Make ASN1_{primitive,template}_* internal

These were long removed from the public OpenSSL API, so we can do the
same. Remove ASN1_template_{d2i,i2d}() - those are unused internally.

ok jsing

Hide symbols in asn1 and bio

ok jsing@

Revert disablement of the encoding cache

Without the cache, we verify CRL signatures on bytes that have been
pulled through d2i_ -> i2d_, this can cause reordering, which in turn
invalidates the sig

Revert disablement of the encoding cache

Without the cache, we verify CRL signatures on bytes that have been
pulled through d2i_ -> i2d_, this can cause reordering, which in turn
invalidates the signature. for example if in the original CRL revocation
entries were sorted by date instead of ascending serial number order.

There are probably multiple things we can do here, but they will need
careful consideration and planning.

OK jsing@

show more ...

Remove preservation and use of cached DER/BER encodings in the d2i/i2d paths

A long time ago a workflow was envisioned for X509, X509_CRL, and X509_REQ
structures in which only fields modified after

Remove preservation and use of cached DER/BER encodings in the d2i/i2d paths

A long time ago a workflow was envisioned for X509, X509_CRL, and X509_REQ
structures in which only fields modified after deserialization would need to
be re-encoded upon serialization.

Unfortunately, over the years, authors would sometimes forget to add code in
setter functions to trigger invalidation of previously cached DER encodings.

The presence of stale versions of structures can lead to very hard-to-debug
issues and cause immense sorrow.

Fully removing the concept of caching DER encodings ensures stale versions
of structures can never rear their ugly heads again.

OK tb@ jsing@

show more ...

Make internal header file names consistent

Libcrypto currently has a mess of *_lcl.h, *_locl.h, and *_local.h names
used for internal headers. Move all these headers we inherited from
OpenSSL to *_l

Make internal header file names consistent

Libcrypto currently has a mess of *_lcl.h, *_locl.h, and *_local.h names
used for internal headers. Move all these headers we inherited from
OpenSSL to *_local.h, reserving the name *_internal.h for our own code.
Similarly, move dtls_locl.h and ssl_locl.h to dtls_local and ssl_local.h.
constant_time_locl.h is moved to constant_time.h since it's special.

Adjust all .c files in libcrypto, libssl and regress.

The diff is mechanical with the exception of tls13_quic.c, where
#include <ssl_locl.h> was fixed manually.

discussed with jsing,
no objection bcook

show more ...

Rewrap some lines, no functional change.

Tidy up asn1_c2i_primitive() slightly.

Rename some variables and consistently goto error.

ok tb@

Avoid recycling ASN1_STRINGs when decoding ASN.1.

Rather than recycling an existing ASN1_STRING and changing its type, free
it and allocate a replacement. This simplifies the code and potentially
av

Avoid recycling ASN1_STRINGs when decoding ASN.1.

Rather than recycling an existing ASN1_STRING and changing its type, free
it and allocate a replacement. This simplifies the code and potentially
avoids bugs resulting from reuse.

ok tb@

show more ...

Ensure ASN.1 types are appropriately encoded.

Per X.690, some ASN.1 types must be primitive encoded, some must be
constructed and some may be either. Add this data to our types table
and check the e

Ensure ASN.1 types are appropriately encoded.

Per X.690, some ASN.1 types must be primitive encoded, some must be
constructed and some may be either. Add this data to our types table
and check the encoding against this information when decoding.

ok tb@

show more ...

Provide c2i_ASN1_ENUMERATED_cbs() and call it from asn1_c2i_primitive().

This avoids asn1_c2i_primitive() from needing knowledge about the internals
of ASN1_INTEGER and ASN1_ENUMERATED.

ok tb@

Refactor asn1 time parsing to use CBS - enforce valid times in ASN.1 parsing.

While we're here enforce valid days for months and leap years.

Inspired by same in boringssl.

ok jsing@

Use ints for boolean values.

Switch to using ints for boolean values and use 0 or 1 for constructed,
rather than using 0 the ASN.1 tag encoded value (1 << 5).

ok tb@

Remove some unhelpful comments and spell NULL correctly.

Factor out ASN1_ITYPE_EXTERN handling.

Factor out the ef->asn1_ex_d2i() callback handling - this allows us to pull
out all of the related variables into a self-contained function.

ok tb@

Use 'at' for ASN1_TEMPLATE variable names rather than 'tt'.

Also use array indexes for it->templates, rather than trying to be extra
clever in for loops (suggested by tb@ during a review).

No funct

Use 'at' for ASN1_TEMPLATE variable names rather than 'tt'.

Also use array indexes for it->templates, rather than trying to be extra
clever in for loops (suggested by tb@ during a review).

No functional change.

ok tb@

show more ...

Remove _ex_ from all of the internal function names.

It no longer makes sense to have "extended" versions of functions
internally.

No functional change.

ok tb@

Reorder functions within file.

Order functions by use, moving public API to the bottom and utility
functions to the top. This makes the code more logical/readable, plus we
can remove all except one

Reorder functions within file.

Order functions by use, moving public API to the bottom and utility
functions to the top. This makes the code more logical/readable, plus we
can remove all except one of the static function prototypes.

No functional change.

show more ...

Rewrite the asn1_template_*() functions with CBS.

Rewrite the asn1_template_*() functions with CBS, readable variable names
and free then alloc.

This was the last caller of asn1_check_eoc() and asn

Rewrite the asn1_template_*() functions with CBS.

Rewrite the asn1_template_*() functions with CBS, readable variable names
and free then alloc.

This was the last caller of asn1_check_eoc() and asn1_check_tag(), hence
remove them and rename the _cbs suffixed versions in their place.

ok tb@

show more ...

Refactor asn1_d2i_ex_primitive()

Split the object content handling off into asn1_d2i_ex_primitive_content(),
move the handling ov V_ASN1_ANY into asn1_d2i_ex_any() and move the MSTRING
handling into

Refactor asn1_d2i_ex_primitive()

Split the object content handling off into asn1_d2i_ex_primitive_content(),
move the handling ov V_ASN1_ANY into asn1_d2i_ex_any() and move the MSTRING
handling into asn1_d2i_ex_mstring(). This way we parse the header once
(rather than twice for ANY and MSTRING), then process the content, while
also avoiding complex special cases in a single code path.

ok tb@

show more ...

Refactor ASN.1 template functions before rewriting.

Change asn1_template_ex_d2i() so that we short circuit in the no explicit
tagging case.

Split out the SET OF/SEQUENCE OF handling from asn1_templ

Refactor ASN.1 template functions before rewriting.

Change asn1_template_ex_d2i() so that we short circuit in the no explicit
tagging case.

Split out the SET OF/SEQUENCE OF handling from asn1_template_noexp_d2i()
into a asn1_template_stack_of_d2i() function and simplify the remaining
code.

ok tb@

show more ...

Rewrite asn1_item_ex_d2i_sequence() using CBS and readable variable names.

Now that combine no longer exists, we can also free and reallocate.

ok tb@

Call the ASN1_OP_D2I_PRE callback after ASN1_item_ex_new().

In asn1_item_ex_d2i_choice(), only call the ASN1_OP_D2I_PRE callback after
allocation has occurred via ASN1_item_ex_new(). This matches th

Call the ASN1_OP_D2I_PRE callback after ASN1_item_ex_new().

In asn1_item_ex_d2i_choice(), only call the ASN1_OP_D2I_PRE callback after
allocation has occurred via ASN1_item_ex_new(). This matches the sequence
handling code and the documentation.

Discussed with tb@

show more ...

Rewrite asn1_item_ex_d2i_choice() using CBS.

Now that combine no longer exists, we can also free and reallocate.

ok tb@

Rewrite asn1_enc_save() using CBS.

Rework and clean up other asn1_enc_* related functions while here.

ok tb@

Remove ASN1_AFLG_BROKEN.

This workaround was used by ASN1_BROKEN_SEQUENCE, which existed for
NETSCAPE_ENCRYPTED_PKEY. Remove the workaround since the only consumer
has already been removed.

ok tb@