openssl

mirror of https://github.com/openssl/openssl.git synced 2024-11-27 05:21:51 +08:00

History

Richard Levitte 9767a3dca7 libcrypto: Eliminate as much use of EVP_PKEY_size() as possible Some uses were going against documented recommendations. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10798)		2020-01-19 02:47:46 +01:00
..
aes	For all assembler scripts where it matters, recognise clang > 9.x	2020-01-17 08:55:45 +01:00
aria
asn1	libcrypto: Eliminate as much use of EVP_PKEY_size() as possible	2020-01-19 02:47:46 +01:00
async
bf	Deprecate Low Level Blowfish APIs	2020-01-08 11:25:25 +00:00
bio	BIO: Add BIO_f_prefix(), a text line prefixing filter	2019-12-18 19:42:44 +01:00
bn	For all assembler scripts where it matters, recognise clang > 9.x	2020-01-17 08:55:45 +01:00
buffer
camellia	Deprecate Low Level Camellia APIs	2020-01-13 13:38:20 +00:00
cast	Deprecate the Low Level CAST APIs	2020-01-13 13:44:27 +00:00
chacha	For all assembler scripts where it matters, recognise clang > 9.x	2020-01-17 08:55:45 +01:00
cmac
cmp	chunk 6 of CMP contribution to OpenSSL	2019-12-12 10:57:25 +00:00
cms	Don't use the low level AES key wrap APIs in CMS	2020-01-06 15:09:57 +00:00
comp
conf	Make generated copyright year be "now"	2020-01-07 15:53:15 -05:00
crmf	chunk 6 of CMP contribution to OpenSSL	2019-12-12 10:57:25 +00:00
ct	Deprecate the low level SHA functions.	2020-01-19 10:14:39 +10:00
des	CRYPTO: split cipher_platform.h into algorithm specific headers	2019-12-19 13:31:29 +01:00
dh	CRYPTO: Remove support for ex_data fields when building the FIPS module	2020-01-15 23:45:41 +01:00
dsa	DSA: Move DSA_security_bits() and DSA_bits()	2020-01-17 09:04:42 +01:00
dso
ec	Deprecate the low level SHA functions.	2020-01-19 10:14:39 +10:00
engine	Deprecate the low level SHA functions.	2020-01-19 10:14:39 +10:00
err	chunk 6 of CMP contribution to OpenSSL	2019-12-12 10:57:25 +00:00
ess
evp	Deprecate the low level IDEA functions.	2020-01-19 10:38:49 +10:00
hmac	Don't store an HMAC key for longer than we need	2020-01-06 10:46:05 +00:00
idea	Deprecate the low level IDEA functions.	2020-01-19 10:38:49 +10:00
kdf	Deprecate ERR_load_KDF_strings()	2019-11-12 13:30:35 +01:00
lhash
md2	Deprecate the low level MD2 functions.	2020-01-12 12:02:17 +10:00
md4	Deprecate the low level MD4 functions.	2020-01-12 12:02:17 +10:00
md5	Deprecate the low level MD5 functions.	2020-01-19 10:14:39 +10:00
mdc2	Deprecate the low level MDC2 functions.	2020-01-12 12:02:17 +10:00
modes	For all assembler scripts where it matters, recognise clang > 9.x	2020-01-17 08:55:45 +01:00
objects	Make generated copyright year be "now"	2020-01-07 15:53:15 -05:00
ocsp
pem	PROV SERIALIZER: add common functionality to serialize keys	2019-11-29 20:55:16 +01:00
perlasm	Add GNU properties note for Intel CET in x86_64-xlate.pl	2020-01-18 05:33:19 +01:00
pkcs7
pkcs12	Update source files for pre-3.0 deprecation	2019-11-07 11:37:25 +01:00
poly1305	For all assembler scripts where it matters, recognise clang > 9.x	2020-01-17 08:55:45 +01:00
property	Fix some typos	2019-12-11 19:04:01 +01:00
rand	CRYPTO: Remove support for ex_data fields when building the FIPS module	2020-01-15 23:45:41 +01:00
rc2	Deprecate the low level RC2 functions	2020-01-16 07:07:27 +10:00
