Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
L
libvmod-crypto
Project
Project
Details
Activity
Releases
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Wiki
Wiki
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
uplex-varnish
libvmod-crypto
Commits
0c015f92
Unverified
Commit
0c015f92
authored
Jun 13, 2023
by
Nils Goroll
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Retire MD4. It has been depecared in OpenSSL since 3.0.0 [7 Sep 2021]
parent
517be163
Changes
7
Expand all
Hide whitespace changes
Inline
Side-by-side
Showing
7 changed files
with
30 additions
and
229 deletions
+30
-229
README.rst
README.rst
+23
-6
Makefile.am
src/Makefile.am
+3
-214
md.c
src/md.c
+0
-3
tbl_md.h
src/tbl_md.h
+0
-1
vmod_crypto.rst
src/vmod_crypto.rst
+2
-2
vmod_crypto.vcc
src/vmod_crypto.vcc
+2
-2
gen.sh
src/vtc/sigs/gen.sh
+0
-1
No files found.
README.rst
View file @
0c015f92
...
...
@@ -98,6 +98,10 @@ BLOB xkey.use()
Wrap the key in a blob to be passed to `crypto.verifier()`_
Restricted to: ``vcl_init``.
.. _xkey.pem_pubkey():
VOID xkey.pem_pubkey(STRING)
...
...
@@ -111,13 +115,17 @@ comprise RSA and DSA.
Any error is fatal to vcl initialization.
Restricted to: ``vcl_init``.
.. _xkey.pem_privkey():
VOID xkey.pem_privkey(STRING, STRING password=0)
------------------------------------------------
Create a key from the PEM-encoded private key, optionally decrypting
it using
`password`
.
it using
_password_
.
The cryptographic method to be used and the key length are
automatically determined from _pem_. Typically supported methods
...
...
@@ -125,6 +133,10 @@ comprise RSA and DSA.
Any error is fatal to vcl initialization.
Restricted to: ``vcl_init``.
.. _xkey.rsa():
VOID xkey.rsa(BLOB n, BLOB e, [BLOB d])
...
...
@@ -134,6 +146,10 @@ Create an RSA key from the parameters n, e, and optionally d.
Any error is fatal to vcl initialization.
Restricted to: ``vcl_init``.
.. _crypto.verifier():
new xverifier = crypto.verifier(ENUM digest, [STRING pem], [BLOB key])
...
...
@@ -142,7 +158,7 @@ new xverifier = crypto.verifier(ENUM digest, [STRING pem], [BLOB key])
::
new xverifier = crypto.verifier(
ENUM {md_null, md
4, md
5, sha1, sha224, sha256, sha384, sha512, ripemd160, rmd160, whirlpool} digest,
ENUM {md_null, md5, sha1, sha224, sha256, sha384, sha512, ripemd160, rmd160, whirlpool} digest,
[STRING pem],
[BLOB key]
)
...
...
@@ -189,9 +205,10 @@ BOOL xverifier.valid(BLOB signature)
Check if _signature_ is a valid signature for the _verifier_ object
given the previous updates.
Note that after calling .valid(), .update can be called again to add
additional data, which can then be validated against a (different)
signature using another call to .valid().
Note that after calling `xverifier.valid()`, `xverifier.update()` can
be called again to add additional data, which can then be validated
against a (different) signature using another call to
`xverifier.valid()`.
.. _crypto.signer():
...
...
@@ -201,7 +218,7 @@ new xsigner = crypto.signer(ENUM digest, [STRING pem], [BLOB key])
::
new xsigner = crypto.signer(
ENUM {md_null, md
4, md
5, sha1, sha224, sha256, sha384, sha512, ripemd160, rmd160, whirlpool} digest,
ENUM {md_null, md5, sha1, sha224, sha256, sha384, sha512, ripemd160, rmd160, whirlpool} digest,
[STRING pem],
[BLOB key]
)
...
...
src/Makefile.am
View file @
0c015f92
This diff is collapsed.
Click to expand it.
src/md.c
View file @
0c015f92
...
...
@@ -39,9 +39,6 @@ static const EVP_MD *mdtbl[_MD_E_MAX];
void
md_init
(
void
)
{
mdtbl
[
md_null
]
=
EVP_md_null
();
#ifndef OPENSSL_NO_MD4
mdtbl
[
md4
]
=
EVP_md4
();
#endif
#ifndef OPENSSL_NO_MD5
mdtbl
[
md5
]
=
EVP_md5
();
#endif
...
...
src/tbl_md.h
View file @
0c015f92
VMODENUM
(
md_null
)
VMODENUM
(
md4
)
VMODENUM
(
md5
)
VMODENUM
(
sha1
)
//VMODENUM(dss)
...
...
src/vmod_crypto.rst
View file @
0c015f92
...
...
@@ -155,7 +155,7 @@ new xverifier = crypto.verifier(ENUM digest, [STRING pem], [BLOB key])
::
new xverifier = crypto.verifier(
ENUM {md_null, md
4, md
5, sha1, sha224, sha256, sha384, sha512, ripemd160, rmd160, whirlpool} digest,
ENUM {md_null, md5, sha1, sha224, sha256, sha384, sha512, ripemd160, rmd160, whirlpool} digest,
[STRING pem],
[BLOB key]
)
...
...
@@ -215,7 +215,7 @@ new xsigner = crypto.signer(ENUM digest, [STRING pem], [BLOB key])
::
new xsigner = crypto.signer(
ENUM {md_null, md
4, md
5, sha1, sha224, sha256, sha384, sha512, ripemd160, rmd160, whirlpool} digest,
ENUM {md_null, md5, sha1, sha224, sha256, sha384, sha512, ripemd160, rmd160, whirlpool} digest,
[STRING pem],
[BLOB key]
)
...
...
src/vmod_crypto.vcc
View file @
0c015f92
...
...
@@ -83,7 +83,7 @@ Any error is fatal to vcl initialization.
$Restrict vcl_init
$Object verifier(ENUM {md_null, md
4, md
5, sha1, sha224,
$Object verifier(ENUM {md_null, md5, sha1, sha224,
sha256, sha384, sha512, ripemd160, rmd160, whirlpool} digest,
[STRING pem], [BLOB key])
...
...
@@ -122,7 +122,7 @@ be called again to add additional data, which can then be validated
against a (different) signature using another call to
`xverifier.valid()`.
$Object signer(ENUM {md_null, md
4, md
5, sha1, sha224,
$Object signer(ENUM {md_null, md5, sha1, sha224,
sha256, sha384, sha512, ripemd160, rmd160, whirlpool} digest,
[STRING pem], [BLOB key])
...
...
src/vtc/sigs/gen.sh
View file @
0c015f92
...
...
@@ -7,7 +7,6 @@ set -eux
cd
$(
dirname
$0
)
typeset
-ra
mds
=(
md4
md5
rmd160
sha1
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment