kris
/
boringssl
1
0
Креирај огранак 0
Код Дискусије 0 Захтеви за спајање 0 Издања 0 Вики Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4677 Комити
12 Гране
38 MiB
Дрво: 01f26f3f32
Гране Ознаке
${ item.name }
Create branch ${ searchTerm }
from '01f26f3f32'
${ noResults }
boringssl/crypto/evp/evp_asn1.c

evp_asn1.c 9.8 KiB
Датотека Normal View Историја

Inital import. Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta). (This change contains substantial changes from the original and effectively starts a new history.)
пре 10 година
Decouple crypto/evp from the OID table. BUG=chromium:499653 Change-Id: I4e8d4af3129dbf61d4a8846ec9db685e83999d5e Reviewed-on: https://boringssl-review.googlesource.com/7565 Reviewed-by: Steven Valdez <svaldez@google.com> Reviewed-by: David Benjamin <davidben@google.com>
пре 8 година
Implement new SPKI parsers. Many consumers need SPKI support (X.509, TLS, QUIC, WebCrypto), each with different ways to set signature parameters. SPKIs themselves can get complex with id-RSASSA-PSS keys which come with various constraints in the key parameters. This suggests we want a common in-library representation of an SPKI. This adds two new functions EVP_parse_public_key and EVP_marshal_public_key which converts EVP_PKEY to and from SPKI and implements X509_PUBKEY functions with them. EVP_PKEY seems to have been intended to be able to express the supported SPKI types with full-fidelity, so these APIs will continue this. This means future support for id-RSASSA-PSS would *not* repurpose EVP_PKEY_RSA. I'm worried about code assuming EVP_PKEY_RSA implies acting on the RSA* is legal. Instead, it'd add an EVP_PKEY_RSA_PSS and the data pointer would be some (exposed, so the caller may still check key size, etc.) RSA_PSS_KEY struct. Internally, the EVP_PKEY_CTX implementation would enforce the key constraints. If RSA_PSS_KEY would later need its own API, that code would move there, but that seems unlikely. Ideally we'd have a 1:1 correspondence with key OID, although we may have to fudge things if mistakes happen in standardization. (Whether or not X.509 reuses id-ecPublicKey for Ed25519, we'll give it a separate EVP_PKEY type.) DSA parsing hooks are still implemented, missing parameters and all for now. This isn't any worse than before. Decoupling from the giant crypto/obj OID table will be a later task. BUG=522228 Change-Id: I0e3964edf20cb795a18b0991d17e5ca8bce3e28c Reviewed-on: https://boringssl-review.googlesource.com/6861 Reviewed-by: Adam Langley <agl@google.com>
пре 8 година
Reimplement d2i_AutoPrivateKey with the new ASN.1 stack. This is kind of a ridiculous function. It would be nice to lose it, but SSL_use_PrivateKey_file actually calls into it (by way of d2i_PrivateKey_bio). BUG=499653 Change-Id: I83634f6982b15f4b877e29f6793b7e00a1c10450 Reviewed-on: https://boringssl-review.googlesource.com/7026 Reviewed-by: Adam Langley <agl@google.com>
пре 8 година
Inital import. Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta). (This change contains substantial changes from the original and effectively starts a new history.)
пре 10 година
Reimplement d2i_AutoPrivateKey with the new ASN.1 stack. This is kind of a ridiculous function. It would be nice to lose it, but SSL_use_PrivateKey_file actually calls into it (by way of d2i_PrivateKey_bio). BUG=499653 Change-Id: I83634f6982b15f4b877e29f6793b7e00a1c10450 Reviewed-on: https://boringssl-review.googlesource.com/7026 Reviewed-by: Adam Langley <agl@google.com>
пре 8 година
Inital import. Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta). (This change contains substantial changes from the original and effectively starts a new history.)
пре 10 година
Adding ARRAY_SIZE macro for getting the size of constant arrays. Change-Id: Ie60744761f5aa434a71a998f5ca98a8f8b1c25d5 Reviewed-on: https://boringssl-review.googlesource.com/10447 Reviewed-by: David Benjamin <davidben@google.com> Commit-Queue: David Benjamin <davidben@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
пре 8 година
Inital import. Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta). (This change contains substantial changes from the original and effectively starts a new history.)
пре 10 година
Decouple crypto/evp from the OID table. BUG=chromium:499653 Change-Id: I4e8d4af3129dbf61d4a8846ec9db685e83999d5e Reviewed-on: https://boringssl-review.googlesource.com/7565 Reviewed-by: Steven Valdez <svaldez@google.com> Reviewed-by: David Benjamin <davidben@google.com>
пре 8 година
Implement draft-ietf-curdle-pkix-04's serialization. The resulting EVP_PKEYs do not do anything useful yet, but we are able to parse them. Teaching them to sign will be done in a follow-up. Creating these from in-memory keys is also slightly different from other types. We don't have or need a public ED25519_KEY struct in curve25519.h, so I've added tighter constructor functions which should hopefully be easier to use anyway. BUG=187 Change-Id: I0bbeea37350d4fdca05b6c6c0f152c15e6ade5bb Reviewed-on: https://boringssl-review.googlesource.com/14446 Commit-Queue: David Benjamin <davidben@google.com> Reviewed-by: Adam Langley <agl@google.com>
пре 7 година
Decouple crypto/evp from the OID table. BUG=chromium:499653 Change-Id: I4e8d4af3129dbf61d4a8846ec9db685e83999d5e Reviewed-on: https://boringssl-review.googlesource.com/7565 Reviewed-by: Steven Valdez <svaldez@google.com> Reviewed-by: David Benjamin <davidben@google.com>
пре 8 година
Implement draft-ietf-curdle-pkix-04's serialization. The resulting EVP_PKEYs do not do anything useful yet, but we are able to parse them. Teaching them to sign will be done in a follow-up. Creating these from in-memory keys is also slightly different from other types. We don't have or need a public ED25519_KEY struct in curve25519.h, so I've added tighter constructor functions which should hopefully be easier to use anyway. BUG=187 Change-Id: I0bbeea37350d4fdca05b6c6c0f152c15e6ade5bb Reviewed-on: https://boringssl-review.googlesource.com/14446 Commit-Queue: David Benjamin <davidben@google.com> Reviewed-by: Adam Langley <agl@google.com>
пре 7 година
Decouple crypto/evp from the OID table. BUG=chromium:499653 Change-Id: I4e8d4af3129dbf61d4a8846ec9db685e83999d5e Reviewed-on: https://boringssl-review.googlesource.com/7565 Reviewed-by: Steven Valdez <svaldez@google.com> Reviewed-by: David Benjamin <davidben@google.com>
пре 8 година
Work around language and compiler bug in memcpy, etc. Most C standard library functions are undefined if passed NULL, even when the corresponding length is zero. This gives them (and, in turn, all functions which call them) surprising behavior on empty arrays. Some compilers will miscompile code due to this rule. See also https://www.imperialviolet.org/2016/06/26/nonnull.html Add OPENSSL_memcpy, etc., wrappers which avoid this problem. BUG=23 Change-Id: I95f42b23e92945af0e681264fffaf578e7f8465e Reviewed-on: https://boringssl-review.googlesource.com/12928 Commit-Queue: David Benjamin <davidben@google.com> Reviewed-by: Adam Langley <agl@google.com>
пре 7 година
Decouple crypto/evp from the OID table. BUG=chromium:499653 Change-Id: I4e8d4af3129dbf61d4a8846ec9db685e83999d5e Reviewed-on: https://boringssl-review.googlesource.com/7565 Reviewed-by: Steven Valdez <svaldez@google.com> Reviewed-by: David Benjamin <davidben@google.com>
пре 8 година
