sync code with last fixes and improvements from OpenBSD
This commit is contained in:
parent
58df21ce75
commit
f960599e67
399 changed files with 7016 additions and 6902 deletions
|
@ -1,241 +1,325 @@
|
|||
/* $OpenBSD: obj_xref.c,v 1.9 2023/07/08 12:27:51 beck Exp $ */
|
||||
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
|
||||
* project 2006.
|
||||
*/
|
||||
/* ====================================================================
|
||||
* Copyright (c) 2006 The OpenSSL Project. All rights reserved.
|
||||
/* $OpenBSD: obj_xref.c,v 1.12 2023/07/22 19:08:03 tb Exp $ */
|
||||
|
||||
/*
|
||||
* Copyright (c) 2023 Theo Buehler <tb@openbsd.org>
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
*
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in
|
||||
* the documentation and/or other materials provided with the
|
||||
* distribution.
|
||||
*
|
||||
* 3. All advertising materials mentioning features or use of this
|
||||
* software must display the following acknowledgment:
|
||||
* "This product includes software developed by the OpenSSL Project
|
||||
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
|
||||
*
|
||||
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
||||
* endorse or promote products derived from this software without
|
||||
* prior written permission. For written permission, please contact
|
||||
* licensing@OpenSSL.org.
|
||||
*
|
||||
* 5. Products derived from this software may not be called "OpenSSL"
|
||||
* nor may "OpenSSL" appear in their names without prior written
|
||||
* permission of the OpenSSL Project.
|
||||
*
|
||||
* 6. Redistributions of any form whatsoever must retain the following
|
||||
* acknowledgment:
|
||||
* "This product includes software developed by the OpenSSL Project
|
||||
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
||||
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
||||
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
||||
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
||||
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
||||
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
||||
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
||||
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
||||
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
* ====================================================================
|
||||
*
|
||||
* This product includes cryptographic software written by Eric Young
|
||||
* (eay@cryptsoft.com). This product includes software written by Tim
|
||||
* Hudson (tjh@cryptsoft.com).
|
||||
* Permission to use, copy, modify, and distribute this software for any
|
||||
* purpose with or without fee is hereby granted, provided that the above
|
||||
* copyright notice and this permission notice appear in all copies.
|
||||
*
|
||||
* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
|
||||
* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
|
||||
* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
|
||||
* ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
|
||||
* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
|
||||
* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
|
||||
* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
|
||||
*/
|
||||
|
||||
#include <openssl/objects.h>
|
||||
#include "obj_xref.h"
|
||||
|
||||
DECLARE_STACK_OF(nid_triple)
|
||||
STACK_OF(nid_triple) *sig_app, *sigx_app;
|
||||
/*
|
||||
* Map between signature nids and pairs of (hash, pkey) nids. If the hash nid
|
||||
* is NID_undef, this indicates to ASN1_item_{sign,verify}() that the pkey's
|
||||
* ASN.1 method needs to handle algorithm identifiers and part of the message
|
||||
* digest.
|
||||
*/
|
||||
|
||||
static int
|
||||
sig_cmp(const nid_triple *a, const nid_triple *b)
|
||||
{
|
||||
return a->sign_id - b->sign_id;
|
||||
}
|
||||
static const struct {
|
||||
int sign_nid;
|
||||
int hash_nid;
|
||||
int pkey_nid;
|
||||
} nid_triple[] = {
|
||||
{
|
||||
.sign_nid = NID_md2WithRSAEncryption,
|
||||
.hash_nid = NID_md2,
|
||||
.pkey_nid = NID_rsaEncryption,
|
||||
},
|
||||
{
|
||||
.sign_nid = NID_md5WithRSAEncryption,
|
||||
.hash_nid = NID_md5,
|
||||
.pkey_nid = NID_rsaEncryption,
|
||||
},
|
||||
{
|
||||
.sign_nid = NID_shaWithRSAEncryption,
|
||||
.hash_nid = NID_sha,
|
||||
.pkey_nid = NID_rsaEncryption,
|
||||
},
|
||||
{
|
||||
.sign_nid = NID_sha1WithRSAEncryption,
|
||||
.hash_nid = NID_sha1,
|
||||
.pkey_nid = NID_rsaEncryption,
|
||||
},
|
||||
{
|
||||
.sign_nid = NID_dsaWithSHA,
|
||||
.hash_nid = NID_sha,
|
||||
.pkey_nid = NID_dsa,
|
||||
},
|
||||
{
|
||||
.sign_nid = NID_dsaWithSHA1_2,
|
||||
.hash_nid = NID_sha1,
|
||||
.pkey_nid = NID_dsa_2,
|
||||
},
|
||||
{
|
||||
.sign_nid = NID_mdc2WithRSA,
|
||||
.hash_nid = NID_mdc2,
|
||||
.pkey_nid = NID_rsaEncryption,
|
||||
},
|
||||
{
|
||||
.sign_nid = NID_md5WithRSA,
|
||||
.hash_nid = NID_md5,
|
||||
.pkey_nid = NID_rsa,
|
||||
},
|
||||
{
|
||||
.sign_nid = NID_dsaWithSHA1,
|
||||
.hash_nid = NID_sha1,
|
||||
.pkey_nid = NID_dsa,
|
||||
},
|
||||
{
|
||||
.sign_nid = NID_sha1WithRSA,
|
||||
.hash_nid = NID_sha1,
|
||||
.pkey_nid = NID_rsa,
|
||||
},
|
||||
{
|
||||
.sign_nid = NID_ripemd160WithRSA,
|
||||
.hash_nid = NID_ripemd160,
|
||||
.pkey_nid = NID_rsaEncryption,
|
||||
},
|
||||
{
|
||||
.sign_nid = NID_md4WithRSAEncryption,
|
||||
.hash_nid = NID_md4,
|
||||
.pkey_nid = NID_rsaEncryption,
|
||||
},
|
||||
{
|
||||
.sign_nid = NID_ecdsa_with_SHA1,
|
||||
.hash_nid = NID_sha1,
|
||||
.pkey_nid = NID_X9_62_id_ecPublicKey,
|
||||
},
|
||||
{
|
||||
.sign_nid = NID_sha256WithRSAEncryption,
|
||||
.hash_nid = NID_sha256,
|
||||
.pkey_nid = NID_rsaEncryption,
|
||||
},
|
||||
{
|
||||
.sign_nid = NID_sha384WithRSAEncryption,
|
||||
.hash_nid = NID_sha384,
|
||||
.pkey_nid = NID_rsaEncryption,
|
||||
},
|
||||
{
|
||||
.sign_nid = NID_sha512WithRSAEncryption,
|
||||
.hash_nid = NID_sha512,
|
||||
.pkey_nid = NID_rsaEncryption,
|
||||
},
|
||||
{
|
||||
.sign_nid = NID_sha224WithRSAEncryption,
|
||||
.hash_nid = NID_sha224,
|
||||
.pkey_nid = NID_rsaEncryption,
|
||||
},
|
||||
{
|
||||
.sign_nid = NID_ecdsa_with_Recommended,
|
||||
.hash_nid = NID_undef,
|
||||
.pkey_nid = NID_X9_62_id_ecPublicKey,
|
||||
},
|
||||
{
|
||||
.sign_nid = NID_ecdsa_with_Specified,
|
||||
.hash_nid = NID_undef,
|
||||
.pkey_nid = NID_X9_62_id_ecPublicKey,
|
||||
},
|
||||
{
|
||||
.sign_nid = NID_ecdsa_with_SHA224,
|
||||
.hash_nid = NID_sha224,
|
||||
.pkey_nid = NID_X9_62_id_ecPublicKey,
|
||||
},
|
||||
{
|
||||
.sign_nid = NID_ecdsa_with_SHA256,
|
||||
.hash_nid = NID_sha256,
|
||||
.pkey_nid = NID_X9_62_id_ecPublicKey,
|
||||
},
|
||||
{
|
||||
.sign_nid = NID_ecdsa_with_SHA384,
|
||||
.hash_nid = NID_sha384,
|
||||
.pkey_nid = NID_X9_62_id_ecPublicKey,
|
||||
},
|
||||
{
|
||||
.sign_nid = NID_ecdsa_with_SHA512,
|
||||
.hash_nid = NID_sha512,
|
||||
.pkey_nid = NID_X9_62_id_ecPublicKey,
|
||||
},
|
||||
{
|
||||
.sign_nid = NID_dsa_with_SHA224,
|
||||
.hash_nid = NID_sha224,
|
||||
.pkey_nid = NID_dsa,
|
||||
},
|
||||
{
|
||||
.sign_nid = NID_dsa_with_SHA256,
|
||||
.hash_nid = NID_sha256,
|
||||
.pkey_nid = NID_dsa,
|
||||
},
|
||||
{
|
||||
.sign_nid = NID_id_GostR3411_94_with_GostR3410_2001,
|
||||
.hash_nid = NID_id_GostR3411_94,
|
||||
.pkey_nid = NID_id_GostR3410_2001,
|
||||
},
|
||||
{
|
||||
.sign_nid = NID_id_GostR3411_94_with_GostR3410_94,
|
||||
.hash_nid = NID_id_GostR3411_94,
|
||||
.pkey_nid = NID_id_GostR3410_94,
|
||||
},
|
||||
{
|
||||
.sign_nid = NID_id_GostR3411_94_with_GostR3410_94_cc,
|
||||
.hash_nid = NID_id_GostR3411_94,
|
||||
.pkey_nid = NID_id_GostR3410_94_cc,
|
||||
},
|
||||
{
|
||||
.sign_nid = NID_id_GostR3411_94_with_GostR3410_2001_cc,
|
||||
.hash_nid = NID_id_GostR3411_94,
|
||||
.pkey_nid = NID_id_GostR3410_2001_cc,
|
||||
},
|
||||
{
|
||||
.sign_nid = NID_rsassaPss,
|
||||
.hash_nid = NID_undef,
|
||||
.pkey_nid = NID_rsaEncryption,
|
||||
},
|
||||
{
|
||||
.sign_nid = NID_id_tc26_signwithdigest_gost3410_2012_256,
|
||||
.hash_nid = NID_id_tc26_gost3411_2012_256,
|
||||
.pkey_nid = NID_id_GostR3410_2001,
|
||||
},
|
||||
{
|
||||
.sign_nid = NID_id_tc26_signwithdigest_gost3410_2012_512,
|
||||
.hash_nid = NID_id_tc26_gost3411_2012_512,
|
||||
.pkey_nid = NID_id_GostR3410_2001,
|
||||
},
|
||||
{
|
||||
.sign_nid = NID_Ed25519,
|
||||
.hash_nid = NID_undef,
|
||||
.pkey_nid = NID_Ed25519,
|
||||
},
|
||||
{
|
||||
.sign_nid = NID_dhSinglePass_stdDH_sha1kdf_scheme,
|
||||
.hash_nid = NID_sha1,
|
||||
.pkey_nid = NID_dh_std_kdf,
|
||||
},
|
||||
{
|
||||
.sign_nid = NID_dhSinglePass_stdDH_sha224kdf_scheme,
|
||||
.hash_nid = NID_sha224,
|
||||
.pkey_nid = NID_dh_std_kdf,
|
||||
},
|
||||
{
|
||||
.sign_nid = NID_dhSinglePass_stdDH_sha256kdf_scheme,
|
||||
.hash_nid = NID_sha256,
|
||||
.pkey_nid = NID_dh_std_kdf,
|
||||
},
|
||||
{
|
||||
.sign_nid = NID_dhSinglePass_stdDH_sha384kdf_scheme,
|
||||
.hash_nid = NID_sha384,
|
||||
.pkey_nid = NID_dh_std_kdf,
|
||||
},
|
||||
{
|
||||
.sign_nid = NID_dhSinglePass_stdDH_sha512kdf_scheme,
|
||||
.hash_nid = NID_sha512,
|
||||
.pkey_nid = NID_dh_std_kdf,
|
||||
},
|
||||
{
|
||||
.sign_nid = NID_dhSinglePass_cofactorDH_sha1kdf_scheme,
|
||||
.hash_nid = NID_sha1,
|
||||
.pkey_nid = NID_dh_cofactor_kdf,
|
||||
},
|
||||
{
|
||||
.sign_nid = NID_dhSinglePass_cofactorDH_sha224kdf_scheme,
|
||||
.hash_nid = NID_sha224,
|
||||
.pkey_nid = NID_dh_cofactor_kdf,
|
||||
},
|
||||
{
|
||||
.sign_nid = NID_dhSinglePass_cofactorDH_sha256kdf_scheme,
|
||||
.hash_nid = NID_sha256,
|
||||
.pkey_nid = NID_dh_cofactor_kdf,
|
||||
},
|
||||
{
|
||||
.sign_nid = NID_dhSinglePass_cofactorDH_sha384kdf_scheme,
|
||||
.hash_nid = NID_sha384,
|
||||
.pkey_nid = NID_dh_cofactor_kdf,
|
||||
},
|
||||
{
|
||||
.sign_nid = NID_dhSinglePass_cofactorDH_sha512kdf_scheme,
|
||||
.hash_nid = NID_sha512,
|
||||
.pkey_nid = NID_dh_cofactor_kdf,
|
||||
},
|
||||
{
|
||||
.sign_nid = NID_RSA_SHA3_224,
|
||||
.hash_nid = NID_sha3_224,
|
||||
.pkey_nid = NID_rsaEncryption,
|
||||
},
|
||||
{
|
||||
.sign_nid = NID_RSA_SHA3_256,
|
||||
.hash_nid = NID_sha3_256,
|
||||
.pkey_nid = NID_rsaEncryption,
|
||||
},
|
||||
{
|
||||
.sign_nid = NID_RSA_SHA3_384,
|
||||
.hash_nid = NID_sha3_384,
|
||||
.pkey_nid = NID_rsaEncryption,
|
||||
},
|
||||
{
|
||||
.sign_nid = NID_RSA_SHA3_512,
|
||||
.hash_nid = NID_sha3_512,
|
||||
.pkey_nid = NID_rsaEncryption,
|
||||
},
|
||||
};
|
||||
