Display multiple names by levitte · Pull Request #9979 · openssl/openssl

levitte · 2019-09-23T10:05:14Z

This adds the functionality necessary to display multiple names on provided algorithm implementations nicely. While I was at it, I also added missing common functions related to fetched implementations.

levitte · 2019-09-23T10:05:57Z

When merged with #8985, I get this display:

: ; ./util/shlib_wrap.sh apps/openssl list -cipher-algorithms
Legacy:
  AES-128-CBC
  AES-128-CBC-HMAC-SHA1
  AES-128-CBC-HMAC-SHA256
  id-aes128-CCM
  AES-128-CFB
  AES-128-CFB1
  AES-128-CFB8
  AES-128-CTR
  AES-128-ECB
  id-aes128-GCM
  AES-128-OCB
  AES-128-OFB
  AES-128-SIV
  AES-128-XTS
  AES-192-CBC
  id-aes192-CCM
  AES-192-CFB
  AES-192-CFB1
  AES-192-CFB8
  AES-192-CTR
  AES-192-ECB
  id-aes192-GCM
  AES-192-OCB
  AES-192-OFB
  AES-192-SIV
  AES-256-CBC
  AES-256-CBC-HMAC-SHA1
  AES-256-CBC-HMAC-SHA256
  id-aes256-CCM
  AES-256-CFB
  AES-256-CFB1
  AES-256-CFB8
  AES-256-CTR
  AES-256-ECB
  id-aes256-GCM
  AES-256-OCB
  AES-256-OFB
  AES-256-SIV
  AES-256-XTS
  aes128 => AES-128-CBC
  aes128-wrap => id-aes128-wrap
  aes192 => AES-192-CBC
  aes192-wrap => id-aes192-wrap
  aes256 => AES-256-CBC
  aes256-wrap => id-aes256-wrap
  ARIA-128-CBC
  ARIA-128-CCM
  ARIA-128-CFB
  ARIA-128-CFB1
  ARIA-128-CFB8
  ARIA-128-CTR
  ARIA-128-ECB
  ARIA-128-GCM
  ARIA-128-OFB
  ARIA-192-CBC
  ARIA-192-CCM
  ARIA-192-CFB
  ARIA-192-CFB1
  ARIA-192-CFB8
  ARIA-192-CTR
  ARIA-192-ECB
  ARIA-192-GCM
  ARIA-192-OFB
  ARIA-256-CBC
  ARIA-256-CCM
  ARIA-256-CFB
  ARIA-256-CFB1
  ARIA-256-CFB8
  ARIA-256-CTR
  ARIA-256-ECB
  ARIA-256-GCM
  ARIA-256-OFB
  aria128 => ARIA-128-CBC
  aria192 => ARIA-192-CBC
  aria256 => ARIA-256-CBC
  bf => BF-CBC
  BF-CBC
  BF-CFB
  BF-ECB
  BF-OFB
  blowfish => BF-CBC
  CAMELLIA-128-CBC
  CAMELLIA-128-CFB
  CAMELLIA-128-CFB1
  CAMELLIA-128-CFB8
  CAMELLIA-128-CTR
  CAMELLIA-128-ECB
  CAMELLIA-128-OFB
  CAMELLIA-192-CBC
  CAMELLIA-192-CFB
  CAMELLIA-192-CFB1
  CAMELLIA-192-CFB8
  CAMELLIA-192-CTR
  CAMELLIA-192-ECB
  CAMELLIA-192-OFB
  CAMELLIA-256-CBC
  CAMELLIA-256-CFB
  CAMELLIA-256-CFB1
  CAMELLIA-256-CFB8
  CAMELLIA-256-CTR
  CAMELLIA-256-ECB
  CAMELLIA-256-OFB
  camellia128 => CAMELLIA-128-CBC
  camellia192 => CAMELLIA-192-CBC
  camellia256 => CAMELLIA-256-CBC
  cast => CAST5-CBC
  cast-cbc => CAST5-CBC
  CAST5-CBC
  CAST5-CFB
  CAST5-ECB
  CAST5-OFB
