Remove X509_REQ_{set,get}_extension_nids()

LibreSSL no longer supports non-standard OIDs for use in the extensions
attribute of CSRs. The API that enabled that (and nobody used of course)
can now go

Remove X509_REQ_{set,get}_extension_nids()

LibreSSL no longer supports non-standard OIDs for use in the extensions
attribute of CSRs. The API that enabled that (and nobody used of course)
can now go.

ok beck jsing

show more ...

Inline trivial X509at_* calls in x509_req

ok jsing

Tiny style tweaks in X509_REQ_add_extension_nid()

Test & assign and use ret instead of rv.

ok jsing

Streamline X509_REQ_check_private_key() a bit

Use better variable names, split the success from the error path and
return directly rather than using an ok variable.

ok jsing

Zap some extra parentheses in X509_REQ_get_pubkey()

ok jsing

Clean up X509_to_X509_REQ()

Use better variable names. X509_REQ_new() sets the version to the only
specified version, so there is no point to set it. Extract the subject
name, then assign to make it

Clean up X509_to_X509_REQ()

Use better variable names. X509_REQ_new() sets the version to the only
specified version, so there is no point to set it. Extract the subject
name, then assign to make it more obvious that we error happens if the
cert has a missing subject. Switch to X509_get0_pubkey() to avoid some
strange dance with a strangely named variable to adjust the refcount.

ok jsing

show more ...

Further simplify X509_REQ_get_extensions()

Instead of inlining a poor version of ASN1_TYPE_unpack_sequence() with
missing error checks, just call the real thing. It's safer and simpler.

ok jsing

Simplify X509_REQ_get_extensions()

Now that we know the two OIDs we need to look for when checking for the
extension list attribute in a certification request, we can simplify this
quite a bit. Ther

Simplify X509_REQ_get_extensions()

Now that we know the two OIDs we need to look for when checking for the
extension list attribute in a certification request, we can simplify this
quite a bit. There is one change of behavior. Attribute value sets are not
supposed to be empty and it makes no sense to return an empty stack of
extensions in that case, return NULL instead, matching BoringSSL.

This removes last use of ext_nids and ext_nid_list[], so these two bits
of unprotected global mutable state can now join the party in the attic.

ok jsing

show more ...

Simplify X509_REQ_extension_nid()

Now that the global ext_nids[] array can no longer be modified by the
application, we can simplify this by returning the two possible NIDs
that we accept in the ext

Simplify X509_REQ_extension_nid()

Now that the global ext_nids[] array can no longer be modified by the
application, we can simplify this by returning the two possible NIDs
that we accept in the extension list attribute in PKCS#10 certification
requests.

The year is 2024. This API is entirely unused by the ecosystem. Well not
entirely! One small village of indomitable rare API use still holds out
against the cleansers. You may have guessed it: security/xca.

ok jsing

show more ...

Defang X509_REQ_{s,g}et_extension_nids()

These fiddle with unprotected global state, so aren't thread safe and
of course there was no good reason to have this API in the first place.
Nothing uses it

Defang X509_REQ_{s,g}et_extension_nids()

These fiddle with unprotected global state, so aren't thread safe and
of course there was no good reason to have this API in the first place.
Nothing uses it, so it becomes a noop and will be removed in the next
major bump.

ok jsing

show more ...

Use X509_set_version() and X509_REQ_set_version() instead doing it by hand

A small side-effect in X509_to_X509_REQ() is that 'x->req_info->enc.modified'
now earlier on is set to 1.

OK tb@ jsing@

libressl *_namespace.h: adjust *_ALIAS() to require a semicolon

LCRYPTO_ALIAS() and LSSL_ALIAS() contained a trailing semicolon.
This does not conform to style(9), breaks editors and ctags and
(most

libressl *_namespace.h: adjust *_ALIAS() to require a semicolon

LCRYPTO_ALIAS() and LSSL_ALIAS() contained a trailing semicolon.
This does not conform to style(9), breaks editors and ctags and
(most importantly) my workflow. Fix this by neutering them with
asm("") so that -Wpedantic doesn't complain. There's precedent
in libc's namespace.h

fix suggested by & ok jsing

show more ...

Make internal header file names consistent

Libcrypto currently has a mess of *_lcl.h, *_locl.h, and *_local.h names
used for internal headers. Move all these headers we inherited from
OpenSSL to *_l

Make internal header file names consistent

Libcrypto currently has a mess of *_lcl.h, *_locl.h, and *_local.h names
used for internal headers. Move all these headers we inherited from
OpenSSL to *_local.h, reserving the name *_internal.h for our own code.
Similarly, move dtls_locl.h and ssl_locl.h to dtls_local and ssl_local.h.
constant_time_locl.h is moved to constant_time.h since it's special.