|
||||
static int sig_cmp_BSEARCH_CMP_FN(const void *, const void *);
|
||||
static int sig_cmp(nid_triple const *, nid_triple const *);
|
||||
static nid_triple *OBJ_bsearch_sig(nid_triple *key, nid_triple const *base, int num);
|
||||
|
||||
static int
|
||||
sig_cmp_BSEARCH_CMP_FN(const void *a_, const void *b_)
|
||||
{
|
||||
nid_triple const *a = a_;
|
||||
nid_triple const *b = b_;
|
||||
return sig_cmp(a, b);
|
||||
}
|
||||
|
||||
static nid_triple *
|
||||
OBJ_bsearch_sig(nid_triple *key, nid_triple const *base, int num)
|
||||
{
|
||||
return (nid_triple *)OBJ_bsearch_(key, base, num, sizeof(nid_triple),
|
||||
sig_cmp_BSEARCH_CMP_FN);
|
||||
}
|
||||
|
||||
static int
|
||||
sig_sk_cmp(const nid_triple * const *a, const nid_triple * const *b)
|
||||
{
|
||||
return (*a)->sign_id - (*b)->sign_id;
|
||||
}
|
||||
|
||||
static int sigx_cmp_BSEARCH_CMP_FN(const void *, const void *);
|
||||
static int sigx_cmp(const nid_triple * const *, const nid_triple * const *);
|
||||
static const nid_triple * *OBJ_bsearch_sigx(const nid_triple * *key, const nid_triple * const *base, int num);
|
||||
|
||||
static int
|
||||
sigx_cmp(const nid_triple * const *a, const nid_triple * const *b)
|
||||
{
|
||||
int ret;
|
||||
|
||||
ret = (*a)->hash_id - (*b)->hash_id;
|
||||
if (ret)
|
||||
return ret;
|
||||
return (*a)->pkey_id - (*b)->pkey_id;
|
||||
}
|
||||
|
||||
|
||||
static int
|
||||
sigx_cmp_BSEARCH_CMP_FN(const void *a_, const void *b_)
|
||||
{
|
||||
const nid_triple * const *a = a_;
|
||||
const nid_triple * const *b = b_;
|
||||
return sigx_cmp(a, b);
|
||||
}
|
||||
|
||||
static const nid_triple * *
|
||||
OBJ_bsearch_sigx(const nid_triple * *key, const nid_triple * const *base, int num)
|
||||
{
|
||||
return (const nid_triple * *)OBJ_bsearch_(key, base, num, sizeof(const nid_triple *),
|
||||
sigx_cmp_BSEARCH_CMP_FN);
|
||||
}
|
||||
#define N_NID_TRIPLES (sizeof(nid_triple) / sizeof(nid_triple[0]))
|
||||
|
||||
int
|
||||
OBJ_find_sigid_algs(int signid, int *pdig_nid, int *ppkey_nid)
|
||||
OBJ_find_sigid_algs(int sign_nid, int *hash_nid, int *pkey_nid)
|
||||
{
|
||||
nid_triple tmp;
|
||||
const nid_triple *rv = NULL;
|
||||
tmp.sign_id = signid;
|
||||
size_t i;
|
||||
|
||||
if (sig_app) {
|
||||
int idx = sk_nid_triple_find(sig_app, &tmp);
|
||||
if (idx >= 0)
|
||||
rv = sk_nid_triple_value(sig_app, idx);
|
||||
for (i = 0; i < N_NID_TRIPLES; i++) {
|
||||
if (sign_nid != nid_triple[i].sign_nid)
|
||||
continue;
|
||||
|
||||
if (hash_nid != NULL)
|
||||
*hash_nid = nid_triple[i].hash_nid;
|
||||
if (pkey_nid != NULL)
|
||||
*pkey_nid = nid_triple[i].pkey_nid;
|
||||
|
||||
return 1;
|
||||
}
|
||||
|
||||
#ifndef OBJ_XREF_TEST2
|
||||
if (rv == NULL) {
|
||||
rv = OBJ_bsearch_sig(&tmp, sigoid_srt,
|
||||
sizeof(sigoid_srt) / sizeof(nid_triple));
|
||||
}
|
||||
#endif
|
||||
if (rv == NULL)
|
||||
return 0;
|
||||
if (pdig_nid)
|
||||
*pdig_nid = rv->hash_id;
|
||||
if (ppkey_nid)
|
||||
*ppkey_nid = rv->pkey_id;
|
||||
return 1;
|
||||
return 0;
|
||||
}
|
||||
LCRYPTO_ALIAS(OBJ_find_sigid_algs);
|
||||
|
||||
int
|
||||
OBJ_find_sigid_by_algs(int *psignid, int dig_nid, int pkey_nid)
|
||||
OBJ_find_sigid_by_algs(int *sign_nid, int hash_nid, int pkey_nid)
|
||||
{
|
||||
nid_triple tmp;
|
||||
const nid_triple *t = &tmp;
|
||||
const nid_triple **rv = NULL;
|
||||
size_t i;
|
||||
|
||||
tmp.hash_id = dig_nid;
|
||||
tmp.pkey_id = pkey_nid;
|
||||
for (i = 0; i < N_NID_TRIPLES; i++) {
|
||||
