Garbage collect unused attributes member from EVP_PKEY

ok miod

Hide public symbols in evp.h

largely mechanically done by the guentherizer 9000

ok tb@

Unhook and remove GOST and STREEBOG

This stops compiling the GOST source. The current implementation is low
quality and got in the way, especially in libssl. While we would be open
for GOST support,

Unhook and remove GOST and STREEBOG

This stops compiling the GOST source. The current implementation is low
quality and got in the way, especially in libssl. While we would be open
for GOST support, it needs to be significantly better than what we have
had and it also needs a maintainer.

Add OPENSSL_NO_GOST to opensslfeatures and stop installing gost.h.
Some code wrapped in #ifndef OPENSSL_NO_GOST will be removed later.

ok jsing

show more ...

EVP_PKEY_asn1_find_str() tweaks

Switch i to a size_t and improve a flag check. Part of an earlier diff
that was ok jsing but were lost when I reworked the diff.

Clean up EVP_PKEY_asn1_get0_info() a bit

Use better variable names without silly p prefix and use explicit checks
against NULL.

Clean up EVP_PKEY_asn1_find_str()

Use slightly better argument and variable names, do not pointlessly try
to match a string of negative length < -1, use a size_t for the strlen()
and preserve the lo

Clean up EVP_PKEY_asn1_find_str()

Use slightly better argument and variable names, do not pointlessly try
to match a string of negative length < -1, use a size_t for the strlen()
and preserve the logic that allows lookup by a string fragment rather
than a full string.

ok jsing

show more ...

Simplify EVP_PKEY_asn1_find()

EVP_PKEY_asn1_find() finds the EVP_PKEY_ASN1_METHOD underlying the method
or alias with nid (or, rather, pkey_id) passed in. Now that we have the
base method stored in

Simplify EVP_PKEY_asn1_find()

EVP_PKEY_asn1_find() finds the EVP_PKEY_ASN1_METHOD underlying the method
or alias with nid (or, rather, pkey_id) passed in. Now that we have the
base method stored in a pointer, we can return that method after a simple
lookup of said nid (or, rather, pkey_id).

ok jsing

show more ...

Replace .pkey_base_id with a .base_method pointer

Every EVP_PKEY_ASN1_METHOD is either an ASN.1 method or an alias.
As such it resolves to an underlying ASN.1 method (in one step).
This information

Replace .pkey_base_id with a .base_method pointer

Every EVP_PKEY_ASN1_METHOD is either an ASN.1 method or an alias.
As such it resolves to an underlying ASN.1 method (in one step).
This information can be stored in a base_method pointer in allusion
to the pkey_base_id, which is the name for the nid (aka pkey_id aka
type) of the underlying method.

For an ASN.1 method, the base method is itself, so the base method
is set as a pointer to itself. For an alias it is of course a pointer
to the underlying method. Then obviously ameth->pkey_base_id is the
same as ameth->base_method->pkey_id, so rework all ASN.1 methods to
follow that.

ok jsing

show more ...

Split ameth arrays into individual methods

For some reason DSA, GOST, and RSA had their ASN.1 methods stored in
an array. This is clumsy and the only benefit is that one saves a few
externs in p_lib

Split ameth arrays into individual methods

For some reason DSA, GOST, and RSA had their ASN.1 methods stored in
an array. This is clumsy and the only benefit is that one saves a few
externs in p_lib.c. They were also arranged by ascending NID because
of bsearch() madness.

Split them up and arrange the methods by name, which is much saner
and simpler.

ok jsing

show more ...

Remove EVP_PKEY's save_type member

This was only used to avoid an ameth lookup in EVP_PKEY_set_type(), a
micro-optimization that was removed in p_lib.c r1.48.

ok jsing

Move the EVP_PKEY_asn1_* API that will stay to evp/p_lib.c

Most of these functions are only called from this file internally apart
from the pem_str lookups from pem/. In the next major bump we can t

Move the EVP_PKEY_asn1_* API that will stay to evp/p_lib.c

Most of these functions are only called from this file internally apart
from the pem_str lookups from pem/. In the next major bump we can then
remove asn/ameth_lib.c. Also move EVP_PKEY_ASN1_METHOD to evp_local.h.
While this is used to dispatch to various ASN.1 decoding routines, it
doesn't fit into asn1/ at all.

show more ...

Move EVP_PKEY_assign() a bit up and tweak it slightly

ok jsing

Rename a few ret into pkey

Rework EVP_PKEY_set_type{,_str}()

These two functions previously wrapped a pkey_set_type() helper, which
was an utter mess because of ENGINE. With the long awaited departure of
ENGINE, this function

Rework EVP_PKEY_set_type{,_str}()

These two functions previously wrapped a pkey_set_type() helper, which
was an utter mess because of ENGINE. With the long awaited departure of
ENGINE, this function became a lot simpler. A further simplification is
obtained by not doing the optimization to avoid an ameth lookup: this
requires walking a list of 11 ameths. We should consider bsearch()...

With this gone and a saner implementation of EVP_PKEY_free_it(), we can
implement these functions with a dozen lines of code each.

ok jsing

show more ...

Rework EVP_PKEY_free()

Use pkey instead of x, remove the pointless variable i, no need to check
for NULL before sk_X509_ATTRIBUTE_pop_free(), switch to freezero() to
leave fewer invalid pointers aro

Rework EVP_PKEY_free()

Use pkey instead of x, remove the pointless variable i, no need to check
for NULL before sk_X509_ATTRIBUTE_pop_free(), switch to freezero() to
leave fewer invalid pointers around.

ok jsing

show more ...

Move EVP_PKEY_free() up next to evp_pkey_free_pkey_ptr()

ok jsing

Fix EVP_PKEY_up_ref() - must have hit ^X somehow

Rework evp_pkey_free_pkey_ptr()

Rename the variable from x into pkey, make it NULL safe and unindent.

ok jsing

Rename EVP_PKEY_free_it() into evp_pkey_free_pkey_ptr()

ok jsing

Move the confusingly named EVP_PKEY_free_it() a bit up

ok jsing

Simplify EVP_PKEY_up_ref()

There is no need for a local variable and a ternary operator here.

ok jsing

Switch EVP_PKEY_new() from malloc() to calloc()

ok jsing

Ignore ENGINE at the API boundary

This removes the remaining ENGINE members from various internal structs
and functions. Any ENGINE passed into a public API is now completely
ignored functions retur

Ignore ENGINE at the API boundary

This removes the remaining ENGINE members from various internal structs
and functions. Any ENGINE passed into a public API is now completely
ignored functions returning an ENGINE always return NULL.

ok jsing

show more ...

Unifdef OPENSSL_NO_ENGINE in libcrypto

This is mechanical apart from a few manual edits to avoid doubled empty
lines.

ok jsing

Make EVP_PKEY_get1_$TYPE a wrapper of EVP_PKEY_get0_$TYPE

Avoids a bit of code duplication and reduces the probability of a fix being
applied to only one of get0 and get1 (which happend in p_lib.c r

Make EVP_PKEY_get1_$TYPE a wrapper of EVP_PKEY_get0_$TYPE

Avoids a bit of code duplication and reduces the probability of a fix being
applied to only one of get0 and get1 (which happend in p_lib.c r1.35).

ok jsing

show more ...