Rename default credential to legacy credential
Default reads as if it is somehow treated special, as a default when
fancier heuristics do not match, such as trust anchors. Such a concept
does not make sense because servers will have *multiple* fallbacks for
trust anchor matching, e.g. an ECDSA one and an RSA one. Nonetheless,
this was a bit confusing, so call it the "legacy credential" to make it
clearer this is just about whether you use a different API.
Change-Id: Ieb8cf454d1b2e0bf08a2c78cbea644d4f2f12202
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/71727
Reviewed-by: Bob Beck <bbe@google.com>
Commit-Queue: Bob Beck <bbe@google.com>
Auto-Submit: David Benjamin <davidben@google.com>
diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h
index a5c5ab0..6503de5 100644
--- a/include/openssl/ssl.h
+++ b/include/openssl/ssl.h
@@ -864,8 +864,9 @@
// |SSL_CTX| and |SSL| objects maintain lists of credentials in preference
// order. During the handshake, BoringSSL will select the first usable
// credential from the list. Non-credential APIs, such as
-// |SSL_CTX_use_certificate|, configure a "default credential", which is
-// appended to this list if configured.
+// |SSL_CTX_use_certificate|, configure a "legacy credential", which is
+// appended to this list if configured. Using the legacy credential is the same
+// as configuring an equivalent credential with the |SSL_CREDENTIAL| API.
//
// When selecting credentials, BoringSSL considers the credential's type, its
// cryptographic capabilities, and capabilities advertised by the peer. This
@@ -969,7 +970,7 @@
OPENSSL_EXPORT int SSL_add1_credential(SSL *ssl, SSL_CREDENTIAL *cred);
// SSL_certs_clear removes all credentials configured on |ssl|. It also removes
-// the certificate chain and private key on the default credential.
+// the certificate chain and private key on the legacy credential.
OPENSSL_EXPORT void SSL_certs_clear(SSL *ssl);
// SSL_get0_selected_credential returns the credential in use in the current
@@ -1000,8 +1001,9 @@
// than return an error. Additionally, overwriting a previously-configured
// certificate and key pair only works if the certificate is configured first.
//
-// Each of these functions configures the default credential. To select between
-// multiple certificates, see |SSL_CREDENTIAL_new_x509| and related APIs.
+// Each of these functions configures the single "legacy credential" on the
+// |SSL_CTX| or |SSL|. To select between multiple certificates, use
+// |SSL_CREDENTIAL_new_x509| and other APIs to configure a list of credentials.
// SSL_CTX_use_certificate sets |ctx|'s leaf certificate to |x509|. It returns
// one on success and zero on failure. If |ctx| has a private key which is
diff --git a/ssl/internal.h b/ssl/internal.h
index f956418..718908b 100644
--- a/ssl/internal.h
+++ b/ssl/internal.h
@@ -1659,7 +1659,7 @@
ssl_credential_st &operator=(const ssl_credential_st &) = delete;
// Dup returns a copy of the credential, or nullptr on error. The |ex_data|
- // values are not copied. This is only used on the default credential, whose
+ // values are not copied. This is only used on the legacy credential, whose
// |ex_data| is inaccessible.
bssl::UniquePtr<SSL_CREDENTIAL> Dup() const;
@@ -2529,32 +2529,32 @@
explicit CERT(const SSL_X509_METHOD *x509_method);
~CERT();
- bool is_valid() const { return default_credential != nullptr; }
+ bool is_valid() const { return legacy_credential != nullptr; }
// credentials is the list of credentials to select between. Elements of this
// array immutable.
GrowableArray<UniquePtr<SSL_CREDENTIAL>> credentials;
- // default_credential is the credential configured by the legacy,
+ // legacy_credential is the credential configured by the legacy
// non-credential-based APIs. If IsComplete() returns true, it is appended to
// the list of credentials.
- UniquePtr<SSL_CREDENTIAL> default_credential;
+ UniquePtr<SSL_CREDENTIAL> legacy_credential;
// x509_method contains pointers to functions that might deal with |X509|
// compatibility, or might be a no-op, depending on the application.
const SSL_X509_METHOD *x509_method = nullptr;
- // x509_chain may contain a parsed copy of |chain[1..]| from the default
+ // x509_chain may contain a parsed copy of |chain[1..]| from the legacy
// credential. This is only used as a cache in order to implement “get0”
// functions that return a non-owning pointer to the certificate chain.
STACK_OF(X509) *x509_chain = nullptr;
// x509_leaf may contain a parsed copy of the first element of |chain| from
- // the default credential. This is only used as a cache in order to implement
+ // the legacy credential. This is only used as a cache in order to implement
// “get0” functions that return a non-owning pointer to the certificate chain.
X509 *x509_leaf = nullptr;
- // x509_stash contains the last |X509| object append to the default
+ // x509_stash contains the last |X509| object append to the legacy
// credential's chain. This is a workaround for some third-party code that
// continue to use an |X509| object even after passing ownership with an
// “add0” function.
diff --git a/ssl/ssl_cert.cc b/ssl/ssl_cert.cc
index e30ec73..e30e27d 100644
--- a/ssl/ssl_cert.cc
+++ b/ssl/ssl_cert.cc
@@ -135,7 +135,7 @@
BSSL_NAMESPACE_BEGIN
CERT::CERT(const SSL_X509_METHOD *x509_method_arg)
- : default_credential(MakeUnique<SSL_CREDENTIAL>(SSLCredentialType::kX509)),
+ : legacy_credential(MakeUnique<SSL_CREDENTIAL>(SSLCredentialType::kX509)),
x509_method(x509_method_arg) {}
CERT::~CERT() { x509_method->cert_free(this); }
@@ -153,10 +153,10 @@
}
}
- // |default_credential| is mutable, so it must be copied. We cannot simply
+ // |legacy_credential| is mutable, so it must be copied. We cannot simply
// bump the reference count.
- ret->default_credential = cert->default_credential->Dup();
- if (ret->default_credential == nullptr) {
+ ret->legacy_credential = cert->legacy_credential->Dup();
+ if (ret->legacy_credential == nullptr) {
return nullptr;
}
@@ -191,8 +191,8 @@
return 0;
}
- cert->default_credential->ClearCertAndKey();
- if (!SSL_CREDENTIAL_set1_cert_chain(cert->default_credential.get(), certs,
+ cert->legacy_credential->ClearCertAndKey();
+ if (!SSL_CREDENTIAL_set1_cert_chain(cert->legacy_credential.get(), certs,
num_certs)) {
return 0;
}
@@ -201,18 +201,18 @@
cert->x509_method->cert_flush_cached_chain(cert);
return privkey != nullptr
- ? SSL_CREDENTIAL_set1_private_key(cert->default_credential.get(),
+ ? SSL_CREDENTIAL_set1_private_key(cert->legacy_credential.get(),
privkey)
: SSL_CREDENTIAL_set_private_key_method(
- cert->default_credential.get(), privkey_method);
+ cert->legacy_credential.get(), privkey_method);
}
bool ssl_set_cert(CERT *cert, UniquePtr<CRYPTO_BUFFER> buffer) {
// Don't fail for a cert/key mismatch, just free the current private key.
// (When switching to a different keypair, the caller should switch the
// certificate, then the key.)