if (hash_nid != nid_triple[i].hash_nid)
|
||||
continue;
|
||||
if (pkey_nid != nid_triple[i].pkey_nid)
|
||||
continue;
|
||||
|
||||
if (sigx_app) {
|
||||
int idx = sk_nid_triple_find(sigx_app, &tmp);
|
||||
if (idx >= 0) {
|
||||
t = sk_nid_triple_value(sigx_app, idx);
|
||||
rv = &t;
|
||||
}
|
||||
if (sign_nid != NULL)
|
||||
*sign_nid = nid_triple[i].sign_nid;
|
||||
|
||||
return 1;
|
||||
}
|
||||
|
||||
#ifndef OBJ_XREF_TEST2
|
||||
if (rv == NULL) {
|
||||
rv = OBJ_bsearch_sigx(&t, sigoid_srt_xref,
|
||||
sizeof(sigoid_srt_xref) / sizeof(nid_triple *));
|
||||
}
|
||||
#endif
|
||||
if (rv == NULL)
|
||||
return 0;
|
||||
if (psignid)
|
||||
*psignid = (*rv)->sign_id;
|
||||
return 1;
|
||||
return 0;
|
||||
}
|
||||
LCRYPTO_ALIAS(OBJ_find_sigid_by_algs);
|
||||
|
||||
int
|
||||
OBJ_add_sigid(int signid, int dig_id, int pkey_id)
|
||||
OBJ_add_sigid(int sign_nid, int hash_nid, int pkey_nid)
|
||||
{
|
||||
nid_triple *ntr;
|
||||
|
||||
if (!sig_app)
|
||||
sig_app = sk_nid_triple_new(sig_sk_cmp);
|
||||
if (!sig_app)
|
||||
return 0;
|
||||
if (!sigx_app)
|
||||
sigx_app = sk_nid_triple_new(sigx_cmp);
|
||||
if (!sigx_app)
|
||||
return 0;
|
||||
ntr = reallocarray(NULL, 3, sizeof(int));
|
||||
if (!ntr)
|
||||
return 0;
|
||||
ntr->sign_id = signid;
|
||||
ntr->hash_id = dig_id;
|
||||
ntr->pkey_id = pkey_id;
|
||||
|
||||
if (!sk_nid_triple_push(sig_app, ntr)) {
|
||||
free(ntr);
|
||||
return 0;
|
||||
}
|
||||
|
||||
if (!sk_nid_triple_push(sigx_app, ntr))
|
||||
return 0;
|
||||
|
||||
sk_nid_triple_sort(sig_app);
|
||||
sk_nid_triple_sort(sigx_app);
|
||||
|
||||
return 1;
|
||||
return 0;
|
||||
}
|
||||
LCRYPTO_ALIAS(OBJ_add_sigid);
|
||||
|
||||
static void
|
||||
sid_free(nid_triple *tt)
|
||||
{
|
||||
free(tt);
|
||||
}
|
||||
|
||||
void
|
||||
OBJ_sigid_free(void)
|
||||
{
|
||||
if (sig_app) {
|
||||
sk_nid_triple_pop_free(sig_app, sid_free);
|
||||
sig_app = NULL;
|
||||
}
|
||||
if (sigx_app) {
|
||||
sk_nid_triple_free(sigx_app);
|
||||
sigx_app = NULL;
|
||||
}
|
||||
}
|
||||
LCRYPTO_ALIAS(OBJ_sigid_free);
|
||||
|
|
|
@ -1,115 +0,0 @@
|
|||
/* $OpenBSD: obj_xref.h,v 1.7 2023/06/15 17:58:27 tb Exp $ */
|
||||
/* AUTOGENERATED BY objxref.pl, DO NOT EDIT */
|
||||
|
||||
__BEGIN_HIDDEN_DECLS
|
||||
|
||||
typedef struct
|
||||
{
|
||||
int sign_id;
|
||||
int hash_id;
|
||||
int pkey_id;
|
||||
} nid_triple;
|
||||
|
||||
static const nid_triple sigoid_srt[] =
|
||||
{
|
||||
{NID_md2WithRSAEncryption, NID_md2, NID_rsaEncryption},
|
||||
{NID_md5WithRSAEncryption, NID_md5, NID_rsaEncryption},
|
||||
{NID_shaWithRSAEncryption, NID_sha, NID_rsaEncryption},
|
||||
{NID_sha1WithRSAEncryption, NID_sha1, NID_rsaEncryption},
|
||||
{NID_dsaWithSHA, NID_sha, NID_dsa},
|
||||
{NID_dsaWithSHA1_2, NID_sha1, NID_dsa_2},
|
||||
{NID_mdc2WithRSA, NID_mdc2, NID_rsaEncryption},
|
||||
{NID_md5WithRSA, NID_md5, NID_rsa},
|
||||
{NID_dsaWithSHA1, NID_sha1, NID_dsa},
|
||||
{NID_sha1WithRSA, NID_sha1, NID_rsa},
|
||||
{NID_ripemd160WithRSA, NID_ripemd160, NID_rsaEncryption},
|
||||
{NID_md4WithRSAEncryption, NID_md4, NID_rsaEncryption},
|
||||
{NID_ecdsa_with_SHA1, NID_sha1, NID_X9_62_id_ecPublicKey},
|
||||
{NID_sha256WithRSAEncryption, NID_sha256, NID_rsaEncryption},
|
||||
{NID_sha384WithRSAEncryption, NID_sha384, NID_rsaEncryption},
|
||||
{NID_sha512WithRSAEncryption, NID_sha512, NID_rsaEncryption},
|
||||
{NID_sha224WithRSAEncryption, NID_sha224, NID_rsaEncryption},
|
||||
