_check; } diff --git a/lib/libcrypto/man/OBJ_create.3 b/lib/libcrypto/man/OBJ_create.3 index 7a6135e05..6bc255e98 100644 --- a/lib/libcrypto/man/OBJ_create.3 +++ b/lib/libcrypto/man/OBJ_create.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: OBJ_create.3,v 1.8 2023/09/06 12:26:59 schwarze Exp $ +.\" $OpenBSD: OBJ_create.3,v 1.9 2024/01/13 19:06:20 tb Exp $ .\" full merge up to: .\" OpenSSL OBJ_nid2obj.pod 9b86974e Aug 17 15:21:33 2015 -0400 .\" selective merge up to: @@ -69,7 +69,7 @@ .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED .\" OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd $Mdocdate: September 6 2023 $ +.Dd $Mdocdate: January 13 2024 $ .Dt OBJ_CREATE 3 .Os .Sh NAME @@ -78,9 +78,7 @@ .Nm OBJ_create , .\" OBJ_create_and_add_object is a deprecated, unused alias for OBJ_create(3). .Nm OBJ_create_objects , -.Nm obj_cleanup_defer , -.Nm OBJ_cleanup , -.Nm check_defer +.Nm OBJ_cleanup .Nd modify the table of ASN.1 object identifiers .Sh SYNOPSIS .In openssl/objects.h @@ -96,11 +94,8 @@ .Fc .Ft int .Fn OBJ_create_objects "BIO *in_bio" -.Vt extern int obj_cleanup_defer ; .Ft void .Fn OBJ_cleanup void -.Ft void -.Fn check_defer "int nid" .Sh DESCRIPTION .Fn OBJ_new_nid returns the smallest currently unassigned ASN.1 numeric @@ -154,16 +149,6 @@ or a similar function and then calling .Xr ASN1_OBJECT_free 3 on the returned pointer will have no effect. .Pp -The global variable -.Va obj_cleanup_defer -controls the behaviour of -.Fn OBJ_cleanup -and -.Xr EVP_cleanup 3 . -.Pp -If -.Va obj_cleanup_defer -has the default value of 0, .Fn OBJ_cleanup resets the internal object table to its default state, removing and freeing all objects that were added with @@ -171,47 +156,6 @@ removing and freeing all objects that were added with .Fn OBJ_create , or .Fn OBJ_create_objects . -Otherwise, -.Fn OBJ_cleanup -only sets -.Va obj_cleanup_defer -to 2, which defers the cleanup of the internal object table -to the next call of -.Xr EVP_cleanup 3 . -.Pp -By default, -.Xr EVP_cleanup 3 -has no effect on the internal object table. -Only if -.Va obj_cleanup_defer -is 2, it resets -.Va obj_cleanup_defer -to 0 and calls -.Fn OBJ_cleanup , -which then resets the table to its default state. -.Pp -The function -.Fn check_defer -sets -.Va obj_cleanup_defer -to 1 unless -.Fa nid -is a built-in numeric identifier, but it has no effect if -.Va obj_cleanup_defer -already differs from 0. -This function is called internally by various functions -in the EVP library, in particular by subroutines of -.Xr OpenSSL_add_all_ciphers 3 -and -.Xr OpenSSL_add_all_digests 3 . -.Pp -To reliably reset the internal object table no matter what the -current state may be, an application program needs to call both -.Fn OBJ_cleanup -and -.Xr EVP_cleanup 3 , -in this order. -The opposite order will usually not work. .Sh RETURN VALUES .Fn OBJ_new_nid returns the new NID. @@ -256,7 +200,6 @@ obj = OBJ_nid2obj(new_nid); .Ed .Sh SEE ALSO .Xr ASN1_OBJECT_new 3 , -.Xr EVP_cleanup 3 , .Xr OBJ_NAME_add 3 , .Xr OBJ_nid2obj 3 .Sh HISTORY @@ -269,12 +212,6 @@ first appeared in SSLeay 0.8.0 and in SSLeay 0.9.0. These functions have been available since .Ox 2.4 . -.Pp -.Va obj_cleanup_defer -and -.Fn check_defer -first appeared in OpenSSL 1.0.0 and have been available since -.Ox 4.9 . .Sh CAVEATS .Fn OBJ_add_object indicates success even after adding an incomplete object that was created with diff --git a/lib/libcrypto/objects/o_names.c b/lib/libcrypto/objects/o_names.c deleted file mode 100644 index 48b95d676..000000000 --- a/lib/libcrypto/objects/o_names.c +++ /dev/null @@ -1,363 +0,0 @@ -/* $OpenBSD: o_names.c,v 1.24 2023/07/08 12:27:51 beck Exp $ */ -#include -#include -#include - -#include - -#include -#include -#include -#include - -/* I use the ex_data stuff to manage the identifiers for the obj_name_types - * that applications may define. I only really use the free function field. - */ -DECLARE_LHASH_OF(OBJ_NAME); -static LHASH_OF(OBJ_NAME) *names_lh = NULL; -static int names_type_num = OBJ_NAME_TYPE_NUM; - -typedef struct name_funcs_st { - unsigned long (*hash_func)(const char *name); - int (*cmp_func)(const char *a, const char *b); - void (*free_func)(const char *, int, const char *); -} NAME_FUNCS; - -DECLARE_STACK_OF(NAME_FUNCS) - -static STACK_OF(NAME_FUNCS) *name_funcs_stack; - -/* The LHASH callbacks now use the raw "void *" prototypes and do per-variable - * casting in the functions. This prevents function pointer casting without the - * need for macro-generated wrapper functions. */ - -/* static unsigned long obj_name_hash(OBJ_NAME *a); */ -static unsigned long obj_name_hash(const void *a_void); -/* static int obj_name_cmp(OBJ_NAME *a,OBJ_NAME *b); */ -static int obj_name_cmp(const void *a_void, const void *b_void); - -static IMPLEMENT_LHASH_HASH_FN(obj_name, OBJ_NAME) -static IMPLEMENT_LHASH_COMP_FN(obj_name, OBJ_NAME) - -int -OBJ_NAME_init(void) -{ - if (names_lh != NULL) - return (1); - names_lh = lh_OBJ_NAME_new(); - return (names_lh != NULL); -} -LCRYPTO_ALIAS(OBJ_NAME_init); - -int -OBJ_NAME_new_index(unsigned long (*hash_func)(const char *), - int (*cmp_func)(const char *, const char *), - void (*free_func)(const char *, int, const char *)) -{ - int ret; - int i; - NAME_FUNCS *name_funcs; - - if (name_funcs_stack == NULL) - name_funcs_stack = sk_NAME_FUNCS_new_null(); - if (name_funcs_stack == NULL) - return (0); - - ret = names_type_num; - names_type_num++; - for (i = sk_NAME_FUNCS_num(name_funcs_stack); i < names_type_num; i++) { - name_funcs = malloc(sizeof(NAME_FUNCS)); - if (!name_funcs) { - OBJerror(ERR_R_MALLOC_FAILURE); - return (0); - } - name_funcs->hash_func = lh_strhash; - name_funcs->cmp_func = strcmp; - name_funcs->free_func = NULL; - if (sk_NAME_FUNCS_push(name_funcs_stack, name_funcs) == 0) { - free(name_funcs); - OBJerror(ERR_R_MALLOC_FAILURE); - return (0); - } - } - name_funcs = sk_NAME_FUNCS_value(name_funcs_stack, ret); - if (hash_func != NULL) - name_funcs->hash_func = hash_func; - if (cmp_func != NULL) - name_funcs->cmp_func = cmp_func; - if (free_func != NULL) - name_funcs->free_func = free_func; - return (ret); -} -LCRYPTO_ALIAS(OBJ_NAME_new_index); - -/* static int obj_name_cmp(OBJ_NAME *a, OBJ_NAME *b) */ -static int -obj_name_cmp(const void *a_void, const void *b_void) -{ - int ret; - const OBJ_NAME *a = (const OBJ_NAME *)a_void; - const OBJ_NAME *b = (const OBJ_NAME *)b_void; - - ret = a->type - b->type; - if (ret == 0) { - if ((name_funcs_stack != NULL) && - (sk_NAME_FUNCS_num(name_funcs_stack) > a->type)) { - ret = sk_NAME_FUNCS_value(name_funcs_stack, - a->type)->cmp_func(a->name, b->name); - } else - ret = strcmp(a->name, b->name); - } - return (ret); -} - -/* static unsigned long obj_name_hash(OBJ_NAME *a) */ -static unsigned long -obj_name_hash(const void *a_void) -{ - unsigned long ret; - const OBJ_NAME *a = (const OBJ_NAME *)a_void; - - if ((name_funcs_stack != NULL) && - (sk_NAME_FUNCS_num(name_funcs_stack) > a->type)) { - ret = sk_NAME_FUNCS_value(name_funcs_stack, - a->type)->hash_func(a->name); - } else { - ret = lh_strhash(a->name); - } - ret ^= a->type; - return (ret); -} - -const char * -OBJ_NAME_get(const char *name, int type) -{ - OBJ_NAME on, *ret; - int num = 0, alias; - - if (name == NULL) - return (NULL); - if ((names_lh == NULL) && !OBJ_NAME_init()) - return (NULL); - - alias = type&OBJ_NAME_ALIAS; - type&= ~OBJ_NAME_ALIAS; - - on.name = name; - on.type = type; - - for (;;) { - ret = lh_OBJ_NAME_retrieve(names_lh, &on); - if (ret == NULL) - return (NULL); - if ((ret->alias) && !alias) { - if (++num > 10) - return (NULL); - on.name = ret->data; - } else { - return (ret->data); - } - } -} -LCRYPTO_ALIAS(OBJ_NAME_get); - -int -OBJ_NAME_add(const char *name, int type, const char *data) -{ - OBJ_NAME *onp, *ret; - int alias; - - if ((names_lh == NULL) && !OBJ_NAME_init()) - return (0); - - alias = type & OBJ_NAME_ALIAS; - type &= ~OBJ_NAME_ALIAS; - - onp = malloc(sizeof(OBJ_NAME)); - if (onp == NULL) { - /* ERROR */ - return (0); - } - - onp->name = name; - onp->alias = alias; - onp->type = type; - onp->data = data; - - ret = lh_OBJ_NAME_insert(names_lh, onp); - if (ret != NULL) { - /* free things */ - if ((name_funcs_stack != NULL) && - (sk_NAME_FUNCS_num(name_funcs_stack) > ret->type)) { - /* XXX: I'm not sure I understand why the free - * function should get three arguments... - * -- Richard Levitte - */ - sk_NAME_FUNCS_value( - name_funcs_stack, ret->type)->free_func( - ret->name, ret->type, ret->data); - } - free(ret); - } else { - if (lh_OBJ_NAME_error(names_lh)) { - free(onp); - /* ERROR */ - return (0); - } - } - return (1); -} -LCRYPTO_ALIAS(OBJ_NAME_add); - -int -OBJ_NAME_remove(const char *name, int type) -{ - OBJ_NAME on, *ret; - - if (names_lh == NULL) - return (0); - - type &= ~OBJ_NAME_ALIAS; - on.name = name; - on.type = type; - ret = lh_OBJ_NAME_delete(names_lh, &on); - if (ret != NULL) { - /* free things */ - if ((name_funcs_stack != NULL) && - (sk_NAME_FUNCS_num(name_funcs_stack) > ret->type)) { - /* XXX: I'm not sure I understand why the free - * function should get three arguments... - * -- Richard Levitte - */ - sk_NAME_FUNCS_value( - name_funcs_stack, ret->type)->free_func( - ret->name, ret->type, ret->data); - } - free(ret); - return (1); - } else - return (0); -} -LCRYPTO_ALIAS(OBJ_NAME_remove); - -struct doall { - int type; - void (*fn)(const OBJ_NAME *, void *arg); - void *arg; -}; - -static void -do_all_fn_doall_arg(const OBJ_NAME *name, struct doall *d) -{ - if (name->type == d->type) - d->fn(name, d->arg); -} - -static IMPLEMENT_LHASH_DOALL_ARG_FN(do_all_fn, const OBJ_NAME, struct doall) - -void -OBJ_NAME_do_all(int type, void (*fn)(const OBJ_NAME *, void *arg), void *arg) -{ - struct doall d; - - d.type = type; - d.fn = fn; - d.arg = arg; - - lh_OBJ_NAME_doall_arg(names_lh, LHASH_DOALL_ARG_FN(do_all_fn), - struct doall, &d); -} -LCRYPTO_ALIAS(OBJ_NAME_do_all); - -struct doall_sorted { - int type; - int n; - const OBJ_NAME **names; -}; - -static void -do_all_sorted_fn(const OBJ_NAME *name, void *d_) -{ - struct doall_sorted *d = d_; - - if (name->type != d->type) - return; - - d->names[d->n++] = name; -} - -static int -do_all_sorted_cmp(const void *n1_, const void *n2_) -{ - const OBJ_NAME * const *n1 = n1_; - const OBJ_NAME * const *n2 = n2_; - - return strcmp((*n1)->name, (*n2)->name); -} - -void -OBJ_NAME_do_all_sorted(int type, void (*fn)(const OBJ_NAME *, void *arg), - void *arg) -{ - struct doall_sorted d; - int n; - - d.type = type; - d.names = reallocarray(NULL, lh_OBJ_NAME_num_items(names_lh), - sizeof *d.names); - d.n = 0; - if (d.names != NULL) { - OBJ_NAME_do_all(type, do_all_sorted_fn, &d); - - qsort((void *)d.names, d.n, sizeof *d.names, do_all_sorted_cmp); - - for (n = 0; n < d.n; ++n) - fn(d.names[n], arg); - - free(d.names); - } -} -LCRYPTO_ALIAS(OBJ_NAME_do_all_sorted); - -static int free_type; - -static void -names_lh_free_doall(OBJ_NAME *onp) -{ - if (onp == NULL) - return; - - if (free_type < 0 || free_type == onp->type) - OBJ_NAME_remove(onp->name, onp->type); -} - -static IMPLEMENT_LHASH_DOALL_FN(names_lh_free, OBJ_NAME) - -static void -name_funcs_free(NAME_FUNCS *ptr) -{ - free(ptr); -} - -void -OBJ_NAME_cleanup(int type) -{ - unsigned long down_load; - - if (names_lh == NULL) - return; - - free_type = type; - down_load = lh_OBJ_NAME_down_load(names_lh); - lh_OBJ_NAME_down_load(names_lh) = 0; - - lh_OBJ_NAME_doall(names_lh, LHASH_DOALL_FN(names_lh_free)); - if (type < 0) { - lh_OBJ_NAME_free(names_lh); - sk_NAME_FUNCS_pop_free(name_funcs_stack, name_funcs_free); - names_lh = NULL; - name_funcs_stack = NULL; - } else - lh_OBJ_NAME_down_load(names_lh) = down_load; -} -LCRYPTO_ALIAS(OBJ_NAME_cleanup); diff --git a/lib/libcrypto/objects/obj_dat.c b/lib/libcrypto/objects/obj_dat.c index e72598ef6..acc4556d5 100644 --- a/lib/libcrypto/objects/obj_dat.c +++ b/lib/libcrypto/objects/obj_dat.c @@ -1,4 +1,4 @@ -/* $OpenBSD: obj_dat.c,v 1.82 2023/12/15 01:51:23 tb Exp $ */ +/* $OpenBSD: obj_dat.c,v 1.84 2024/01/13 11:57:51 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -183,27 +183,9 @@ static IMPLEMENT_LHASH_DOALL_FN(cleanup1, ADDED_OBJ) static IMPLEMENT_LHASH_DOALL_FN(cleanup2, ADDED_OBJ) static IMPLEMENT_LHASH_DOALL_FN(cleanup3, ADDED_OBJ) -/* The purpose of obj_cleanup_defer is to avoid EVP_cleanup() attempting - * to use freed up OIDs. If necessary the actual freeing up of OIDs is - * delayed. - */ - -int obj_cleanup_defer = 0; - -void -check_defer(int nid) -{ - if (!obj_cleanup_defer && nid >= NUM_NID) - obj_cleanup_defer = 1; -} - void OBJ_cleanup(void) { - if (obj_cleanup_defer) { - obj_cleanup_defer = 2; - return; - } if (added == NULL) return; lh_ADDED_OBJ_down_load(added) = 0; diff --git a/lib/libcrypto/stack/stack.c b/lib/libcrypto/stack/stack.c index 65bd3217d..f5c568dc5 100644 --- a/lib/libcrypto/stack/stack.c +++ b/lib/libcrypto/stack/stack.c @@ -1,4 +1,4 @@ -/* $OpenBSD: stack.c,v 1.23 2023/04/24 15:35:22 beck Exp $ */ +/* $OpenBSD: stack.c,v 1.24 2024/01/13 16:32:53 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -56,6 +56,7 @@ * [including the GNU Public Licence.] */ +#include #include #include @@ -65,8 +66,6 @@ #undef MIN_NODES #define MIN_NODES 4 -#include - int (*sk_set_cmp_func(_STACK *sk, int (*c)(const void *, const void *)))( const void *, const void *) diff --git a/lib/libcrypto/x509/x509_trs.c b/lib/libcrypto/x509/x509_trs.c index efa648c9e..a6fc4d61c 100644 --- a/lib/libcrypto/x509/x509_trs.c +++ b/lib/libcrypto/x509/x509_trs.c @@ -1,4 +1,4 @@ -/* $OpenBSD: x509_trs.c,v 1.39 2024/01/10 21:34:53 tb Exp $ */ +/* $OpenBSD: x509_trs.c,v 1.40 2024/01/13 19:57:38 tb Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 1999. */ @@ -64,6 +64,7 @@ #include #include +#include "crypto_internal.h" #include "x509_local.h" static int @@ -129,7 +130,7 @@ trust_1oid(X509_TRUST *trust, X509 *x, int flags) * value to get an index into the table */ -static X509_TRUST trstandard[] = { +static const X509_TRUST trstandard[] = { { .trust = X509_TRUST_COMPAT, .check_trust = trust_compat, @@ -181,27 +182,17 @@ static X509_TRUST trstandard[] = { #define X509_TRUST_COUNT (sizeof(trstandard) / sizeof(trstandard[0])) -static int (*default_trust)(int id, X509 *x, int flags) = obj_trust; +CTASSERT(X509_TRUST_MIN == 1 && X509_TRUST_MAX == X509_TRUST_COUNT); int -(*X509_TRUST_set_default(int (*trust)(int , X509 *, int)))(int, X509 *, int) +X509_check_trust(X509 *x, int trust_id, int flags) { - int (*oldtrust)(int , X509 *, int); - - oldtrust = default_trust; - default_trust = trust; - return oldtrust; -} -LCRYPTO_ALIAS(X509_TRUST_set_default); - -int -X509_check_trust(X509 *x, int id, int flags) -{ - X509_TRUST *pt; + const X509_TRUST *trust; int idx; - if (id == -1) + if (trust_id == -1) return 1; + /* * XXX beck/jsing This enables self signed certs to be trusted for * an unspecified id/trust flag value (this is NOT the @@ -211,21 +202,36 @@ X509_check_trust(X509 *x, int id, int flags) * This should be revisited, but changing the default "not default" * may break things. */ - if (id == 0) { + if (trust_id == 0) { int rv; rv = obj_trust(NID_anyExtendedKeyUsage, x, 0); if (rv != X509_TRUST_UNTRUSTED) return rv; return trust_compat(NULL, x, 0); } - idx = X509_TRUST_get_by_id(id); - if (idx == -1) - return default_trust(id, x, flags); - pt = X509_TRUST_get0(idx); - return