Implement new SPKI parsers. Many consumers need SPKI support (X.509, TLS, QUIC, WebCrypto), each with different ways to set signature parameters. SPKIs themselves can get complex with id-RSASSA-PSS keys which come with various constraints in the key parameters. This suggests we want a common in-library representation of an SPKI. This adds two new functions EVP_parse_public_key and EVP_marshal_public_key which converts EVP_PKEY to and from SPKI and implements X509_PUBKEY functions with them. EVP_PKEY seems to have been intended to be able to express the supported SPKI types with full-fidelity, so these APIs will continue this. This means future support for id-RSASSA-PSS would *not* repurpose EVP_PKEY_RSA. I'm worried about code assuming EVP_PKEY_RSA implies acting on the RSA* is legal. Instead, it'd add an EVP_PKEY_RSA_PSS and the data pointer would be some (exposed, so the caller may still check key size, etc.) RSA_PSS_KEY struct. Internally, the EVP_PKEY_CTX implementation would enforce the key constraints. If RSA_PSS_KEY would later need its own API, that code would move there, but that seems unlikely. Ideally we'd have a 1:1 correspondence with key OID, although we may have to fudge things if mistakes happen in standardization. (Whether or not X.509 reuses id-ecPublicKey for Ed25519, we'll give it a separate EVP_PKEY type.) DSA parsing hooks are still implemented, missing parameters and all for now. This isn't any worse than before. Decoupling from the giant crypto/obj OID table will be a later task. BUG=522228 Change-Id: I0e3964edf20cb795a18b0991d17e5ca8bce3e28c Reviewed-on: https://boringssl-review.googlesource.com/6861 Reviewed-by: Adam Langley <agl@google.com>
пре 8 година
Run the comment converter on libcrypto. crypto/{asn1,x509,x509v3,pem} were skipped as they are still OpenSSL style. Change-Id: I3cd9a60e1cb483a981aca325041f3fbce294247c Reviewed-on: https://boringssl-review.googlesource.com/19504 Reviewed-by: Adam Langley <agl@google.com> Commit-Queue: David Benjamin <davidben@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
пре 7 година
Decouple crypto/evp from the OID table. BUG=chromium:499653 Change-Id: I4e8d4af3129dbf61d4a8846ec9db685e83999d5e Reviewed-on: https://boringssl-review.googlesource.com/7565 Reviewed-by: Steven Valdez <svaldez@google.com> Reviewed-by: David Benjamin <davidben@google.com>
пре 8 година
Implement new SPKI parsers. Many consumers need SPKI support (X.509, TLS, QUIC, WebCrypto), each with different ways to set signature parameters. SPKIs themselves can get complex with id-RSASSA-PSS keys which come with various constraints in the key parameters. This suggests we want a common in-library representation of an SPKI. This adds two new functions EVP_parse_public_key and EVP_marshal_public_key which converts EVP_PKEY to and from SPKI and implements X509_PUBKEY functions with them. EVP_PKEY seems to have been intended to be able to express the supported SPKI types with full-fidelity, so these APIs will continue this. This means future support for id-RSASSA-PSS would *not* repurpose EVP_PKEY_RSA. I'm worried about code assuming EVP_PKEY_RSA implies acting on the RSA* is legal. Instead, it'd add an EVP_PKEY_RSA_PSS and the data pointer would be some (exposed, so the caller may still check key size, etc.) RSA_PSS_KEY struct. Internally, the EVP_PKEY_CTX implementation would enforce the key constraints. If RSA_PSS_KEY would later need its own API, that code would move there, but that seems unlikely. Ideally we'd have a 1:1 correspondence with key OID, although we may have to fudge things if mistakes happen in standardization. (Whether or not X.509 reuses id-ecPublicKey for Ed25519, we'll give it a separate EVP_PKEY type.) DSA parsing hooks are still implemented, missing parameters and all for now. This isn't any worse than before. Decoupling from the giant crypto/obj OID table will be a later task. BUG=522228 Change-Id: I0e3964edf20cb795a18b0991d17e5ca8bce3e28c Reviewed-on: https://boringssl-review.googlesource.com/6861 Reviewed-by: Adam Langley <agl@google.com>
пре 8 година
Decouple crypto/evp from the OID table. BUG=chromium:499653 Change-Id: I4e8d4af3129dbf61d4a8846ec9db685e83999d5e Reviewed-on: https://boringssl-review.googlesource.com/7565 Reviewed-by: Steven Valdez <svaldez@google.com> Reviewed-by: David Benjamin <davidben@google.com>
пре 8 година
Implement new SPKI parsers. Many consumers need SPKI support (X.509, TLS, QUIC, WebCrypto), each with different ways to set signature parameters. SPKIs themselves can get complex with id-RSASSA-PSS keys which come with various constraints in the key parameters. This suggests we want a common in-library representation of an SPKI. This adds two new functions EVP_parse_public_key and EVP_marshal_public_key which converts EVP_PKEY to and from SPKI and implements X509_PUBKEY functions with them. EVP_PKEY seems to have been intended to be able to express the supported SPKI types with full-fidelity, so these APIs will continue this. This means future support for id-RSASSA-PSS would *not* repurpose EVP_PKEY_RSA. I'm worried about code assuming EVP_PKEY_RSA implies acting on the RSA* is legal. Instead, it'd add an EVP_PKEY_RSA_PSS and the data pointer would be some (exposed, so the caller may still check key size, etc.) RSA_PSS_KEY struct. Internally, the EVP_PKEY_CTX implementation would enforce the key constraints. If RSA_PSS_KEY would later need its own API, that code would move there, but that seems unlikely. Ideally we'd have a 1:1 correspondence with key OID, although we may have to fudge things if mistakes happen in standardization. (Whether or not X.509 reuses id-ecPublicKey for Ed25519, we'll give it a separate EVP_PKEY type.) DSA parsing hooks are still implemented, missing parameters and all for now. This isn't any worse than before. Decoupling from the giant crypto/obj OID table will be a later task. BUG=522228 Change-Id: I0e3964edf20cb795a18b0991d17e5ca8bce3e28c Reviewed-on: https://boringssl-review.googlesource.com/6861 Reviewed-by: Adam Langley <agl@google.com>
пре 8 година
Run the comment converter on libcrypto. crypto/{asn1,x509,x509v3,pem} were skipped as they are still OpenSSL style. Change-Id: I3cd9a60e1cb483a981aca325041f3fbce294247c Reviewed-on: https://boringssl-review.googlesource.com/19504 Reviewed-by: Adam Langley <agl@google.com> Commit-Queue: David Benjamin <davidben@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
пре 7 година
Implement new SPKI parsers. Many consumers need SPKI support (X.509, TLS, QUIC, WebCrypto), each with different ways to set signature parameters. SPKIs themselves can get complex with id-RSASSA-PSS keys which come with various constraints in the key parameters. This suggests we want a common in-library representation of an SPKI. This adds two new functions EVP_parse_public_key and EVP_marshal_public_key which converts EVP_PKEY to and from SPKI and implements X509_PUBKEY functions with them. EVP_PKEY seems to have been intended to be able to express the supported SPKI types with full-fidelity, so these APIs will continue this. This means future support for id-RSASSA-PSS would *not* repurpose EVP_PKEY_RSA. I'm worried about code assuming EVP_PKEY_RSA implies acting on the RSA* is legal. Instead, it'd add an EVP_PKEY_RSA_PSS and the data pointer would be some (exposed, so the caller may still check key size, etc.) RSA_PSS_KEY struct. Internally, the EVP_PKEY_CTX implementation would enforce the key constraints. If RSA_PSS_KEY would later need its own API, that code would move there, but that seems unlikely. Ideally we'd have a 1:1 correspondence with key OID, although we may have to fudge things if mistakes happen in standardization. (Whether or not X.509 reuses id-ecPublicKey for Ed25519, we'll give it a separate EVP_PKEY type.) DSA parsing hooks are still implemented, missing parameters and all for now. This isn't any worse than before. Decoupling from the giant crypto/obj OID table will be a later task. BUG=522228 Change-Id: I0e3964edf20cb795a18b0991d17e5ca8bce3e28c Reviewed-on: https://boringssl-review.googlesource.com/6861 Reviewed-by: Adam Langley <agl@google.com>
пре 8 година
Run the comment converter on libcrypto. crypto/{asn1,x509,x509v3,pem} were skipped as they are still OpenSSL style. Change-Id: I3cd9a60e1cb483a981aca325041f3fbce294247c Reviewed-on: https://boringssl-review.googlesource.com/19504 Reviewed-by: Adam Langley <agl@google.com> Commit-Queue: David Benjamin <davidben@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
пре 7 година
