git.ipfire.org Git - thirdparty/openssl.git/commit

author	Viktor Dukhovni <openssl-users@dukhovni.org>
	Tue, 25 Feb 2025 07:17:02 +0000 (18:17 +1100)
committer	Tomas Mraz <tomas@openssl.org>
	Wed, 26 Feb 2025 14:13:57 +0000 (15:13 +0100)
commit	44a64029c3c5357c5b32dbe45b7f55ab7866ad3f
tree	c07399364568eb62847d3b3caed882a3d3bc01dd	tree \| snapshot
parent	f11c10d83e95ecbff8a7670168a52495d2ee080f	commit \| diff

Use better data type info in decoders

The decoders in some cases failed to capture or propagate
information about what is being decoded, causing more work
happen to try unrelated decoders as a fallback.

We now try harder to keep track of the expected object (private key or
public key, if known), and the algorithm determined from the OID of a
PKCS8 object or SPKI. This leads in many cases to fewer decoder
invocations. With so many more algorithms now, trying every decoder
is increasingly best avoided.

Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/26892)

crypto/encode_decode/decoder_lib.c		diff \| blob \| blame \| history
crypto/encode_decode/decoder_pkey.c		diff \| blob \| blame \| history
include/internal/sizes.h		diff \| blob \| blame \| history
providers/decoders.inc		diff \| blob \| blame \| history
providers/implementations/encode_decode/decode_epki2pki.c		diff \| blob \| blame \| history
providers/implementations/encode_decode/decode_pem2der.c		diff \| blob \| blame \| history
providers/implementations/encode_decode/decode_spki2typespki.c		diff \| blob \| blame \| history
providers/implementations/include/prov/decoders.h	[new file with mode: 0644]	blob
providers/implementations/storemgmt/file_store.c		diff \| blob \| blame \| history
util/perl/OpenSSL/paramnames.pm		diff \| blob \| blame \| history