  ChaCha20
  ChaCha20-Poly1305
  des => DES-CBC
  DES-CBC
  DES-CFB
  DES-CFB1
  DES-CFB8
  DES-ECB
  DES-EDE
  DES-EDE-CBC
  DES-EDE-CFB
  des-ede-ecb => DES-EDE
  DES-EDE-OFB
  DES-EDE3
  DES-EDE3-CBC
  DES-EDE3-CFB
  DES-EDE3-CFB1
  DES-EDE3-CFB8
  des-ede3-ecb => DES-EDE3
  DES-EDE3-OFB
  DES-OFB
  des3 => DES-EDE3-CBC
  des3-wrap => id-smime-alg-CMS3DESwrap
  desx => DESX-CBC
  DESX-CBC
  id-aes128-CCM
  id-aes128-GCM
  id-aes128-wrap
  id-aes128-wrap-pad
  id-aes192-CCM
  id-aes192-GCM
  id-aes192-wrap
  id-aes192-wrap-pad
  id-aes256-CCM
  id-aes256-GCM
  id-aes256-wrap
  id-aes256-wrap-pad
  id-smime-alg-CMS3DESwrap
  idea => IDEA-CBC
  IDEA-CBC
  IDEA-CFB
  IDEA-ECB
  IDEA-OFB
  rc2 => RC2-CBC
  rc2-128 => RC2-CBC
  rc2-40 => RC2-40-CBC
  RC2-40-CBC
  rc2-64 => RC2-64-CBC
  RC2-64-CBC
  RC2-CBC
  RC2-CFB
  RC2-ECB
  RC2-OFB
  RC4
  RC4-40
  RC4-HMAC-MD5
  seed => SEED-CBC
  SEED-CBC
  SEED-CFB
  SEED-ECB
  SEED-OFB
  sm4 => SM4-CBC
  SM4-CBC
  SM4-CFB
  SM4-CTR
  SM4-ECB
  SM4-OFB
Provided:
  AES-256-ECB @ default
  AES-192-ECB @ default
  AES-128-ECB @ default
  AES-256-CBC @ default
  AES-192-CBC @ default
  AES-128-CBC @ default
  AES-256-OFB @ default
  AES-192-OFB @ default
  AES-128-OFB @ default
  AES-256-CFB @ default
  AES-192-CFB @ default
  AES-128-CFB @ default
  AES-256-CFB1 @ default
  AES-192-CFB1 @ default
  AES-128-CFB1 @ default
  AES-256-CFB8 @ default
  AES-192-CFB8 @ default
  AES-128-CFB8 @ default
  AES-256-CTR @ default
  AES-192-CTR @ default
  AES-128-CTR @ default
  AES-256-XTS @ default
  AES-128-XTS @ default
  AES-256-OCB @ default
  AES-192-OCB @ default
  AES-128-OCB @ default
  { AES-256-GCM, id-aes256-GCM } @ default
  { AES-192-GCM, id-aes192-GCM } @ default
  { AES-128-GCM, id-aes128-GCM } @ default
  { AES-256-CCM, id-aes256-CCM } @ default
  { AES-192-CCM, id-aes192-CCM } @ default
  { AES-128-CCM, id-aes128-CCM } @ default
  { AES-256-WRAP, AES256-WRAP, id-aes256-wrap } @ default
  { AES-192-WRAP, AES192-WRAP, id-aes192-wrap } @ default
  { AES-128-WRAP, AES128-WRAP, id-aes128-wrap } @ default
  { AES-256-WRAP-PAD, AES256-WRAP-PAD, id-aes256-wrap-pad } @ default
  { AES-192-WRAP-PAD, AES192-WRAP-PAD, id-aes192-wrap-pad } @ default
  { AES-128-WRAP-PAD, AES128-WRAP-PAD, id-aes128-wrap-pad } @ default
  ARIA-256-GCM @ default
  ARIA-192-GCM @ default
  ARIA-128-GCM @ default
  ARIA-256-CCM @ default