{NID_ecdsa_with_Recommended, NID_undef, NID_X9_62_id_ecPublicKey},
|
||||
{NID_ecdsa_with_Specified, NID_undef, NID_X9_62_id_ecPublicKey},
|
||||
{NID_ecdsa_with_SHA224, NID_sha224, NID_X9_62_id_ecPublicKey},
|
||||
{NID_ecdsa_with_SHA256, NID_sha256, NID_X9_62_id_ecPublicKey},
|
||||
{NID_ecdsa_with_SHA384, NID_sha384, NID_X9_62_id_ecPublicKey},
|
||||
{NID_ecdsa_with_SHA512, NID_sha512, NID_X9_62_id_ecPublicKey},
|
||||
{NID_dsa_with_SHA224, NID_sha224, NID_dsa},
|
||||
{NID_dsa_with_SHA256, NID_sha256, NID_dsa},
|
||||
{NID_id_GostR3411_94_with_GostR3410_2001, NID_id_GostR3411_94, NID_id_GostR3410_2001},
|
||||
{NID_id_GostR3411_94_with_GostR3410_94, NID_id_GostR3411_94, NID_id_GostR3410_94},
|
||||
{NID_id_GostR3411_94_with_GostR3410_94_cc, NID_id_GostR3411_94, NID_id_GostR3410_94_cc},
|
||||
{NID_id_GostR3411_94_with_GostR3410_2001_cc, NID_id_GostR3411_94, NID_id_GostR3410_2001_cc},
|
||||
{NID_rsassaPss, NID_undef, NID_rsaEncryption},
|
||||
{NID_id_tc26_signwithdigest_gost3410_2012_256, NID_id_tc26_gost3411_2012_256, NID_id_GostR3410_2001},
|
||||
{NID_id_tc26_signwithdigest_gost3410_2012_512, NID_id_tc26_gost3411_2012_512, NID_id_GostR3410_2001},
|
||||
{NID_Ed25519, NID_undef, NID_Ed25519},
|
||||
{NID_dhSinglePass_stdDH_sha1kdf_scheme, NID_sha1, NID_dh_std_kdf},
|
||||
{NID_dhSinglePass_stdDH_sha224kdf_scheme, NID_sha224, NID_dh_std_kdf},
|
||||
{NID_dhSinglePass_stdDH_sha256kdf_scheme, NID_sha256, NID_dh_std_kdf},
|
||||
{NID_dhSinglePass_stdDH_sha384kdf_scheme, NID_sha384, NID_dh_std_kdf},
|
||||
{NID_dhSinglePass_stdDH_sha512kdf_scheme, NID_sha512, NID_dh_std_kdf},
|
||||
{NID_dhSinglePass_cofactorDH_sha1kdf_scheme, NID_sha1, NID_dh_cofactor_kdf},
|
||||
{NID_dhSinglePass_cofactorDH_sha224kdf_scheme, NID_sha224, NID_dh_cofactor_kdf},
|
||||
{NID_dhSinglePass_cofactorDH_sha256kdf_scheme, NID_sha256, NID_dh_cofactor_kdf},
|
||||
{NID_dhSinglePass_cofactorDH_sha384kdf_scheme, NID_sha384, NID_dh_cofactor_kdf},
|
||||
{NID_dhSinglePass_cofactorDH_sha512kdf_scheme, NID_sha512, NID_dh_cofactor_kdf},
|
||||
{NID_RSA_SHA3_224, NID_sha3_224, NID_rsaEncryption},
|
||||
{NID_RSA_SHA3_256, NID_sha3_256, NID_rsaEncryption},
|
||||
{NID_RSA_SHA3_384, NID_sha3_384, NID_rsaEncryption},
|
||||
{NID_RSA_SHA3_512, NID_sha3_512, NID_rsaEncryption},
|
||||
};
|
||||
|
||||
static const nid_triple * const sigoid_srt_xref[] =
|
||||
{
|
||||
&sigoid_srt[29],
|
||||
&sigoid_srt[18],
|
||||
&sigoid_srt[17],
|
||||
&sigoid_srt[32],
|
||||
&sigoid_srt[0],
|
||||
&sigoid_srt[1],
|
||||
&sigoid_srt[7],
|
||||
&sigoid_srt[2],
|
||||
&sigoid_srt[4],
|
||||
&sigoid_srt[3],
|
||||
&sigoid_srt[9],
|
||||
&sigoid_srt[5],
|
||||
&sigoid_srt[8],
|
||||
&sigoid_srt[12],
|
||||
&sigoid_srt[33],
|
||||
&sigoid_srt[38],
|
||||
&sigoid_srt[6],
|
||||
&sigoid_srt[10],
|
||||
&sigoid_srt[11],
|
||||
&sigoid_srt[13],
|
||||
&sigoid_srt[24],
|
||||
&sigoid_srt[20],
|
||||
&sigoid_srt[35],
|
||||
&sigoid_srt[40],
|
||||
&sigoid_srt[14],
|
||||
&sigoid_srt[21],
|
||||
&sigoid_srt[36],
|
||||
&sigoid_srt[41],
|
||||
&sigoid_srt[15],
|
||||
&sigoid_srt[22],
|
||||
&sigoid_srt[37],
|
||||
&sigoid_srt[42],
|
||||
&sigoid_srt[16],
|
||||
&sigoid_srt[23],
|
||||
&sigoid_srt[19],
|
||||
&sigoid_srt[34],
|
||||
&sigoid_srt[39],
|
||||
&sigoid_srt[25],
|
||||
&sigoid_srt[26],
|
||||
&sigoid_srt[27],
|
||||
&sigoid_srt[28],
|
||||
&sigoid_srt[30],
|
||||
&sigoid_srt[31],
|
||||
&sigoid_srt[43],
|
||||
&sigoid_srt[44],
|
||||
&sigoid_srt[45],
|
||||
&sigoid_srt[46],
|
||||
};