Implement new SPKI parsers. Many consumers need SPKI support (X.509, TLS, QUIC, WebCrypto), each with different ways to set signature parameters. SPKIs themselves can get complex with id-RSASSA-PSS keys which come with various constraints in the key parameters. This suggests we want a common in-library representation of an SPKI. This adds two new functions EVP_parse_public_key and EVP_marshal_public_key which converts EVP_PKEY to and from SPKI and implements X509_PUBKEY functions with them. EVP_PKEY seems to have been intended to be able to express the supported SPKI types with full-fidelity, so these APIs will continue this. This means future support for id-RSASSA-PSS would *not* repurpose EVP_PKEY_RSA. I'm worried about code assuming EVP_PKEY_RSA implies acting on the RSA* is legal. Instead, it'd add an EVP_PKEY_RSA_PSS and the data pointer would be some (exposed, so the caller may still check key size, etc.) RSA_PSS_KEY struct. Internally, the EVP_PKEY_CTX implementation would enforce the key constraints. If RSA_PSS_KEY would later need its own API, that code would move there, but that seems unlikely. Ideally we'd have a 1:1 correspondence with key OID, although we may have to fudge things if mistakes happen in standardization. (Whether or not X.509 reuses id-ecPublicKey for Ed25519, we'll give it a separate EVP_PKEY type.) DSA parsing hooks are still implemented, missing parameters and all for now. This isn't any worse than before. Decoupling from the giant crypto/obj OID table will be a later task. BUG=522228 Change-Id: I0e3964edf20cb795a18b0991d17e5ca8bce3e28c Reviewed-on: https://boringssl-review.googlesource.com/6861 Reviewed-by: Adam Langley <agl@google.com>
пре 8 година
Decouple crypto/evp from the OID table. BUG=chromium:499653 Change-Id: I4e8d4af3129dbf61d4a8846ec9db685e83999d5e Reviewed-on: https://boringssl-review.googlesource.com/7565 Reviewed-by: Steven Valdez <svaldez@google.com> Reviewed-by: David Benjamin <davidben@google.com>
пре 8 година
Implement new SPKI parsers. Many consumers need SPKI support (X.509, TLS, QUIC, WebCrypto), each with different ways to set signature parameters. SPKIs themselves can get complex with id-RSASSA-PSS keys which come with various constraints in the key parameters. This suggests we want a common in-library representation of an SPKI. This adds two new functions EVP_parse_public_key and EVP_marshal_public_key which converts EVP_PKEY to and from SPKI and implements X509_PUBKEY functions with them. EVP_PKEY seems to have been intended to be able to express the supported SPKI types with full-fidelity, so these APIs will continue this. This means future support for id-RSASSA-PSS would *not* repurpose EVP_PKEY_RSA. I'm worried about code assuming EVP_PKEY_RSA implies acting on the RSA* is legal. Instead, it'd add an EVP_PKEY_RSA_PSS and the data pointer would be some (exposed, so the caller may still check key size, etc.) RSA_PSS_KEY struct. Internally, the EVP_PKEY_CTX implementation would enforce the key constraints. If RSA_PSS_KEY would later need its own API, that code would move there, but that seems unlikely. Ideally we'd have a 1:1 correspondence with key OID, although we may have to fudge things if mistakes happen in standardization. (Whether or not X.509 reuses id-ecPublicKey for Ed25519, we'll give it a separate EVP_PKEY type.) DSA parsing hooks are still implemented, missing parameters and all for now. This isn't any worse than before. Decoupling from the giant crypto/obj OID table will be a later task. BUG=522228 Change-Id: I0e3964edf20cb795a18b0991d17e5ca8bce3e28c Reviewed-on: https://boringssl-review.googlesource.com/6861 Reviewed-by: Adam Langley <agl@google.com>
пре 8 година
Run the comment converter on libcrypto. crypto/{asn1,x509,x509v3,pem} were skipped as they are still OpenSSL style. Change-Id: I3cd9a60e1cb483a981aca325041f3fbce294247c Reviewed-on: https://boringssl-review.googlesource.com/19504 Reviewed-by: Adam Langley <agl@google.com> Commit-Queue: David Benjamin <davidben@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
пре 7 година
Implement new SPKI parsers. Many consumers need SPKI support (X.509, TLS, QUIC, WebCrypto), each with different ways to set signature parameters. SPKIs themselves can get complex with id-RSASSA-PSS keys which come with various constraints in the key parameters. This suggests we want a common in-library representation of an SPKI. This adds two new functions EVP_parse_public_key and EVP_marshal_public_key which converts EVP_PKEY to and from SPKI and implements X509_PUBKEY functions with them. EVP_PKEY seems to have been intended to be able to express the supported SPKI types with full-fidelity, so these APIs will continue this. This means future support for id-RSASSA-PSS would *not* repurpose EVP_PKEY_RSA. I'm worried about code assuming EVP_PKEY_RSA implies acting on the RSA* is legal. Instead, it'd add an EVP_PKEY_RSA_PSS and the data pointer would be some (exposed, so the caller may still check key size, etc.) RSA_PSS_KEY struct. Internally, the EVP_PKEY_CTX implementation would enforce the key constraints. If RSA_PSS_KEY would later need its own API, that code would move there, but that seems unlikely. Ideally we'd have a 1:1 correspondence with key OID, although we may have to fudge things if mistakes happen in standardization. (Whether or not X.509 reuses id-ecPublicKey for Ed25519, we'll give it a separate EVP_PKEY type.) DSA parsing hooks are still implemented, missing parameters and all for now. This isn't any worse than before. Decoupling from the giant crypto/obj OID table will be a later task. BUG=522228 Change-Id: I0e3964edf20cb795a18b0991d17e5ca8bce3e28c Reviewed-on: https://boringssl-review.googlesource.com/6861 Reviewed-by: Adam Langley <agl@google.com>
пре 8 година
Handle empty keys in EVP_marshal_public_key() Instead of crashing when an empty key is passed to EVP_marshal_public_key(), return with an EVP_R_UNSUPPORTED_ALGORITHM_ERROR. This brings e.g. X509_PUBKEY_set() closer to how it behaved before 68772b31 (previously, it returned an error on an empty public key rather than dereferencing pkey->ameth). Change-Id: Ieac368725adb7f22329c035d9d0685b44b885888 Reviewed-on: https://boringssl-review.googlesource.com/7351 Reviewed-by: David Benjamin <davidben@google.com>
пре 8 година
Implement new SPKI parsers. Many consumers need SPKI support (X.509, TLS, QUIC, WebCrypto), each with different ways to set signature parameters. SPKIs themselves can get complex with id-RSASSA-PSS keys which come with various constraints in the key parameters. This suggests we want a common in-library representation of an SPKI. This adds two new functions EVP_parse_public_key and EVP_marshal_public_key which converts EVP_PKEY to and from SPKI and implements X509_PUBKEY functions with them. EVP_PKEY seems to have been intended to be able to express the supported SPKI types with full-fidelity, so these APIs will continue this. This means future support for id-RSASSA-PSS would *not* repurpose EVP_PKEY_RSA. I'm worried about code assuming EVP_PKEY_RSA implies acting on the RSA* is legal. Instead, it'd add an EVP_PKEY_RSA_PSS and the data pointer would be some (exposed, so the caller may still check key size, etc.) RSA_PSS_KEY struct. Internally, the EVP_PKEY_CTX implementation would enforce the key constraints. If RSA_PSS_KEY would later need its own API, that code would move there, but that seems unlikely. Ideally we'd have a 1:1 correspondence with key OID, although we may have to fudge things if mistakes happen in standardization. (Whether or not X.509 reuses id-ecPublicKey for Ed25519, we'll give it a separate EVP_PKEY type.) DSA parsing hooks are still implemented, missing parameters and all for now. This isn't any worse than before. Decoupling from the giant crypto/obj OID table will be a later task. BUG=522228 Change-Id: I0e3964edf20cb795a18b0991d17e5ca8bce3e28c Reviewed-on: https://boringssl-review.googlesource.com/6861 Reviewed-by: Adam Langley <agl@google.com>
пре 8 година
Implement new PKCS#8 parsers. As with SPKI parsers, the intent is make EVP_PKEY capture the key's constraints in full fidelity, so we'd have to add new types or store the information in the underlying key object if people introduce variant key types with weird constraints on them. Note that because PKCS#8 has a space for arbitrary attributes, this parser must admit a hole. I'm assuming for now that we don't need an API that enforces no attributes and just ignore trailing data in the structure for simplicity. BUG=499653 Change-Id: I6fc641355e87136c7220f5d7693566d1144a68e8 Reviewed-on: https://boringssl-review.googlesource.com/6866 Reviewed-by: Adam Langley <agl@google.com>