pt->check_trust(pt, x, flags); + + if (trust_id < X509_TRUST_MIN || trust_id > X509_TRUST_MAX) + return obj_trust(trust_id, x, flags); + + idx = trust_id - X509_TRUST_MIN; + trust = &trstandard[idx]; + + return trust->check_trust((X509_TRUST *)trust, x, flags); } LCRYPTO_ALIAS(X509_check_trust); +/* + * Remove all the functions below in the next bump. + */ + +int +(*X509_TRUST_set_default(int (*trust)(int , X509 *, int)))(int, X509 *, int) +{ + X509error(ERR_R_DISABLED); + return NULL; +} +LCRYPTO_ALIAS(X509_TRUST_set_default); + int X509_TRUST_get_count(void) { @@ -236,36 +242,24 @@ LCRYPTO_ALIAS(X509_TRUST_get_count); X509_TRUST * X509_TRUST_get0(int idx) { - if (idx < 0 || (size_t)idx >= X509_TRUST_COUNT) - return NULL; - - return &trstandard[idx]; + X509error(ERR_R_DISABLED); + return NULL; } LCRYPTO_ALIAS(X509_TRUST_get0); int X509_TRUST_get_by_id(int id) { - /* - * Ensure the trust identifier is between MIN and MAX inclusive. - * If so, translate it into an index into the trstandard[] table. - */ - if (id < X509_TRUST_MIN || id > X509_TRUST_MAX) - return -1; - - return id - X509_TRUST_MIN; + X509error(ERR_R_DISABLED); + return -1; } LCRYPTO_ALIAS(X509_TRUST_get_by_id); int X509_TRUST_set(int *t, int trust) { - if (X509_TRUST_get_by_id(trust) == -1) { - X509error(X509_R_INVALID_TRUST); - return 0; - } - *t = trust; - return 1; + X509error(ERR_R_DISABLED); + return 0; } LCRYPTO_ALIAS(X509_TRUST_set); diff --git a/lib/libssl/man/BIO_f_ssl.3 b/lib/libssl/man/BIO_f_ssl.3 index ed2681677..3b74a3d6a 100644 --- a/lib/libssl/man/BIO_f_ssl.3 +++ b/lib/libssl/man/BIO_f_ssl.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: BIO_f_ssl.3,v 1.14 2023/04/11 16:58:43 schwarze Exp $ +.\" $OpenBSD: BIO_f_ssl.3,v 1.16 2024/01/13 18:37:51 tb Exp $ .\" full merge up to: OpenSSL f672aee4 Feb 9 11:52:40 2016 -0500 .\" selective merge up to: OpenSSL 61f805c1 Jan 16 01:01:46 2018 +0800 .\" @@ -50,7 +50,7 @@ .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED .\" OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd $Mdocdate: April 11 2023 $ +.Dd $Mdocdate: January 13 2024 $ .Dt BIO_F_SSL 3 .Os .Sh NAME @@ -491,12 +491,6 @@ char tmpbuf[1024]; SSL_CTX *ctx; SSL *ssl; -ERR_load_crypto_strings(); -ERR_load_SSL_strings(); -OpenSSL_add_all_algorithms(); - -/* Might seed PRNG here */ - ctx = SSL_CTX_new(SSLv23_server_method()); if (!SSL_CTX_use_certificate_file(ctx,"server.pem",SSL_FILETYPE_PEM) @@ -613,20 +607,3 @@ and first appeared in SSLeay 0.9.0. All these functions have been available since .Ox 2.4 . -.Pp -In OpenSSL versions before 1.0.0 the -.Xr BIO_pop 3 -call was handled incorrectly: -the I/O BIO reference count was incorrectly incremented (instead of -decremented) and dissociated with the -.Vt SSL -.Vt BIO -even if the -.Vt SSL -.Vt BIO -was not -explicitly being popped (e.g., a pop higher up the chain). -Applications which included workarounds for this bug (e.g., freeing BIOs more -than once) should be modified to handle this fix or they may free up an already -freed -.Vt BIO . diff --git a/sys/dev/pci/drm/drm_linux.c