Adjust all .c files in libcrypto, libssl and regress.

The diff is mechanical with the exception of tls13_quic.c, where
#include <ssl_locl.h> was fixed manually.

discussed with jsing,
no objection bcook

show more ...

Hide public symbols in libcrypto/x509 .c files

ok tb@

Allow empty attribute sets in CSRs

While each attribute must contain at least one extension, it is not
required that a CSR have attributes at all. Instead of signalling an
error by returning NULL if

Allow empty attribute sets in CSRs

While each attribute must contain at least one extension, it is not
required that a CSR have attributes at all. Instead of signalling an
error by returning NULL if no extensions are found, return an empty
stack of extensions.

Via OpenSSL 1f02ca2d

ok jsing

show more ...

X509_GET_PUBKEY(3) return value check in libcrypto

CID 25131

ok beck@ tb@

suggest using X509_REQ_get0_pubkey() and remove the EVP_PKEY_free() from tb@

Include evp_locl.h where it will be needed once most structs from
evp.h will be moved to evp_locl.h in an upcoming bump.

ok inoguchi

Some cleanup in X509_REQ_get_extensions(3), no functional change.

In this function, merge everything that is worth merging
from the OpenSSL 1.1.1 branch, which is still under a free license,
mostly

Some cleanup in X509_REQ_get_extensions(3), no functional change.

In this function, merge everything that is worth merging
from the OpenSSL 1.1.1 branch, which is still under a free license,
mostly the relevant part of commit 9b0a4531 Mar 14 23:48:47 2015 +0000
to use X509_ATTRIBUTE_get0_type(3) rather than re-implementing it.

While here,
* use d2i_X509_EXTENSIONS(3) rather than ASN1_item_d2i(3);
* test pointers explicitly against NULL, not with '!', as suggested by tb@;
* drop some useless parentheses as suggested by tb@.

OK tb@

show more ...

Fix two bugs in X509_REQ_add_extensions_nid(3)
that i noticed while documneting the function:
* missing return value check for ASN1_item_i2d(3) and
* missing return value check for OBJ_nid2obj(3).

I

Fix two bugs in X509_REQ_add_extensions_nid(3)
that i noticed while documneting the function:
* missing return value check for ASN1_item_i2d(3) and
* missing return value check for OBJ_nid2obj(3).

In the function X509_REQ_add_extensions_nid(3), merge everything
that is worth merging from the OpenSSL 1.1.1 branch, which is still
under a free license; that's mostly parts of the commit 9b0a4531
Mar 14 23:48:47 2015 +0000 (containing the bugfix, even though the
OpenSSL commit message did not mention the bugs) and some minor
stylistic changes from 0f113f3e and 26a7d938.

While here, use i2d_X509_EXTENSIONS(3) instead of the layer-violating
call to ASN1_item_i2d(3), and include a few stylistic tweaks from tb@.

OK tb@, and jsing@ agreed on the general direction.

show more ...

Move the now internal X.509-related structs into x509_lcl.h.
Garbage collect the now unused LIBRESSL_CRYPTO_INTERNAL and
LIBRESSL_OPAQUE_X509. Include "x509_lcl.h" where needed and
fix a couple of un

Move the now internal X.509-related structs into x509_lcl.h.
Garbage collect the now unused LIBRESSL_CRYPTO_INTERNAL and
LIBRESSL_OPAQUE_X509. Include "x509_lcl.h" where needed and
fix a couple of unnecessary reacharounds.

ok jsing

show more ...

Prepare to provide X509_re_X509*_tbs()

ok beck jsing

Prepare to provide X509_REQ_pubkey_get0()

ok jsing

Add a const qualifier to the ASN1_OBJECT * argument of the following:
EVP_PKEY_get_attr_by_OBJ(3), X509at_get_attr_by_OBJ(3),
X509at_get0_data_by_OBJ(3), X509_REQ_get_attr_by_OBJ(3)

tested in a bulk

Add a const qualifier to the ASN1_OBJECT * argument of the following:
EVP_PKEY_get_attr_by_OBJ(3), X509at_get_attr_by_OBJ(3),
X509at_get0_data_by_OBJ(3), X509_REQ_get_attr_by_OBJ(3)

tested in a bulk by sthen
ok beck (as part of a larger diff)

show more ...

Send the function codes from the error functions to the bit bucket,
as was done earlier in libssl. Thanks inoguchi@ for noticing
libssl had more reacharounds into this.
ok jsing@ inoguchi@

Expand ASN1_ITEM_rptr macros - no change in generated assembly.