пре 8 година
Run the comment converter on libcrypto. crypto/{asn1,x509,x509v3,pem} were skipped as they are still OpenSSL style. Change-Id: I3cd9a60e1cb483a981aca325041f3fbce294247c Reviewed-on: https://boringssl-review.googlesource.com/19504 Reviewed-by: Adam Langley <agl@google.com> Commit-Queue: David Benjamin <davidben@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
пре 7 година
Decouple crypto/evp from the OID table. BUG=chromium:499653 Change-Id: I4e8d4af3129dbf61d4a8846ec9db685e83999d5e Reviewed-on: https://boringssl-review.googlesource.com/7565 Reviewed-by: Steven Valdez <svaldez@google.com> Reviewed-by: David Benjamin <davidben@google.com>
пре 8 година
Implement new PKCS#8 parsers. As with SPKI parsers, the intent is make EVP_PKEY capture the key's constraints in full fidelity, so we'd have to add new types or store the information in the underlying key object if people introduce variant key types with weird constraints on them. Note that because PKCS#8 has a space for arbitrary attributes, this parser must admit a hole. I'm assuming for now that we don't need an API that enforces no attributes and just ignore trailing data in the structure for simplicity. BUG=499653 Change-Id: I6fc641355e87136c7220f5d7693566d1144a68e8 Reviewed-on: https://boringssl-review.googlesource.com/6866 Reviewed-by: Adam Langley <agl@google.com>
пре 8 година
Decouple crypto/evp from the OID table. BUG=chromium:499653 Change-Id: I4e8d4af3129dbf61d4a8846ec9db685e83999d5e Reviewed-on: https://boringssl-review.googlesource.com/7565 Reviewed-by: Steven Valdez <svaldez@google.com> Reviewed-by: David Benjamin <davidben@google.com>
пре 8 година
Implement new PKCS#8 parsers. As with SPKI parsers, the intent is make EVP_PKEY capture the key's constraints in full fidelity, so we'd have to add new types or store the information in the underlying key object if people introduce variant key types with weird constraints on them. Note that because PKCS#8 has a space for arbitrary attributes, this parser must admit a hole. I'm assuming for now that we don't need an API that enforces no attributes and just ignore trailing data in the structure for simplicity. BUG=499653 Change-Id: I6fc641355e87136c7220f5d7693566d1144a68e8 Reviewed-on: https://boringssl-review.googlesource.com/6866 Reviewed-by: Adam Langley <agl@google.com>
пре 8 година
Decouple crypto/evp from the OID table. BUG=chromium:499653 Change-Id: I4e8d4af3129dbf61d4a8846ec9db685e83999d5e Reviewed-on: https://boringssl-review.googlesource.com/7565 Reviewed-by: Steven Valdez <svaldez@google.com> Reviewed-by: David Benjamin <davidben@google.com>
пре 8 година
Implement new PKCS#8 parsers. As with SPKI parsers, the intent is make EVP_PKEY capture the key's constraints in full fidelity, so we'd have to add new types or store the information in the underlying key object if people introduce variant key types with weird constraints on them. Note that because PKCS#8 has a space for arbitrary attributes, this parser must admit a hole. I'm assuming for now that we don't need an API that enforces no attributes and just ignore trailing data in the structure for simplicity. BUG=499653 Change-Id: I6fc641355e87136c7220f5d7693566d1144a68e8 Reviewed-on: https://boringssl-review.googlesource.com/6866 Reviewed-by: Adam Langley <agl@google.com>
пре 8 година
Run the comment converter on libcrypto. crypto/{asn1,x509,x509v3,pem} were skipped as they are still OpenSSL style. Change-Id: I3cd9a60e1cb483a981aca325041f3fbce294247c Reviewed-on: https://boringssl-review.googlesource.com/19504 Reviewed-by: Adam Langley <agl@google.com> Commit-Queue: David Benjamin <davidben@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
пре 7 година
Implement new PKCS#8 parsers. As with SPKI parsers, the intent is make EVP_PKEY capture the key's constraints in full fidelity, so we'd have to add new types or store the information in the underlying key object if people introduce variant key types with weird constraints on them. Note that because PKCS#8 has a space for arbitrary attributes, this parser must admit a hole. I'm assuming for now that we don't need an API that enforces no attributes and just ignore trailing data in the structure for simplicity. BUG=499653 Change-Id: I6fc641355e87136c7220f5d7693566d1144a68e8 Reviewed-on: https://boringssl-review.googlesource.com/6866 Reviewed-by: Adam Langley <agl@google.com>
пре 8 година
Run the comment converter on libcrypto. crypto/{asn1,x509,x509v3,pem} were skipped as they are still OpenSSL style. Change-Id: I3cd9a60e1cb483a981aca325041f3fbce294247c Reviewed-on: https://boringssl-review.googlesource.com/19504 Reviewed-by: Adam Langley <agl@google.com> Commit-Queue: David Benjamin <davidben@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
пре 7 година
Implement new PKCS#8 parsers. As with SPKI parsers, the intent is make EVP_PKEY capture the key's constraints in full fidelity, so we'd have to add new types or store the information in the underlying key object if people introduce variant key types with weird constraints on them. Note that because PKCS#8 has a space for arbitrary attributes, this parser must admit a hole. I'm assuming for now that we don't need an API that enforces no attributes and just ignore trailing data in the structure for simplicity. BUG=499653 Change-Id: I6fc641355e87136c7220f5d7693566d1144a68e8 Reviewed-on: https://boringssl-review.googlesource.com/6866 Reviewed-by: Adam Langley <agl@google.com>
пре 8 година
Decouple crypto/evp from the OID table. BUG=chromium:499653 Change-Id: I4e8d4af3129dbf61d4a8846ec9db685e83999d5e Reviewed-on: https://boringssl-review.googlesource.com/7565 Reviewed-by: Steven Valdez <svaldez@google.com> Reviewed-by: David Benjamin <davidben@google.com>
пре 8 година
Implement new PKCS#8 parsers. As with SPKI parsers, the intent is make EVP_PKEY capture the key's constraints in full fidelity, so we'd have to add new types or store the information in the underlying key object if people introduce variant key types with weird constraints on them. Note that because PKCS#8 has a space for arbitrary attributes, this parser must admit a hole. I'm assuming for now that we don't need an API that enforces no attributes and just ignore trailing data in the structure for simplicity. BUG=499653 Change-Id: I6fc641355e87136c7220f5d7693566d1144a68e8 Reviewed-on: https://boringssl-review.googlesource.com/6866 Reviewed-by: Adam Langley <agl@google.com>
пре 8 година
Run the comment converter on libcrypto. crypto/{asn1,x509,x509v3,pem} were skipped as they are still OpenSSL style. Change-Id: I3cd9a60e1cb483a981aca325041f3fbce294247c Reviewed-on: https://boringssl-review.googlesource.com/19504 Reviewed-by: Adam Langley <agl@google.com> Commit-Queue: David Benjamin <davidben@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
пре 7 година
Implement new PKCS#8 parsers. As with SPKI parsers, the intent is make EVP_PKEY capture the key's constraints in full fidelity, so we'd have to add new types or store the information in the underlying key object if people introduce variant key types with weird constraints on them. Note that because PKCS#8 has a space for arbitrary attributes, this parser must admit a hole. I'm assuming for now that we don't need an API that enforces no attributes and just ignore trailing data in the structure for simplicity. BUG=499653 Change-Id: I6fc641355e87136c7220f5d7693566d1144a68e8 Reviewed-on: https://boringssl-review.googlesource.com/6866 Reviewed-by: Adam Langley <agl@google.com>
пре 8 година
Handle empty keys in EVP_marshal_public_key() Instead of crashing when an empty key is passed to EVP_marshal_public_key(), return with an EVP_R_UNSUPPORTED_ALGORITHM_ERROR. This brings e.g. X509_PUBKEY_set() closer to how it behaved before 68772b31 (previously, it returned an error on an empty public key rather than dereferencing pkey->ameth). Change-Id: Ieac368725adb7f22329c035d9d0685b44b885888 Reviewed-on: https://boringssl-review.googlesource.com/7351 Reviewed-by: David Benjamin <davidben@google.com>
пре 8 година
