We didn't deal very well with names that didn't have pre-defined NIDs,
as the NID zero travelled through the full process and resulted in an
inaccessible method. By consequence, we need to refactor the method
construction callbacks to rely more on algorithm names.
We must, however, still store the legacy NID with the method, for the
sake of other code that depend on it (for example, CMS).
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8878)
This avoids using the ASN1_OBJECT database, which is bloated for the
purpose of a simple number <-> name database.
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8878)
Various core and property related code files used global data. We should
store all of that in an OPENSSL_CTX instead.
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8857)
ossl_method_store_cache_get() and ossl_method_store_cache_set() were
called with a NULL argument for store, which means no caching is
done. Give them a real store instead.
Also, increment the refcount when we do get a method out of the cache.
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8781)
When we attempt to fetch a method with a given NID we will ask the
providers for it if we don't already know about it. During that process
we may be told about other methods with a different NID. We need to
make sure we don't confuse the two.
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8541)
EVP_MD_fetch() can be given a property query string. However, there
are cases when it won't, for example in implicit fetches. Therefore,
we also need a way to set a global property query string to be used in
all subsequent fetches. This also applies to all future algorithm
fetching functions.
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8681)
This is an interface between Core dispatch table fetching and
EVP_{method}_fetch(). All that's needed from the diverse method
fetchers are the functions to create a method structure from a
dispatch table, a function that ups the method reference counter and a
function to free the method (in case of failure).
This routine is internal to the EVP API andis therefore only made
accessible within crypto/evp, by including evp_locl.h
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8341)
Richard Levitte
Matt Caswell