rc4	Deprecate the low level RC4 functions	2020-01-16 07:07:27 +10:00
rc5	Deprecate the low level RC5 functions	2020-01-16 07:07:27 +10:00
ripemd	Deprecate the low level RIPEMD160 functions.	2020-01-12 12:00:31 +10:00
rsa	libcrypto: Eliminate as much use of EVP_PKEY_size() as possible	2020-01-19 02:47:46 +01:00
seed	Deprecate the low level SEED functions	2020-01-16 07:06:14 +10:00
serializer	Fix some typos	2019-12-11 19:04:01 +01:00
sha	Deprecate the low level SHA functions.	2020-01-19 10:14:39 +10:00
siphash
sm2
sm3	Cleanup legacy digest methods.	2019-12-18 14:46:01 +10:00
sm4
srp	Update source files for pre-3.0 deprecation	2019-11-07 11:37:25 +01:00
stack
store	OSSL_STORE: add tracing	2019-11-03 18:38:23 +01:00
ts
txt_db
ui	UI_UTIL_wrap_read_pem_callback(): when \|cb\| is NULL, use PEM_def_callback	2019-11-22 15:19:19 +01:00
whrlpool	When deprecated symbols are removed, ensure liblegacy has WHIRLPOOL	2020-01-12 12:05:04 +10:00
x509	Add support for otherName:NAIRealm in output	2019-12-11 22:29:19 +03:00
alphacpuid.pl
arm64cpuid.pl
arm_arch.h
armcap.c
armv4cpuid.pl
asn1_dsa.c	Fix some typos	2019-12-11 19:04:01 +01:00
bsearch.c
build.info	Add FIPS Self test kats for digests	2020-01-15 10:48:01 +10:00
c64xpluscpuid.pl
context.c
core_algorithm.c
core_fetch.c	CORE: pass the full algorithm definition to the method constructor	2019-11-29 20:42:12 +01:00
core_namemap.c	Modify EVP_CIPHER_is_a() and EVP_MD_is_a() to handle legacy methods too	2020-01-17 08:59:41 +01:00
cpt_err.c	CORE: ossl_namemap_add_names(): new function to add multiple names	2019-11-29 20:42:12 +01:00
cryptlib.c
ctype.c
cversion.c	Cleanup include/openssl/opensslv.h.in	2019-11-08 16:12:57 +01:00
dllmain.c
ebcdic.c
ex_data.c	Deprecate most of debug-memory	2019-12-14 20:57:35 +01:00
getenv.c
ia64cpuid.S
info.c	Modify the add_seeds_stringlist() macro to fix a preprocessor error	2020-01-07 16:28:37 +01:00
init.c
initthread.c	Thread: Avoid a NULL dereference after failed initialisation.	2019-11-22 15:26:33 +10:00
LPdir_nyi.c
LPdir_unix.c	Fix a -Warray-bounds gcc warning in OPENSSL_DIR_read	2019-11-09 10:49:34 +01:00
LPdir_vms.c
LPdir_win32.c
LPdir_win.c
LPdir_wince.c
mem_clr.c
mem_sec.c
mem.c	Fix build when enabling mdebug options.	2019-12-18 15:06:15 +10:00
mips_arch.h
o_dir.c
o_fips.c
o_fopen.c
o_init.c
o_str.c
o_time.c
packet.c
param_build.c	param_bld: add a padded BN call.	2020-01-19 10:20:06 +10:00
params_from_text.c
params.c	Allow strings in params to be of zero length	2019-11-14 09:29:21 +00:00
pariscid.pl
ppc_arch.h
ppccap.c
ppccpuid.pl
provider_conf.c
provider_core.c	Add FIPS Self test kats for digests	2020-01-15 10:48:01 +10:00
provider_local.h
provider_predefined.c
provider.c
README.sparse_array
s390x_arch.h
s390xcap.c	crypto/s390xcap.c: Add guards around the GETAUXVAL checks	2019-10-21 15:14:09 +02:00
s390xcpuid.pl	s390x assembly pack: enable clang build	2019-11-03 11:25:31 +01:00
self_test_core.c	Add FIPS Self test kats for digests	2020-01-15 10:48:01 +10:00
sparc_arch.h
sparccpuid.S
sparcv9cap.c
sparse_array.c
threads_none.c
threads_pthread.c
threads_win.c
trace.c	OSSL_STORE: add tracing	2019-11-03 18:38:23 +01:00
uid.c
vms_rms.h
x86_64cpuid.pl	Fix unwind info for some trivial functions	2019-12-18 14:26:50 +01:00
x86cpuid.pl