|
||||
|
||||
__END_HIDDEN_DECLS
|
|
@ -1,68 +0,0 @@
|
|||
# OID cross reference table.
|
||||
# Links signatures OIDs to their corresponding public key algorithms
|
||||
# and digests. The digest "undef" indicates the public key's ASN.1
|
||||
# method should handle AlgorithmIdentifiers and (at least part of) the
|
||||
# message digest explicitly.
|
||||
|
||||
md2WithRSAEncryption md2 rsaEncryption
|
||||
md5WithRSAEncryption md5 rsaEncryption
|
||||
shaWithRSAEncryption sha rsaEncryption
|
||||
sha1WithRSAEncryption sha1 rsaEncryption
|
||||
md4WithRSAEncryption md4 rsaEncryption
|
||||
sha256WithRSAEncryption sha256 rsaEncryption
|
||||
sha384WithRSAEncryption sha384 rsaEncryption
|
||||
sha512WithRSAEncryption sha512 rsaEncryption
|
||||
sha224WithRSAEncryption sha224 rsaEncryption
|
||||
mdc2WithRSA mdc2 rsaEncryption
|
||||
ripemd160WithRSA ripemd160 rsaEncryption
|
||||
RSA_SHA3_224 sha3_224 rsaEncryption
|
||||
RSA_SHA3_256 sha3_256 rsaEncryption
|
||||
RSA_SHA3_384 sha3_384 rsaEncryption
|
||||
RSA_SHA3_512 sha3_512 rsaEncryption
|
||||
# For PSS the digest algorithm can vary and depends on the included
|
||||
# AlgorithmIdentifier.
|
||||
rsassaPss undef rsaEncryption
|
||||
|
||||
Ed25519 undef Ed25519
|
||||
|
||||
# Alternative deprecated OIDs. By using the older "rsa" OID this
|
||||
# type will be recognized by not normally used.
|
||||
|
||||
md5WithRSA md5 rsa
|
||||
sha1WithRSA sha1 rsa
|
||||
|
||||
dsaWithSHA sha dsa
|
||||
dsaWithSHA1 sha1 dsa
|
||||
|
||||
dsaWithSHA1_2 sha1 dsa_2
|
||||
|
||||
ecdsa_with_SHA1 sha1 X9_62_id_ecPublicKey
|
||||
ecdsa_with_SHA224 sha224 X9_62_id_ecPublicKey
|
||||
ecdsa_with_SHA256 sha256 X9_62_id_ecPublicKey
|
||||
ecdsa_with_SHA384 sha384 X9_62_id_ecPublicKey
|
||||
ecdsa_with_SHA512 sha512 X9_62_id_ecPublicKey
|
||||
ecdsa_with_Recommended undef X9_62_id_ecPublicKey
|
||||
ecdsa_with_Specified undef X9_62_id_ecPublicKey
|
||||
|
||||
dsa_with_SHA224 sha224 dsa
|
||||
dsa_with_SHA256 sha256 dsa
|
||||
|
||||
id_GostR3411_94_with_GostR3410_2001 id_GostR3411_94 id_GostR3410_2001
|
||||
id_GostR3411_94_with_GostR3410_94 id_GostR3411_94 id_GostR3410_94
|
||||
id_GostR3411_94_with_GostR3410_94_cc id_GostR3411_94 id_GostR3410_94_cc
|
||||
id_GostR3411_94_with_GostR3410_2001_cc id_GostR3411_94 id_GostR3410_2001_cc
|
||||
id_tc26_signwithdigest_gost3410_2012_256 id_tc26_gost3411_2012_256 id_GostR3410_2001
|
||||
id_tc26_signwithdigest_gost3410_2012_512 id_tc26_gost3411_2012_512 id_GostR3410_2001
|
||||
|
||||
# ECDH KDFs and their corresponding message digests and schemes
|
||||
dhSinglePass_stdDH_sha1kdf_scheme sha1 dh_std_kdf
|
||||
dhSinglePass_stdDH_sha224kdf_scheme sha224 dh_std_kdf
|
||||
dhSinglePass_stdDH_sha256kdf_scheme sha256 dh_std_kdf
|
||||
dhSinglePass_stdDH_sha384kdf_scheme sha384 dh_std_kdf
|
||||
dhSinglePass_stdDH_sha512kdf_scheme sha512 dh_std_kdf
|
||||
|
||||
dhSinglePass_cofactorDH_sha1kdf_scheme sha1 dh_cofactor_kdf
|
||||
dhSinglePass_cofactorDH_sha224kdf_scheme sha224 dh_cofactor_kdf
|
||||
dhSinglePass_cofactorDH_sha256kdf_scheme sha256 dh_cofactor_kdf
|
||||
dhSinglePass_cofactorDH_sha384kdf_scheme sha384 dh_cofactor_kdf
|
||||
dhSinglePass_cofactorDH_sha512kdf_scheme sha512 dh_cofactor_kdf
|
|
@ -1,111 +0,0 @@
|
|||
#!/usr/local/bin/perl
|
||||
|
||||
use strict;
|
||||
|
||||
my %xref_tbl;
|
||||
my %oid_tbl;
|
||||
|
||||
my ($mac_file, $xref_file) = @ARGV;
|
||||
|
||||
open(IN, $mac_file) || die "Can't open $mac_file";