b/sys/dev/pci/drm/drm_linux.c index ecec3e02f..4381a9d97 100644 --- a/sys/dev/pci/drm/drm_linux.c +++ b/sys/dev/pci/drm/drm_linux.c @@ -1,4 +1,4 @@ -/* $OpenBSD: drm_linux.c,v 1.106 2024/01/06 09:33:08 kettenis Exp $ */ +/* $OpenBSD: drm_linux.c,v 1.107 2024/01/13 10:00:27 kettenis Exp $ */ /* * Copyright (c) 2013 Jonathan Gray * Copyright (c) 2015, 2016 Mark Kettenis @@ -3360,38 +3360,70 @@ iommu_attach_device(struct iommu_domain *domain, struct device *dev) #include -struct component_match { +struct component { struct device *dev; + struct device *adev; + const struct component_ops *ops; + SLIST_ENTRY(component) next; }; +SLIST_HEAD(,component) component_list = SLIST_HEAD_INITIALIZER(component_list); + int -component_compare_of(struct device *dev, void *data) +component_add(struct device *dev, const struct component_ops *ops) { - STUB(); + struct component *component; + + component = malloc(sizeof(*component), M_DEVBUF, M_WAITOK | M_ZERO); + component->dev = dev; + component->ops = ops; + SLIST_INSERT_HEAD(&component_list, component, next); return 0; } -void -drm_of_component_match_add(struct device *master, - struct component_match **matchptr, - int (*compare)(struct device *, void *), - struct device_node *np) +int +component_bind_all(struct device *dev, void *data) { - struct component_match *match; + struct component *component; + int ret = 0; - if (*matchptr == NULL) { - match = malloc(sizeof(struct component_match), - M_DEVBUF, M_WAITOK | M_ZERO); - match->dev = master; - *matchptr = match; + SLIST_FOREACH(component, &component_list, next) { + if (component->adev == dev) { + ret = component->ops->bind(component->dev, NULL, data); + if (ret) + break; + } } + + return ret; } +struct component_match { + int (*compare)(struct device *, void *); + void *data; +}; + int component_master_add_with_match(struct device *dev, const struct component_master_ops *ops, struct component_match *match) { - ops->bind(match->dev); + struct component *component; + int found = 0; + int ret; + + SLIST_FOREACH(component, &component_list, next) { + if (match->compare(component->dev, match->data)) { + component->adev = dev; + found = 1; + } + } + + if (found) { + ret = ops->bind(dev); + if (ret) + return ret; + } + return 0; } @@ -3407,10 +3439,22 @@ LIST_HEAD(, platform_device) pdev_list = LIST_HEAD_INITIALIZER(pdev_list); void platform_device_register(struct platform_device *pdev) { + int i; + pdev->num_resources = pdev->faa->fa_nreg; + if (pdev->faa->fa_nreg > 0) { + pdev->resource = mallocarray(pdev->faa->fa_nreg, + sizeof(*pdev->resource), M_DEVBUF, M_WAITOK | M_ZERO); + for (i = 0; i < pdev->faa->fa_nreg; i++) { + pdev->resource[i].start = pdev->faa->fa_reg[i].addr; + pdev->resource[i].end = pdev->faa->fa_reg[i].addr + + pdev->faa->fa_reg[i].size - 1; + } + } pdev->parent = pdev->dev.dv_parent; pdev->node = pdev->faa->fa_node; + pdev->iot = pdev->faa->fa_iot; pdev->dmat = pdev->faa->fa_dmat; LIST_INSERT_HEAD(&pdev_list, pdev, next); } @@ -3419,17 +3463,7 @@ platform_device_register(struct platform_device *pdev) struct resource * platform_get_resource(struct platform_device *pdev, u_int type, u_int num) { - struct fdt_attach_args *faa = pdev->faa; - - if (pdev->resource == NULL) { - pdev->resource = mallocarray(pdev->num_resources, - sizeof(*pdev->resource), M_DEVBUF, M_WAITOK | M_ZERO); - } - - pdev->resource[num].start = faa->fa_reg[num].addr; - pdev->resource[num].end = faa->fa_reg[num].addr + - faa->fa_reg[num].size - 1; - + KASSERT(num < pdev->num_resources); return &pdev->resource[num]; } @@ -3437,20 +3471,20 @@ void __iomem * devm_platform_ioremap_resource_byname(struct platform_device *pdev, const char *name) { - struct fdt_attach_args *faa = pdev->faa; bus_space_handle_t ioh; int err, idx; - idx = OF_getindex(faa->fa_node, name, "reg-names"); - if (idx == -1 || idx >= faa->fa_nreg) + idx = OF_getindex(pdev->node, name, "reg-names"); + if (idx == -1 || idx >= pdev->num_resources) return ERR_PTR(-EINVAL); - err = bus_space_map(faa->fa_iot, faa->fa_reg[idx].addr, - faa->fa_reg[idx].size, BUS_SPACE_MAP_LINEAR, &ioh); + err = bus_space_map(pdev->iot, pdev->resource[idx].start, + pdev->resource[idx].end - pdev->resource[idx].start + 1, + BUS_SPACE_MAP_LINEAR, &ioh); if (err) return ERR_PTR(-err); - return bus_space_vaddr(faa->fa_iot, ioh); + return bus_space_vaddr(pdev->iot, ioh); } #include @@ -3812,4 +3846,29 @@ __of_get_child_by_name(void *p, const char *name) return (struct device_node *)(uintptr_t)child; } +int +component_compare_of(struct device *dev, void *data) +{ + struct platform_device *pdev = (struct platform_device *)dev; + + return (pdev->node == (intptr_t)data); +} + +void +drm_of_component_match_add(struct device *master, + struct component_match **matchptr, + int (*compare)(struct device *, void *), + struct device_node *np) +{ + struct component_match *match; + + if (*matchptr == NULL) { + match = malloc(sizeof(struct component_match), + M_DEVBUF, M_WAITOK | M_ZERO); + match->compare = compare; + match->data = np; + *matchptr = match; + } +} + #endif diff --git a/sys/dev/pci/drm/include/linux/component.h b/sys/dev/pci/drm/include/linux/component.h index 44f6d40ac..6bbedcbe8 100644 --- a/sys/dev/pci/drm/include/linux/component.h +++ b/sys/dev/pci/drm/include/linux/component.h @@ -18,15 +18,10 @@ struct component_master_ops { void (*unbind)(struct device *); }; +int component_add(struct device *, const struct component_ops *); #define component_del(a, b) -#define component_add(a, b) 0 - -static inline int -component_bind_all(struct device *dev, void *data) -{ - return 0; -} +int component_bind_all(struct device *, void *); #define component_unbind_all(a, b) int component_compare_of(struct device *, void *); diff --git a/sys/dev/pci/drm/include/linux/platform_device.h b/sys/dev/pci/drm/include/linux/platform_device.h index 16e2a80fe..4f26035a2 100644 --- a/sys/dev/pci/drm/include/linux/platform_device.h +++ b/sys/dev/pci/drm/include/linux/platform_device.h @@ -12,6 +12,7 @@ struct platform_device { int num_resources; struct resource *resource; struct device *parent; + bus_space_tag_t iot; bus_dma_tag_t dmat; int node;