README.sparse_array

The sparse_array.c file contains an implementation of a sparse array that
attempts to be both space and time efficient.

The sparse array is represented using a tree structure.  Each node in the
tree contains a block of pointers to either the user supplied leaf values or
to another node.

There are a number of parameters used to define the block size:

    OPENSSL_SA_BLOCK_BITS   Specifies the number of bits covered by each block
    SA_BLOCK_MAX            Specifies the number of pointers in each block
    SA_BLOCK_MASK           Specifies a bit mask to perform modulo block size
    SA_BLOCK_MAX_LEVELS     Indicates the maximum possible height of the tree

These constants are inter-related:
    SA_BLOCK_MAX        = 2 ^ OPENSSL_SA_BLOCK_BITS
    SA_BLOCK_MASK       = SA_BLOCK_MAX - 1
    SA_BLOCK_MAX_LEVELS = number of bits in size_t divided by
                          OPENSSL_SA_BLOCK_BITS rounded up to the next multiple
                          of OPENSSL_SA_BLOCK_BITS

OPENSSL_SA_BLOCK_BITS can be defined at compile time and this overrides the
built in setting.

As a space and performance optimisation, the height of the tree is usually
less than the maximum possible height.  Only sufficient height is allocated to
accommodate the largest index added to the data structure.

The largest index used to add a value to the array determines the tree height:

        +----------------------+---------------------+
        | Largest Added Index  |   Height of Tree    |
        +----------------------+---------------------+
        | SA_BLOCK_MAX     - 1 |          1          |
        | SA_BLOCK_MAX ^ 2 - 1 |          2          |
        | SA_BLOCK_MAX ^ 3 - 1 |          3          |
        | ...                  |          ...        |
        | size_t max           | SA_BLOCK_MAX_LEVELS |
        +----------------------+---------------------+

The tree height is dynamically increased as needed based on additions.

An empty tree is represented by a NULL root pointer.  Inserting a value at
index 0 results in the allocation of a top level node full of null pointers
except for the single pointer to the user's data (N = SA_BLOCK_MAX for
brevity):

        +----+
        |Root|
        |Node|
        +-+--+
          |
          |
          |
          v
        +-+-+---+---+---+---+
        | 0 | 1 | 2 |...|N-1|
        |   |nil|nil|...|nil|
        +-+-+---+---+---+---+
          |
          |
          |
          v
        +-+--+
        |User|
        |Data|
        +----+
    Index 0


Inserting at element 2N+1 creates a new root node and pushes down the old root
node.  It then creates a second second level node to hold the pointer to the
user's new data:

        +----+
        |Root|
        |Node|
        +-+--+
          |
          |
          |
          v
        +-+-+---+---+---+---+
        | 0 | 1 | 2 |...|N-1|
        |   |nil|   |...|nil|
        +-+-+---+-+-+---+---+
          |       |
          |       +------------------+
          |                          |
          v                          v
        +-+-+---+---+---+---+      +-+-+---+---+---+---+
        | 0 | 1 | 2 |...|N-1|      | 0 | 1 | 2 |...|N-1|
        |nil|   |nil|...|nil|      |nil|   |nil|...|nil|
        +-+-+---+---+---+---+      +---+-+-+---+---+---+
          |                              |
          |                              |
          |                              |
          v                              v
        +-+--+                         +-+--+
        |User|                         |User|
        |Data|                         |Data|
        +----+                         +----+
    Index 0                       Index 2N+1


The nodes themselves are allocated in a sparse manner.  Only nodes which exist
along a path from the root of the tree to an added leaf will be allocated.
The complexity is hidden and nodes are allocated on an as needed basis.
Because the data is expected to be sparse this doesn't result in a large waste
of space.

Values can be removed from the sparse array by setting their index position to
NULL.  The data structure does not attempt to reclaim nodes or reduce the
height of the tree on removal.  For example, now setting index 0 to NULL would
result in:

        +----+
        |Root|
        |Node|
        +-+--+
          |
          |
          |
          v
        +-+-+---+---+---+---+
        | 0 | 1 | 2 |...|N-1|
        |   |nil|   |...|nil|
        +-+-+---+-+-+---+---+
          |       |
          |       +------------------+
          |                          |
          v                          v
        +-+-+---+---+---+---+      +-+-+---+---+---+---+
        | 0 | 1 | 2 |...|N-1|      | 0 | 1 | 2 |...|N-1|
        |nil|nil|nil|...|nil|      |nil|   |nil|...|nil|
        +---+---+---+---+---+      +---+-+-+---+---+---+
                                         |
                                         |
                                         |
                                         v
                                       +-+--+
                                       |User|
                                       |Data|
                                       +----+
                                  Index 2N+1


Accesses to elements in the sparse array take O(log n) time where n is the
largest element.  The base of the logarithm is SA_BLOCK_MAX, so for moderately
small indices (e.g. NIDs), single level (constant time) access is achievable.
Space usage is O(minimum(m, n log(n)) where m is the number of elements in the
array.

Note: sparse arrays only include pointers to types.  Thus, SPARSE_ARRAY_OF(char)
can be used to store a string.