  ARIA-192-CCM @ default
  ARIA-128-CCM @ default
  ARIA-256-ECB @ default
  ARIA-192-ECB @ default
  ARIA-128-ECB @ default
  { ARIA-256-CBC, ARIA256 } @ default
  { ARIA-192-CBC, ARIA192 } @ default
  { ARIA-128-CBC, ARIA128 } @ default
  ARIA-256-OFB @ default
  ARIA-192-OFB @ default
  ARIA-128-OFB @ default
  ARIA-256-CFB @ default
  ARIA-192-CFB @ default
  ARIA-128-CFB @ default
  ARIA-256-CFB1 @ default
  ARIA-192-CFB1 @ default
  ARIA-128-CFB1 @ default
  ARIA-256-CFB8 @ default
  ARIA-192-CFB8 @ default
  ARIA-128-CFB8 @ default
  ARIA-256-CTR @ default
  ARIA-192-CTR @ default
  ARIA-128-CTR @ default
  CAMELLIA-256-ECB @ default
  CAMELLIA-192-ECB @ default
  CAMELLIA-128-ECB @ default
  { CAMELLIA-256-CBC, CAMELLIA256 } @ default
  { CAMELLIA-192-CBC, CAMELLIA192 } @ default
  { CAMELLIA-128-CBC, CAMELLIA128 } @ default
  CAMELLIA-256-OFB @ default
  CAMELLIA-192-OFB @ default
  CAMELLIA-128-OFB @ default
  CAMELLIA-256-CFB @ default
  CAMELLIA-192-CFB @ default
  CAMELLIA-128-CFB @ default
  CAMELLIA-256-CFB1 @ default
  CAMELLIA-192-CFB1 @ default
  CAMELLIA-128-CFB1 @ default
  CAMELLIA-256-CFB8 @ default
  CAMELLIA-192-CFB8 @ default
  CAMELLIA-128-CFB8 @ default
  CAMELLIA-256-CTR @ default
  CAMELLIA-192-CTR @ default
  CAMELLIA-128-CTR @ default
  { DES-EDE3, DES-EDE3-ECB } @ default
  { DES-EDE3-CBC, DES3 } @ default
  DES-EDE3-OFB @ default
  DES-EDE3-CFB @ default
  DES-EDE3-CFB8 @ default
  DES-EDE3-CFB1 @ default
  { DES-EDE, DES-EDE-ECB } @ default
  DES-EDE-CBC @ default
  DES-EDE-OFB @ default
  DES-EDE-CFB @ default
  { DESX, DESX-CBC } @ default
  { DES3-WRAP, id-smime-alg-CMS3DESwrap } @ default
  DES-ECB @ default
  { DES, DES-CBC } @ default
  DES-OFB @ default
  DES-CFB @ default
  DES-CFB1 @ default
  DES-CFB8 @ default
  BF-ECB @ default
  { BF, BF-CBC, BLOWFISH } @ default
  BF-OFB @ default
  BF-CFB @ default
  IDEA-ECB @ default
  { IDEA, IDEA-CBC } @ default
  { IDEA-OFB, IDEA-OFB64 } @ default
  { IDEA-CFB, IDEA-CFB64 } @ default
  CAST5-ECB @ default
  { CAST, CAST-CBC, CAST5-CBC } @ default
  CAST5-OFB @ default
  CAST5-CFB @ default
  SEED-ECB @ default
  { SEED, SEED-CBC } @ default
  { SEED-OFB, SEED-OFB128 } @ default
  { SEED-CFB, SEED-CFB128 } @ default
  SM4-ECB @ default
  { SM4, SM4-CBC } @ default
  SM4-CTR @ default
  { SM4-OFB, SM4-OFB128 } @ default
  { SM4-CFB, SM4-CFB128 } @ default

