History log of /openbsd-src/lib/libcrypto/objects/obj_xref.c (Results 1 – 16 of 16)
Revision Date Author Comments
# 9c6dcd48 28-Aug-2024 tb <tb@openbsd.org>

Fix underlying pkey of RSA-PSS

There are currently very few differences between the rsa_asn1_meth for
plain RSA and the rsa_pss_asn1_meth for RSA-PSS apart from the obviously
necessary differnces fo

Fix underlying pkey of RSA-PSS

There are currently very few differences between the rsa_asn1_meth for
plain RSA and the rsa_pss_asn1_meth for RSA-PSS apart from the obviously
necessary differnces for base_method, pkey_id, pem_str and info (and the
fact that RSA has support for legacy private key encoding). This had the
lucky side effect that it didn't really matter which ameth one ended up
using after OBJ_find_sigid_algs().

With the upcoming support for X509_get_signature_infO() for RSA-PSS, this
needs to change as for RSA-PSS we need to decode the PSS parameters for
extracting the "security level", whereas for RSA we can just use the hash
length. Thus, for RSA-PSS switch pkey_id from the incorrect rsaEncryption
to rassaPss.

ok jsing

PS: OBJ_find_sigid_algs() manual is no longer entirely correct, but this
has been the case since we added Ed25519 support to obj_xref.

show more ...


# 0dadb9f5 27-Jan-2024 tb <tb@openbsd.org>

Teach OBJ_find_sigid_{,by_}algs(3) about ECDSA with SHA-3

This allows signing and verifying ASN.1 "items" using the ECDSA with SHA-3
signature algorithms. With this diff, ECDSA certificates and CMS

Teach OBJ_find_sigid_{,by_}algs(3) about ECDSA with SHA-3

This allows signing and verifying ASN.1 "items" using the ECDSA with SHA-3
signature algorithms. With this diff, ECDSA certificates and CMS products
using ECDSA with SHA-3 can be generated using the openssl command line tool.

ok jsing

show more ...


# 35f2f589 28-Jul-2023 tb <tb@openbsd.org>

Remove OBJ_add_sigid() and OBJ_sigid_free()

Another bit of unused extensibility that was responsible for a lot
of complexity until recently. This removes the remaining stubs from
the public API.

ok

Remove OBJ_add_sigid() and OBJ_sigid_free()

Another bit of unused extensibility that was responsible for a lot
of complexity until recently. This removes the remaining stubs from
the public API.

ok jsing

show more ...


# f0e1aa8e 22-Jul-2023 tb <tb@openbsd.org>

Align argument names of OBJ_add_sigid() with the other functions.


# 8e6e37e3 22-Jul-2023 tb <tb@openbsd.org>

Rewrite obj_xref.c

Instead of having two unreadable tables placed in a header generated by a
janky perl script from an ugly text file, use a single table inlined in
the C file. This table is used to

Rewrite obj_xref.c

Instead of having two unreadable tables placed in a header generated by a
janky perl script from an ugly text file, use a single table inlined in
the C file. This table is used to translate between signature algorithm
OIDs and pairs of OIDs of a message digest and a cipher. The table has
fewer than fifty entries and isn't used in a hot path. Using binary search
is overkill. Just do two linear searches, one for each translation. None
of the original code remains apart from the API.

ok jsing

show more ...


# 6afed99b 22-Jul-2023 tb <tb@openbsd.org>

Neuter OBJ_add_sigid() and OBJ_sigid_free()

These functions will be removed in the upcoming bump. Nothing uses them,
so it won't hurt if they become noops. This allows us to garbage collect
the sig_

Neuter OBJ_add_sigid() and OBJ_sigid_free()

These functions will be removed in the upcoming bump. Nothing uses them,
so it won't hurt if they become noops. This allows us to garbage collect
the sig_app and sigx_app stacks and make a first step towards simplifying
the OBJ_bsearch_() dances. Also sprinkle some const correctness... because
we can.

intermediate step towards a diff that is ok jsing

show more ...


# 1e9308c1 08-Jul-2023 beck <beck@openbsd.org>

Hide symbols in objects

ok tb@


# 76ce35bf 21-Jan-2017 jsing <jsing@openbsd.org>

Expand DECLARE_OBJ_BSEARCH_CMP_FN and IMPLEMENT_OBJ_BSEARCH_CMP_FN macros.

No change to generated assembly excluding line numbers.


# c3d6a26a 12-Jun-2014 deraadt <deraadt@openbsd.org>

tags as requested by miod and tedu


# ac1920f8 07-Jun-2014 deraadt <deraadt@openbsd.org>

Remove various test stubs. The good ones have been moved by jsing
and others to the regress framework. These remaining ones just
muddle us up when re-reading code repeatedly.
ok jsing


# b97bb891 29-May-2014 deraadt <deraadt@openbsd.org>

ok, next pass after review: when possible, put the reallocarray arguments
in the "size_t nmemb, size_t size"


# af519d3e 29-May-2014 deraadt <deraadt@openbsd.org>

convert 53 malloc(a*b) to reallocarray(NULL, a, b). that is 53
potential integer overflows easily changed into an allocation return
of NULL, with errno nicely set if need be. checks for an allocati

convert 53 malloc(a*b) to reallocarray(NULL, a, b). that is 53
potential integer overflows easily changed into an allocation return
of NULL, with errno nicely set if need be. checks for an allocations
returning NULL are commonplace, or if the object is dereferenced
(quite normal) will result in a nice fault which can be detected &
repaired properly.
ok tedu

show more ...


# 223e7da0 19-Apr-2014 jsing <jsing@openbsd.org>

KNF.


# 6f3a6cb1 17-Apr-2014 beck <beck@openbsd.org>

Change library to use intrinsic memory allocation functions instead of
OPENSSL_foo wrappers. This changes:
OPENSSL_malloc->malloc
OPENSSL_free->free
OPENSSL_relloc->realloc
OPENSSL_freeFunc->free


# ec07fdf1 13-Oct-2012 djm <djm@openbsd.org>

import OpenSSL-1.0.1c


# f1535dc8 01-Oct-2010 djm <djm@openbsd.org>

import OpenSSL-1.0.0a