Implement new PKCS#8 parsers. As with SPKI parsers, the intent is make EVP_PKEY capture the key's constraints in full fidelity, so we'd have to add new types or store the information in the underlying key object if people introduce variant key types with weird constraints on them. Note that because PKCS#8 has a space for arbitrary attributes, this parser must admit a hole. I'm assuming for now that we don't need an API that enforces no attributes and just ignore trailing data in the structure for simplicity. BUG=499653 Change-Id: I6fc641355e87136c7220f5d7693566d1144a68e8 Reviewed-on: https://boringssl-review.googlesource.com/6866 Reviewed-by: Adam Langley <agl@google.com>
пре 8 година
Reimplement d2i_PrivateKey. Functions which lose object reuse and need auditing: - d2i_PrivateKey This removes evp_asn1.c's dependency on the old stack. (Aside from obj/.) It also takes old_priv_decode out of EVP_ASN1_METHOD in favor of calling out to the new-style function. EVP_ASN1_METHOD no longer has any old-style type-specific serialization hooks, only the PKCS#8 and SPKI ones. BUG=499653 Change-Id: Ic142dc05a5505b50e4717c260d3893b20e680194 Reviewed-on: https://boringssl-review.googlesource.com/7027 Reviewed-by: Adam Langley <agl@google.com>
пре 8 година
Inital import. Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta). (This change contains substantial changes from the original and effectively starts a new history.)
пре 10 година
Reimplement d2i_PrivateKey. Functions which lose object reuse and need auditing: - d2i_PrivateKey This removes evp_asn1.c's dependency on the old stack. (Aside from obj/.) It also takes old_priv_decode out of EVP_ASN1_METHOD in favor of calling out to the new-style function. EVP_ASN1_METHOD no longer has any old-style type-specific serialization hooks, only the PKCS#8 and SPKI ones. BUG=499653 Change-Id: Ic142dc05a5505b50e4717c260d3893b20e680194 Reviewed-on: https://boringssl-review.googlesource.com/7027 Reviewed-by: Adam Langley <agl@google.com>
пре 8 година
Inital import. Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta). (This change contains substantial changes from the original and effectively starts a new history.)
пре 10 година
Reimplement d2i_PrivateKey. Functions which lose object reuse and need auditing: - d2i_PrivateKey This removes evp_asn1.c's dependency on the old stack. (Aside from obj/.) It also takes old_priv_decode out of EVP_ASN1_METHOD in favor of calling out to the new-style function. EVP_ASN1_METHOD no longer has any old-style type-specific serialization hooks, only the PKCS#8 and SPKI ones. BUG=499653 Change-Id: Ic142dc05a5505b50e4717c260d3893b20e680194 Reviewed-on: https://boringssl-review.googlesource.com/7027 Reviewed-by: Adam Langley <agl@google.com>
пре 8 година
d2i: don't update input pointer on failure (Imported from upstream's 728bcd59d3d41e152aead0d15acc51a8958536d3.) Actually this one was reported by us, but the commit message doesn't mention this. This is slightly modified from upstream's version to fix some problems noticed in import. Specifically one of d2i_X509_AUX's success paths is bust and d2i_PrivateKey still updates on one error path. Resolve the latter by changing both it and d2i_AutoPrivateKey to explicitly hit the error path on ret == NULL. This lets us remove the NULL check in d2i_AutoPrivateKey. We'll want to report the problems back upstream. Change-Id: Ifcfc965ca6d5ec0a08ac154854bd351cafbaba25 Reviewed-on: https://boringssl-review.googlesource.com/5948 Reviewed-by: Adam Langley <agl@google.com>
пре 9 година
Reimplement d2i_PrivateKey. Functions which lose object reuse and need auditing: - d2i_PrivateKey This removes evp_asn1.c's dependency on the old stack. (Aside from obj/.) It also takes old_priv_decode out of EVP_ASN1_METHOD in favor of calling out to the new-style function. EVP_ASN1_METHOD no longer has any old-style type-specific serialization hooks, only the PKCS#8 and SPKI ones. BUG=499653 Change-Id: Ic142dc05a5505b50e4717c260d3893b20e680194 Reviewed-on: https://boringssl-review.googlesource.com/7027 Reviewed-by: Adam Langley <agl@google.com>
пре 8 година
Inital import. Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta). (This change contains substantial changes from the original and effectively starts a new history.)
пре 10 година
Reimplement d2i_PrivateKey. Functions which lose object reuse and need auditing: - d2i_PrivateKey This removes evp_asn1.c's dependency on the old stack. (Aside from obj/.) It also takes old_priv_decode out of EVP_ASN1_METHOD in favor of calling out to the new-style function. EVP_ASN1_METHOD no longer has any old-style type-specific serialization hooks, only the PKCS#8 and SPKI ones. BUG=499653 Change-Id: Ic142dc05a5505b50e4717c260d3893b20e680194 Reviewed-on: https://boringssl-review.googlesource.com/7027 Reviewed-by: Adam Langley <agl@google.com>
пре 8 година
Run the comment converter on libcrypto. crypto/{asn1,x509,x509v3,pem} were skipped as they are still OpenSSL style. Change-Id: I3cd9a60e1cb483a981aca325041f3fbce294247c Reviewed-on: https://boringssl-review.googlesource.com/19504 Reviewed-by: Adam Langley <agl@google.com> Commit-Queue: David Benjamin <davidben@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
пре 7 година
Reimplement d2i_PrivateKey. Functions which lose object reuse and need auditing: - d2i_PrivateKey This removes evp_asn1.c's dependency on the old stack. (Aside from obj/.) It also takes old_priv_decode out of EVP_ASN1_METHOD in favor of calling out to the new-style function. EVP_ASN1_METHOD no longer has any old-style type-specific serialization hooks, only the PKCS#8 and SPKI ones. BUG=499653 Change-Id: Ic142dc05a5505b50e4717c260d3893b20e680194 Reviewed-on: https://boringssl-review.googlesource.com/7027 Reviewed-by: Adam Langley <agl@google.com>
пре 8 година
Run the comment converter on libcrypto. crypto/{asn1,x509,x509v3,pem} were skipped as they are still OpenSSL style. Change-Id: I3cd9a60e1cb483a981aca325041f3fbce294247c Reviewed-on: https://boringssl-review.googlesource.com/19504 Reviewed-by: Adam Langley <agl@google.com> Commit-Queue: David Benjamin <davidben@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
пре 7 година
Reimplement d2i_PrivateKey. Functions which lose object reuse and need auditing: - d2i_PrivateKey This removes evp_asn1.c's dependency on the old stack. (Aside from obj/.) It also takes old_priv_decode out of EVP_ASN1_METHOD in favor of calling out to the new-style function. EVP_ASN1_METHOD no longer has any old-style type-specific serialization hooks, only the PKCS#8 and SPKI ones. BUG=499653 Change-Id: Ic142dc05a5505b50e4717c260d3893b20e680194 Reviewed-on: https://boringssl-review.googlesource.com/7027 Reviewed-by: Adam Langley <agl@google.com>
пре 8 година
Inital import. Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta). (This change contains substantial changes from the original and effectively starts a new history.)
пре 10 година
Enforce that d2i_PrivateKey returns a key of the specified type. If d2i_PrivateKey hit the PKCS#8 codepath, it didn't enforce that the key was of the specified type. Note that this requires tweaking d2i_AutoPrivateKey slightly. A PKCS #8 PrivateKeyInfo may have 3 or 4 elements (optional attributes), so we were relying on this bug for d2i_AutoPrivateKey to work. Change-Id: If50b7a742f535d208e944ba37c3a585689d1da43 Reviewed-on: https://boringssl-review.googlesource.com/7253 Reviewed-by: Adam Langley <agl@google.com>
пре 8 година
Inital import. Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta). (This change contains substantial changes from the original and effectively starts a new history.)
пре 10 година
Reimplement d2i_PrivateKey. Functions which lose object reuse and need auditing: - d2i_PrivateKey This removes evp_asn1.c's dependency on the old stack. (Aside from obj/.) It also takes old_priv_decode out of EVP_ASN1_METHOD in favor of calling out to the new-style function. EVP_ASN1_METHOD no longer has any old-style type-specific serialization hooks, only the PKCS#8 and SPKI ones. BUG=499653 Change-Id: Ic142dc05a5505b50e4717c260d3893b20e680194 Reviewed-on: https://boringssl-review.googlesource.com/7027 Reviewed-by: Adam Langley <agl@google.com>
пре 8 година
Inital import. Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta). (This change contains substantial changes from the original and effectively starts a new history.)
пре 10 година
Reimplement d2i_PrivateKey. Functions which lose object reuse and need auditing: - d2i_PrivateKey This removes evp_asn1.c's dependency on the old stack. (Aside from obj/.) It also takes old_priv_decode out of EVP_ASN1_METHOD in favor of calling out to the new-style function. EVP_ASN1_METHOD no longer has any old-style type-specific serialization hooks, only the PKCS#8 and SPKI ones. BUG=499653 Change-Id: Ic142dc05a5505b50e4717c260d3893b20e680194 Reviewed-on: https://boringssl-review.googlesource.com/7027 Reviewed-by: Adam Langley <agl@google.com>
пре 8 година
Inital import. Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta). (This change contains substantial changes from the original and effectively starts a new history.)
пре 10 година
Run the comment converter on libcrypto. crypto/{asn1,x509,x509v3,pem} were skipped as they are still OpenSSL style. Change-Id: I3cd9a60e1cb483a981aca325041f3fbce294247c Reviewed-on: https://boringssl-review.googlesource.com/19504 Reviewed-by: Adam Langley <agl@google.com> Commit-Queue: David Benjamin <davidben@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
пре 7 година
Reimplement d2i_AutoPrivateKey with the new ASN.1 stack. This is kind of a ridiculous function. It would be nice to lose it, but SSL_use_PrivateKey_file actually calls into it (by way of d2i_PrivateKey_bio). BUG=499653 Change-Id: I83634f6982b15f4b877e29f6793b7e00a1c10450 Reviewed-on: https://boringssl-review.googlesource.com/7026 Reviewed-by: Adam Langley <agl@google.com>
пре 8 година
d2i: don't update input pointer on failure (Imported from upstream's 728bcd59d3d41e152aead0d15acc51a8958536d3.) Actually this one was reported by us, but the commit message doesn't mention this. This is slightly modified from upstream's version to fix some problems noticed in import. Specifically one of d2i_X509_AUX's success paths is bust and d2i_PrivateKey still updates on one error path. Resolve the latter by changing both it and d2i_AutoPrivateKey to explicitly hit the error path on ret == NULL. This lets us remove the NULL check in d2i_AutoPrivateKey. We'll want to report the problems back upstream. Change-Id: Ifcfc965ca6d5ec0a08ac154854bd351cafbaba25 Reviewed-on: https://boringssl-review.googlesource.com/5948 Reviewed-by: Adam Langley <agl@google.com>
пре 9 година
Reimplement d2i_AutoPrivateKey with the new ASN.1 stack. This is kind of a ridiculous function. It would be nice to lose it, but SSL_use_PrivateKey_file actually calls into it (by way of d2i_PrivateKey_bio). BUG=499653 Change-Id: I83634f6982b15f4b877e29f6793b7e00a1c10450 Reviewed-on: https://boringssl-review.googlesource.com/7026 Reviewed-by: Adam Langley <agl@google.com>
пре 8 година
Inital import. Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta). (This change contains substantial changes from the original and effectively starts a new history.)
пре 10 година
Reimplement d2i_AutoPrivateKey with the new ASN.1 stack. This is kind of a ridiculous function. It would be nice to lose it, but SSL_use_PrivateKey_file actually calls into it (by way of d2i_PrivateKey_bio). BUG=499653 Change-Id: I83634f6982b15f4b877e29f6793b7e00a1c10450 Reviewed-on: https://boringssl-review.googlesource.com/7026 Reviewed-by: Adam Langley <agl@google.com>
пре 8 година
Inital import. Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta). (This change contains substantial changes from the original and effectively starts a new history.)
пре 10 година
Run the comment converter on libcrypto. crypto/{asn1,x509,x509v3,pem} were skipped as they are still OpenSSL style. Change-Id: I3cd9a60e1cb483a981aca325041f3fbce294247c Reviewed-on: https://boringssl-review.googlesource.com/19504 Reviewed-by: Adam Langley <agl@google.com> Commit-Queue: David Benjamin <davidben@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
пре 7 година
Enforce that d2i_PrivateKey returns a key of the specified type. If d2i_PrivateKey hit the PKCS#8 codepath, it didn't enforce that the key was of the specified type. Note that this requires tweaking d2i_AutoPrivateKey slightly. A PKCS #8 PrivateKeyInfo may have 3 or 4 elements (optional attributes), so we were relying on this bug for d2i_AutoPrivateKey to work. Change-Id: If50b7a742f535d208e944ba37c3a585689d1da43 Reviewed-on: https://boringssl-review.googlesource.com/7253 Reviewed-by: Adam Langley <agl@google.com>
пре 8 година
Reimplement d2i_AutoPrivateKey with the new ASN.1 stack. This is kind of a ridiculous function. It would be nice to lose it, but SSL_use_PrivateKey_file actually calls into it (by way of d2i_PrivateKey_bio). BUG=499653 Change-Id: I83634f6982b15f4b877e29f6793b7e00a1c10450 Reviewed-on: https://boringssl-review.googlesource.com/7026 Reviewed-by: Adam Langley <agl@google.com>
пре 8 година
Enforce that d2i_PrivateKey returns a key of the specified type. If d2i_PrivateKey hit the PKCS#8 codepath, it didn't enforce that the key was of the specified type. Note that this requires tweaking d2i_AutoPrivateKey slightly. A PKCS #8 PrivateKeyInfo may have 3 or 4 elements (optional attributes), so we were relying on this bug for d2i_AutoPrivateKey to work. Change-Id: If50b7a742f535d208e944ba37c3a585689d1da43 Reviewed-on: https://boringssl-review.googlesource.com/7253 Reviewed-by: Adam Langley <agl@google.com>
пре 8 година
Reimplement d2i_AutoPrivateKey with the new ASN.1 stack. This is kind of a ridiculous function. It would be nice to lose it, but SSL_use_PrivateKey_file actually calls into it (by way of d2i_PrivateKey_bio). BUG=499653 Change-Id: I83634f6982b15f4b877e29f6793b7e00a1c10450 Reviewed-on: https://boringssl-review.googlesource.com/7026 Reviewed-by: Adam Langley <agl@google.com>
пре 8 година
Run the comment converter on libcrypto. crypto/{asn1,x509,x509v3,pem} were skipped as they are still OpenSSL style. Change-Id: I3cd9a60e1cb483a981aca325041f3fbce294247c Reviewed-on: https://boringssl-review.googlesource.com/19504 Reviewed-by: Adam Langley <agl@google.com> Commit-Queue: David Benjamin <davidben@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
пре 7 година
Enforce that d2i_PrivateKey returns a key of the specified type. If d2i_PrivateKey hit the PKCS#8 codepath, it didn't enforce that the key was of the specified type. Note that this requires tweaking d2i_AutoPrivateKey slightly. A PKCS #8 PrivateKeyInfo may have 3 or 4 elements (optional attributes), so we were relying on this bug for d2i_AutoPrivateKey to work. Change-Id: If50b7a742f535d208e944ba37c3a585689d1da43 Reviewed-on: https://boringssl-review.googlesource.com/7253 Reviewed-by: Adam Langley <agl@google.com>
пре 8 година
Reimplement d2i_AutoPrivateKey with the new ASN.1 stack. This is kind of a ridiculous function. It would be nice to lose it, but SSL_use_PrivateKey_file actually calls into it (by way of d2i_PrivateKey_bio). BUG=499653 Change-Id: I83634f6982b15f4b877e29f6793b7e00a1c10450 Reviewed-on: https://boringssl-review.googlesource.com/7026 Reviewed-by: Adam Langley <agl@google.com>
пре 8 година
Inital import. Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta). (This change contains substantial changes from the original and effectively starts a new history.)
пре 10 година
Remove the func parameter to OPENSSL_PUT_ERROR. Much of this was done automatically with find . -name '*.c' | xargs sed -E -i '' -e 's/(OPENSSL_PUT_ERROR\([a-zA-Z_0-9]+, )[a-zA-Z_0-9]+, ([a-zA-Z_0-9]+\);)/\1\2/' find . -name '*.c' | xargs sed -E -i '' -e 's/(OPENSSL_PUT_ERROR\([a-zA-Z_0-9]+, )[a-zA-Z_0-9]+, ([a-zA-Z_0-9]+\);)/\1\2/' BUG=468039 Change-Id: I4c75fd95dff85ab1d4a546b05e6aed1aeeb499d8 Reviewed-on: https://boringssl-review.googlesource.com/5276 Reviewed-by: Adam Langley <agl@google.com>
пре 9 година
Inital import. Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta). (This change contains substantial changes from the original and effectively starts a new history.)
пре 10 година
 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337 
  1. /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)