levitte · 2019-09-23T10:21:39Z

./util/shlib_wrap.sh apps/openssl provider -v default bombed... it turns out that there are a few pieces missing, still

levitte · 2019-10-14T03:52:23Z

Not WIP any more

t8m · 2019-10-14T13:01:24Z

CI failures are relevant unfortunately.

crypto/evp/exchange.c

crypto/evp/keymgmt_meth.c

crypto/evp/pmeth_fn.c

mattcaswell · 2019-10-15T08:22:00Z

Needs a rebase

levitte · 2019-10-15T09:51:01Z

Done

mattcaswell · 2019-10-15T10:44:39Z

doc-nits is complaining

levitte · 2019-10-15T13:05:22Z

doc-nits failure fixed

apps/lib/names.c

include/openssl/evp.h

t8m

Approved if CI passes.

levitte · 2019-10-16T13:29:25Z

CIs are good, libcrypto.num needs an adjustment. Does your approval hold for that?

Clean up a few manual pages that we're about to touch, according to conventions found in Linux' man-pages(7); function arguments in descriptions should be in italics, and types, macros and similar should be in bold, with the exception for NULL.

This adds the missing functions that should be common for all fetchable EVP sub-APIs: EVP_KEYMGMT_is_a(), EVP_KEYMGMT_do_all_provided(), EVP_KEYEXCH_is_a(), EVP_KEYEXCH_do_all_provided(), EVP_KDF_is_a(), EVP_MD_is_a(), EVP_SIGNATURE_do_all_provided(), EVP_SIGNATURE_is_a(). This also renames EVP_MD_do_all_ex(), EVP_CIPHER_do_all_ex(), EVP_KDF_do_all_ex(), EVP_MAC_do_all_ex() to change '_ex' to '_provided'.

t8m · 2019-10-16T14:31:51Z

Yes

The following new functions all do the same thing; they traverse the set of names assigned to implementations of each algorithm type: EVP_MD_names_do_all(), EVP_CIPHER_names_do_all(), EVP_MAC_names_do_all(), EVP_KEYMGMT_names_do_all(), EVP_KEYEXCH_names_do_all(), EVP_KDF_names_do_all(), EVP_SIGNATURE_names_do_all() We add a warning to the documentation of EVP_CIPHER_name() and EVP_MD_name(), as they aren't suitable to use with multiple-name implementation. We also remove EVP_MAC_name() and evp_KDF_name(), as they serve no useful purpose.

The returned number can be used for comparison purposes.

Method data was passed down as provider to ossl_algorithm_do_all(), which causes trouble as soon a it's non-NULL. Pass it via the data structure instead.

"name_cmp" caused a clash when linking with the static libcrypto. The slight rename is better than nothing, as v3_ is an already existing prefix.

levitte · 2019-10-16T14:45:20Z

Argh, the squash was more laborious than I thought it was going to be. Please re-review

Clean up a few manual pages that we're about to touch, according to conventions found in Linux' man-pages(7); function arguments in descriptions should be in italics, and types, macros and similar should be in bold, with the exception for NULL. Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from #9979)

This adds the missing functions that should be common for all fetchable EVP sub-APIs: EVP_KEYMGMT_is_a(), EVP_KEYMGMT_do_all_provided(), EVP_KEYEXCH_is_a(), EVP_KEYEXCH_do_all_provided(), EVP_KDF_is_a(), EVP_MD_is_a(), EVP_SIGNATURE_do_all_provided(), EVP_SIGNATURE_is_a(). This also renames EVP_MD_do_all_ex(), EVP_CIPHER_do_all_ex(), EVP_KDF_do_all_ex(), EVP_MAC_do_all_ex() to change '_ex' to '_provided'. Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from #9979)

The following new functions all do the same thing; they traverse the set of names assigned to implementations of each algorithm type: EVP_MD_names_do_all(), EVP_CIPHER_names_do_all(), EVP_MAC_names_do_all(), EVP_KEYMGMT_names_do_all(), EVP_KEYEXCH_names_do_all(), EVP_KDF_names_do_all(), EVP_SIGNATURE_names_do_all() We add a warning to the documentation of EVP_CIPHER_name() and EVP_MD_name(), as they aren't suitable to use with multiple-name implementation. We also remove EVP_MAC_name() and evp_KDF_name(), as they serve no useful purpose. Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from #9979)

The returned number can be used for comparison purposes. Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from #9979)

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from #9979)

Method data was passed down as provider to ossl_algorithm_do_all(), which causes trouble as soon a it's non-NULL. Pass it via the data structure instead. Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from #9979)

"name_cmp" caused a clash when linking with the static libcrypto. The slight rename is better than nothing, as v3_ is an already existing prefix. Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from #9979)

levitte · 2019-10-17T07:18:47Z

Thank you all!