|
||||
|
||||
# Read in OID nid values for a lookup table.
|
||||
|
||||
while (<IN>)
|
||||
{
|
||||
chomp;
|
||||
my ($name, $num) = /^(\S+)\s+(\S+)$/;
|
||||
$oid_tbl{$name} = $num;
|
||||
}
|
||||
close IN;
|
||||
|
||||
open(IN, $xref_file) || die "Can't open $xref_file";
|
||||
|
||||
my $ln = 1;
|
||||
|
||||
while (<IN>)
|
||||
{
|
||||
chomp;
|
||||
s/#.*$//;
|
||||
next if (/^\S*$/);
|
||||
my ($xr, $p1, $p2) = /^(\S+)\s+(\S+)\s+(\S+)/;
|
||||
check_oid($xr);
|
||||
check_oid($p1);
|
||||
check_oid($p2);
|
||||
$xref_tbl{$xr} = [$p1, $p2, $ln];
|
||||
}
|
||||
|
||||
my @xrkeys = keys %xref_tbl;
|
||||
|
||||
my @srt1 = sort { $oid_tbl{$a} <=> $oid_tbl{$b}} @xrkeys;
|
||||
|
||||
for(my $i = 0; $i <= $#srt1; $i++)
|
||||
{
|
||||
$xref_tbl{$srt1[$i]}[2] = $i;
|
||||
}
|
||||
|
||||
my @srt2 = sort
|
||||
{
|
||||
my$ap1 = $oid_tbl{$xref_tbl{$a}[0]};
|
||||
my$bp1 = $oid_tbl{$xref_tbl{$b}[0]};
|
||||
return $ap1 - $bp1 if ($ap1 != $bp1);
|
||||
my$ap2 = $oid_tbl{$xref_tbl{$a}[1]};
|
||||
my$bp2 = $oid_tbl{$xref_tbl{$b}[1]};
|
||||
|
||||
return $ap2 - $bp2;
|
||||
} @xrkeys;
|
||||
|
||||
my $pname = $0;
|
||||
|
||||
$pname =~ s|^.[^/]/||;
|
||||
|
||||
print <<EOF;
|
||||
/* \$OpenBSD\$ */
|
||||
/* AUTOGENERATED BY $pname, DO NOT EDIT */
|
||||
|
||||
__BEGIN_HIDDEN_DECLS
|
||||
|
||||
typedef struct
|
||||
{
|
||||
int sign_id;
|
||||
int hash_id;
|
||||
int pkey_id;
|
||||
} nid_triple;
|
||||
|
||||
static const nid_triple sigoid_srt[] =
|
||||
{
|
||||
EOF
|
||||
|
||||
foreach (@srt1)
|
||||
{
|
||||
my $xr = $_;
|
||||
my ($p1, $p2) = @{$xref_tbl{$_}};
|
||||
print "\t{NID_$xr, NID_$p1, NID_$p2},\n";
|
||||
}
|
||||
|
||||
print "\t};";
|
||||
print <<EOF;
|
||||
|
||||
|
||||
static const nid_triple * const sigoid_srt_xref[] =
|
||||
{
|
||||
EOF
|
||||
|
||||
foreach (@srt2)
|
||||
{
|
||||
my $x = $xref_tbl{$_}[2];
|
||||
print "\t\&sigoid_srt\[$x\],\n";
|
||||
}
|
||||
|
||||
print "\t};\n\n";
|
||||
print "__END_HIDDEN_DECLS\n";
|
||||
|
||||
sub check_oid
|
||||
{
|
||||
my ($chk) = @_;
|
||||
if (!exists $oid_tbl{$chk})
|
||||
{
|
||||
die "Not Found \"$chk\"\n";
|
||||
}
|
||||
}
|
||||
|
Loading…
Add table
Add a link
Reference in a new issue