  2.  * All rights reserved.

  3.  *

  4.  * This package is an SSL implementation written

  5.  * by Eric Young (eay@cryptsoft.com).

  6.  * The implementation was written so as to conform with Netscapes SSL.

  7.  *

  8.  * This library is free for commercial and non-commercial use as long as

  9.  * the following conditions are aheared to.  The following conditions

  10.  * apply to all code found in this distribution, be it the RC4, RSA,

  11.  * lhash, DES, etc., code; not just the SSL code.  The SSL documentation

  12.  * included with this distribution is covered by the same copyright terms

  13.  * except that the holder is Tim Hudson (tjh@cryptsoft.com).

  14.  *

  15.  * Copyright remains Eric Young's, and as such any Copyright notices in

  16.  * the code are not to be removed.

  17.  * If this package is used in a product, Eric Young should be given attribution

  18.  * as the author of the parts of the library used.

  19.  * This can be in the form of a textual message at program startup or

  20.  * in documentation (online or textual) provided with the package.

  21.  *

  22.  * Redistribution and use in source and binary forms, with or without

  23.  * modification, are permitted provided that the following conditions

  24.  * are met:

  25.  * 1. Redistributions of source code must retain the copyright

  26.  *    notice, this list of conditions and the following disclaimer.

  27.  * 2. Redistributions in binary form must reproduce the above copyright

  28.  *    notice, this list of conditions and the following disclaimer in the

  29.  *    documentation and/or other materials provided with the distribution.

  30.  * 3. All advertising materials mentioning features or use of this software

  31.  *    must display the following acknowledgement:

  32.  *    "This product includes cryptographic software written by

  33.  *     Eric Young (eay@cryptsoft.com)"

  34.  *    The word 'cryptographic' can be left out if the rouines from the library

  35.  *    being used are not cryptographic related :-).

  36.  * 4. If you include any Windows specific code (or a derivative thereof) from

  37.  *    the apps directory (application code) you must include an acknowledgement:

  38.  *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"

  39.  *

  40.  * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND

  41.  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE

  42.  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE

  43.  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE

  44.  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL

  45.  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS

  46.  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)

  47.  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT

  48.  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY

  49.  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF

  50.  * SUCH DAMAGE.

  51.  *

  52.  * The licence and distribution terms for any publically available version or

  53.  * derivative of this code cannot be changed.  i.e. this code cannot simply be

  54.  * copied and put under another distribution licence

  55.  * [including the GNU Public Licence.] */

  56. 

  57. #include <openssl/evp.h>

  58. 

  59. #include <string.h>

  60. 

  61. #include <openssl/bytestring.h>

  62. #include <openssl/dsa.h>

  63. #include <openssl/ec_key.h>

  64. #include <openssl/err.h>

  65. #include <openssl/rsa.h>

  66. 

  67. #include "internal.h"

  68. #include "../internal.h"

  69. 

  70. 

  71. static const EVP_PKEY_ASN1_METHOD *const kASN1Methods[] = {

  72.     &rsa_asn1_meth,

  73.     &ec_asn1_meth,

  74.     &dsa_asn1_meth,

  75.     &ed25519_asn1_meth,

  76. };

  77. 

  78. static int parse_key_type(CBS *cbs, int *out_type) {

  79.   CBS oid;

  80.   if (!CBS_get_asn1(cbs, &oid, CBS_ASN1_OBJECT)) {

  81.     return 0;

  82.   }

  83. 

  84.   for (unsigned i = 0; i < OPENSSL_ARRAY_SIZE(kASN1Methods); i++) {

  85.     const EVP_PKEY_ASN1_METHOD *method = kASN1Methods[i];

  86.     if (CBS_len(&oid) == method->oid_len &&

  87.         OPENSSL_memcmp(CBS_data(&oid), method->oid, method->oid_len) == 0) {

  88.       *out_type = method->pkey_id;

  89.       return 1;

  90.     }

  91.   }

  92. 

  93.   return 0;

  94. }

  95. 

  96. EVP_PKEY *EVP_parse_public_key(CBS *cbs) {

  97.   // Parse the SubjectPublicKeyInfo.

  98.   CBS spki, algorithm, key;

  99.   int type;

  100.   uint8_t padding;

  101.   if (!CBS_get_asn1(cbs, &spki, CBS_ASN1_SEQUENCE) ||

  102.       !CBS_get_asn1(&spki, &algorithm, CBS_ASN1_SEQUENCE) ||

  103.       !parse_key_type(&algorithm, &type) ||

  104.       !CBS_get_asn1(&spki, &key, CBS_ASN1_BITSTRING) ||

  105.       CBS_len(&spki) != 0 ||

  106.       // Every key type defined encodes the key as a byte string with the same

  107.       // conversion to BIT STRING.

  108.       !CBS_get_u8(&key, &padding) ||

  109.       padding != 0) {

  110.     OPENSSL_PUT_ERROR(EVP, EVP_R_DECODE_ERROR);

  111.     return NULL;

  112.   }

  113. 

  114.   // Set up an |EVP_PKEY| of the appropriate type.

  115.   EVP_PKEY *ret = EVP_PKEY_new();

  116.   if (ret == NULL ||

  117.       !EVP_PKEY_set_type(ret, type)) {

  118.     goto err;

  119.   }

  120. 

  121.   // Call into the type-specific SPKI decoding function.

  122.   if (ret->ameth->pub_decode == NULL) {

  123.     OPENSSL_PUT_ERROR(EVP, EVP_R_UNSUPPORTED_ALGORITHM);

  124.     goto err;

  125.   }

  126.   if (!ret->ameth->pub_decode(ret, &algorithm, &key)) {

  127.     goto err;

  128.   }

  129. 

  130.   return ret;

  131. 

  132. err:

  133.   EVP_PKEY_free(ret);

  134.   return NULL;

  135. }

  136. 

  137. int EVP_marshal_public_key(CBB *cbb, const EVP_PKEY *key) {

  138.   if (key->ameth == NULL || key->ameth->pub_encode == NULL) {

  139.     OPENSSL_PUT_ERROR(EVP, EVP_R_UNSUPPORTED_ALGORITHM);

  140.     return 0;

  141.   }

  142. 

  143.   return key->ameth->pub_encode(cbb, key);

  144. }

  145. 