Merged.

ee2161e Some docs cleanup
251e610 EVP: add missing common functionality
f651c72 EVP: add name traversal functions to all fetchable types
506cb0f EVP: add functions that return the name number
031873f 'openssl list' and 'openssl provider': adapt display of multiple names
4dc0d81 evp_generic_do_all(): fix passing of method data
5f5edd7 Rename internal function name_cmp() to v3_name_cmp()

levitte added the branch: master Applies to master branch label Sep 23, 2019

levitte mentioned this pull request Oct 10, 2019

WIP: Infrastructure for fetchable RAND. #10144

Closed

2 tasks

levitte force-pushed the display-multiple-names branch from c233f28 to 7f09739 Compare October 14, 2019 03:50

levitte changed the title ~~WIP: Display multiple names~~ Display multiple names Oct 14, 2019

levitte force-pushed the display-multiple-names branch from bdc3476 to 8681819 Compare October 14, 2019 14:30

mattcaswell requested changes Oct 14, 2019

View reviewed changes

crypto/evp/exchange.c Outdated Show resolved Hide resolved

crypto/evp/keymgmt_meth.c Outdated Show resolved Hide resolved

crypto/evp/pmeth_fn.c Outdated Show resolved Hide resolved

levitte force-pushed the display-multiple-names branch from d3db6ac to edd56bc Compare October 14, 2019 19:30

levitte mentioned this pull request Oct 14, 2019

Implement asymmetric cipher support #10152

Closed

levitte force-pushed the display-multiple-names branch from edd56bc to 768922c Compare October 15, 2019 09:51

t8m reviewed Oct 16, 2019

View reviewed changes

apps/lib/names.c Outdated Show resolved Hide resolved

include/openssl/evp.h Outdated Show resolved Hide resolved

levitte force-pushed the display-multiple-names branch from ffd9eda to 5044bad Compare October 16, 2019 11:35

t8m approved these changes Oct 16, 2019

View reviewed changes

Some docs cleanup

90fb9f1

Clean up a few manual pages that we're about to touch, according to conventions found in Linux' man-pages(7); function arguments in descriptions should be in italics, and types, macros and similar should be in bold, with the exception for NULL.

levitte force-pushed the display-multiple-names branch from 63565b5 to b2f9886 Compare October 16, 2019 14:24

levitte added 5 commits October 16, 2019 16:34

EVP: add functions that return the name number

ce3ed23

The returned number can be used for comparison purposes.

'openssl list' and 'openssl provider': adapt display of multiple names

6c41827

evp_generic_do_all(): fix passing of method data

922eb5b

Method data was passed down as provider to ossl_algorithm_do_all(), which causes trouble as soon a it's non-NULL. Pass it via the data structure instead.

Rename internal function name_cmp() to v3_name_cmp()

4dae7a2

"name_cmp" caused a clash when linking with the static libcrypto. The slight rename is better than nothing, as v3_ is an already existing prefix.

levitte force-pushed the display-multiple-names branch from b2f9886 to 4dae7a2 Compare October 16, 2019 14:44

levitte requested a review from t8m October 16, 2019 14:45

t8m approved these changes Oct 16, 2019

View reviewed changes

levitte added a commit that referenced this pull request Oct 17, 2019

EVP: add functions that return the name number

506cb0f

The returned number can be used for comparison purposes. Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from #9979)

levitte added a commit that referenced this pull request Oct 17, 2019

'openssl list' and 'openssl provider': adapt display of multiple names

031873f

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from #9979)

levitte closed this Oct 17, 2019

Uh oh!

Conversation

levitte commented Sep 23, 2019

Uh oh!

levitte commented Sep 23, 2019

Uh oh!

levitte commented Sep 23, 2019 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

levitte commented Oct 14, 2019

Uh oh!

t8m commented Oct 14, 2019

Uh oh!

Uh oh!

Uh oh!

Uh oh!

mattcaswell commented Oct 15, 2019

Uh oh!

levitte commented Oct 15, 2019

Uh oh!

mattcaswell commented Oct 15, 2019

Uh oh!

levitte commented Oct 15, 2019

Uh oh!

Uh oh!

Uh oh!

t8m left a comment

Choose a reason for hiding this comment

Uh oh!

levitte commented Oct 16, 2019

Uh oh!

t8m commented Oct 16, 2019

Uh oh!

levitte commented Oct 16, 2019

Uh oh!

levitte commented Oct 17, 2019

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

3 participants

levitte commented Sep 23, 2019 •

edited

Loading