  146. EVP_PKEY *EVP_parse_private_key(CBS *cbs) {

  147.   // Parse the PrivateKeyInfo.

  148.   CBS pkcs8, algorithm, key;

  149.   uint64_t version;

  150.   int type;

  151.   if (!CBS_get_asn1(cbs, &pkcs8, CBS_ASN1_SEQUENCE) ||

  152.       !CBS_get_asn1_uint64(&pkcs8, &version) ||

  153.       version != 0 ||

  154.       !CBS_get_asn1(&pkcs8, &algorithm, CBS_ASN1_SEQUENCE) ||

  155.       !parse_key_type(&algorithm, &type) ||

  156.       !CBS_get_asn1(&pkcs8, &key, CBS_ASN1_OCTETSTRING)) {

  157.     OPENSSL_PUT_ERROR(EVP, EVP_R_DECODE_ERROR);

  158.     return NULL;

  159.   }

  160. 

  161.   // A PrivateKeyInfo ends with a SET of Attributes which we ignore.

  162. 

  163.   // Set up an |EVP_PKEY| of the appropriate type.

  164.   EVP_PKEY *ret = EVP_PKEY_new();

  165.   if (ret == NULL ||

  166.       !EVP_PKEY_set_type(ret, type)) {

  167.     goto err;

  168.   }

  169. 

  170.   // Call into the type-specific PrivateKeyInfo decoding function.

  171.   if (ret->ameth->priv_decode == NULL) {

  172.     OPENSSL_PUT_ERROR(EVP, EVP_R_UNSUPPORTED_ALGORITHM);

  173.     goto err;

  174.   }

  175.   if (!ret->ameth->priv_decode(ret, &algorithm, &key)) {

  176.     goto err;

  177.   }

  178. 

  179.   return ret;

  180. 

  181. err:

  182.   EVP_PKEY_free(ret);

  183.   return NULL;

  184. }

  185. 

  186. int EVP_marshal_private_key(CBB *cbb, const EVP_PKEY *key) {

  187.   if (key->ameth == NULL || key->ameth->priv_encode == NULL) {

  188.     OPENSSL_PUT_ERROR(EVP, EVP_R_UNSUPPORTED_ALGORITHM);

  189.     return 0;

  190.   }

  191. 

  192.   return key->ameth->priv_encode(cbb, key);

  193. }

  194. 

  195. static EVP_PKEY *old_priv_decode(CBS *cbs, int type) {

  196.   EVP_PKEY *ret = EVP_PKEY_new();

  197.   if (ret == NULL) {

  198.     return NULL;

  199.   }

  200. 

  201.   switch (type) {

  202.     case EVP_PKEY_EC: {

  203.       EC_KEY *ec_key = EC_KEY_parse_private_key(cbs, NULL);

  204.       if (ec_key == NULL || !EVP_PKEY_assign_EC_KEY(ret, ec_key)) {

  205.         EC_KEY_free(ec_key);

  206.         goto err;

  207.       }

  208.       return ret;

  209.     }

  210.     case EVP_PKEY_DSA: {

  211.       DSA *dsa = DSA_parse_private_key(cbs);

  212.       if (dsa == NULL || !EVP_PKEY_assign_DSA(ret, dsa)) {

  213.         DSA_free(dsa);

  214.         goto err;

  215.       }

  216.       return ret;

  217.     }

  218.     case EVP_PKEY_RSA: {

  219.       RSA *rsa = RSA_parse_private_key(cbs);

  220.       if (rsa == NULL || !EVP_PKEY_assign_RSA(ret, rsa)) {

  221.         RSA_free(rsa);

  222.         goto err;

  223.       }

  224.       return ret;

  225.     }

  226.     default:

  227.       OPENSSL_PUT_ERROR(EVP, EVP_R_UNKNOWN_PUBLIC_KEY_TYPE);

  228.       goto err;

  229.   }

  230. 

  231. err:

  232.   EVP_PKEY_free(ret);

  233.   return NULL;

  234. }

  235. 

  236. EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **out, const uint8_t **inp,

  237.                          long len) {

  238.   if (len < 0) {

  239.     OPENSSL_PUT_ERROR(EVP, EVP_R_DECODE_ERROR);

  240.     return NULL;

  241.   }

  242. 

  243.   // Parse with the legacy format.

  244.   CBS cbs;

  245.   CBS_init(&cbs, *inp, (size_t)len);

  246.   EVP_PKEY *ret = old_priv_decode(&cbs, type);

  247.   if (ret == NULL) {

  248.     // Try again with PKCS#8.

  249.     ERR_clear_error();

  250.     CBS_init(&cbs, *inp, (size_t)len);

  251.     ret = EVP_parse_private_key(&cbs);

  252.     if (ret == NULL) {

  253.       return NULL;

  254.     }

  255.     if (ret->type != type) {

  256.       OPENSSL_PUT_ERROR(EVP, EVP_R_DIFFERENT_KEY_TYPES);

  257.       EVP_PKEY_free(ret);

  258.       return NULL;

  259.     }

  260.   }

  261. 

  262.   if (out != NULL) {

  263.     EVP_PKEY_free(*out);

  264.     *out = ret;

  265.   }

  266.   *inp = CBS_data(&cbs);

  267.   return ret;

  268. }

  269. 

  270. // num_elements parses one SEQUENCE from |in| and returns the number of elements

  271. // in it. On parse error, it returns zero.

  272. static size_t num_elements(const uint8_t *in, size_t in_len) {

  273.   CBS cbs, sequence;

  274.   CBS_init(&cbs, in, (size_t)in_len);

  275. 

  276.   if (!CBS_get_asn1(&cbs, &sequence, CBS_ASN1_SEQUENCE)) {

  277.     return 0;

  278.   }

  279. 

  280.   size_t count = 0;

  281.   while (CBS_len(&sequence) > 0) {

  282.     if (!CBS_get_any_asn1_element(&sequence, NULL, NULL, NULL)) {

  283.       return 0;

  284.     }

  285. 

  286.     count++;

  287.   }

  288. 

  289.   return count;

  290. }

  291. 

  292. EVP_PKEY *d2i_AutoPrivateKey(EVP_PKEY **out, const uint8_t **inp, long len) {

  293.   if (len < 0) {

  294.     OPENSSL_PUT_ERROR(EVP, EVP_R_DECODE_ERROR);

  295.     return NULL;

  296.   }

  297. 

  298.   // Parse the input as a PKCS#8 PrivateKeyInfo.

  299.   CBS cbs;

  300.   CBS_init(&cbs, *inp, (size_t)len);

  301.   EVP_PKEY *ret = EVP_parse_private_key(&cbs);

  302.   if (ret != NULL) {

  303.     if (out != NULL) {

  304.       EVP_PKEY_free(*out);

  305.       *out = ret;

  306.     }

  307.     *inp = CBS_data(&cbs);

  308.     return ret;

  309.   }

  310.   ERR_clear_error();

  311. 

  312.   // Count the elements to determine the legacy key format.

  313.   switch (num_elements(*inp, (size_t)len)) {

  314.     case 4:

  315.       return d2i_PrivateKey(EVP_PKEY_EC, out, inp, len);

  316. 

  317.     case 6:

  318.       return d2i_PrivateKey(EVP_PKEY_DSA, out, inp, len);

  319. 

  320.     default:

  321.       return d2i_PrivateKey(EVP_PKEY_RSA, out, inp, len);

  322.   }

  323. }

  324. 

  325. int i2d_PublicKey(EVP_PKEY *key, uint8_t **outp) {

  326.   switch (key->type) {

  327.     case EVP_PKEY_RSA:

  328.       return i2d_RSAPublicKey(key->pkey.rsa, outp);

  329.     case EVP_PKEY_DSA:

  330.       return i2d_DSAPublicKey(key->pkey.dsa, outp);

  331.     case EVP_PKEY_EC:

  332.       return i2o_ECPublicKey(key->pkey.ec, outp);

  333.     default:

  334.       OPENSSL_PUT_ERROR(EVP, EVP_R_UNSUPPORTED_PUBLIC_KEY_TYPE);

  335.       return -1;

  336.   }

  337. }