- if (!cert->default_credential->SetLeafCert(
- std::move(buffer), /*discard_key_on_mismatch=*/true)) {
+ if (!cert->legacy_credential->SetLeafCert(std::move(buffer),
+ /*discard_key_on_mismatch=*/true)) {
return false;
}
@@ -578,18 +578,18 @@
CERT *cert = ssl->config->cert.get();
cert->x509_method->cert_clear(cert);
cert->credentials.clear();
- cert->default_credential->ClearCertAndKey();
+ cert->legacy_credential->ClearCertAndKey();
}
const STACK_OF(CRYPTO_BUFFER) *SSL_CTX_get0_chain(const SSL_CTX *ctx) {
- return ctx->cert->default_credential->chain.get();
+ return ctx->cert->legacy_credential->chain.get();
}
const STACK_OF(CRYPTO_BUFFER) *SSL_get0_chain(const SSL *ssl) {
if (!ssl->config) {
return nullptr;
}
- return ssl->config->cert->default_credential->chain.get();
+ return ssl->config->cert->legacy_credential->chain.get();
}
int SSL_CTX_use_certificate_ASN1(SSL_CTX *ctx, size_t der_len,
@@ -643,7 +643,7 @@
size_t list_len) {
UniquePtr<CRYPTO_BUFFER> buf(CRYPTO_BUFFER_new(list, list_len, nullptr));
return buf != nullptr && SSL_CREDENTIAL_set1_signed_cert_timestamp_list(
- ctx->cert->default_credential.get(), buf.get());
+ ctx->cert->legacy_credential.get(), buf.get());
}
int SSL_set_signed_cert_timestamp_list(SSL *ssl, const uint8_t *list,
@@ -654,7 +654,7 @@
UniquePtr<CRYPTO_BUFFER> buf(CRYPTO_BUFFER_new(list, list_len, nullptr));
return buf != nullptr &&
SSL_CREDENTIAL_set1_signed_cert_timestamp_list(
- ssl->config->cert->default_credential.get(), buf.get());
+ ssl->config->cert->legacy_credential.get(), buf.get());
}
int SSL_CTX_set_ocsp_response(SSL_CTX *ctx, const uint8_t *response,
@@ -662,7 +662,7 @@
UniquePtr<CRYPTO_BUFFER> buf(
CRYPTO_BUFFER_new(response, response_len, nullptr));
return buf != nullptr && SSL_CREDENTIAL_set1_ocsp_response(
- ctx->cert->default_credential.get(), buf.get());
+ ctx->cert->legacy_credential.get(), buf.get());
}
int SSL_set_ocsp_response(SSL *ssl, const uint8_t *response,
@@ -674,7 +674,7 @@
CRYPTO_BUFFER_new(response, response_len, nullptr));
return buf != nullptr &&
SSL_CREDENTIAL_set1_ocsp_response(
- ssl->config->cert->default_credential.get(), buf.get());
+ ssl->config->cert->legacy_credential.get(), buf.get());
}
void SSL_CTX_set0_client_CAs(SSL_CTX *ctx, STACK_OF(CRYPTO_BUFFER) *name_list) {
diff --git a/ssl/ssl_credential.cc b/ssl/ssl_credential.cc
index f4bb55e..39c14de 100644
--- a/ssl/ssl_credential.cc
+++ b/ssl/ssl_credential.cc
@@ -37,14 +37,14 @@
bool ssl_get_credential_list(SSL_HANDSHAKE *hs, Array<SSL_CREDENTIAL *> *out) {
CERT *cert = hs->config->cert.get();
- // Finish filling in the default credential if needed.
+ // Finish filling in the legacy credential if needed.
if (!cert->x509_method->ssl_auto_chain_if_needed(hs)) {
return false;
}
size_t num_creds = cert->credentials.size();
- bool include_default = cert->default_credential->IsComplete();
- if (include_default) {
+ bool include_legacy = cert->legacy_credential->IsComplete();
+ if (include_legacy) {
num_creds++;
}
@@ -55,8 +55,8 @@
for (size_t i = 0; i < cert->credentials.size(); i++) {
(*out)[i] = cert->credentials[i].get();
}
- if (include_default) {
- (*out)[num_creds - 1] = cert->default_credential.get();
+ if (include_legacy) {
+ (*out)[num_creds - 1] = cert->legacy_credential.get();
}
return true;
}
diff --git a/ssl/ssl_lib.cc b/ssl/ssl_lib.cc
index 071709f..1458b45 100644
--- a/ssl/ssl_lib.cc
+++ b/ssl/ssl_lib.cc
@@ -1755,7 +1755,7 @@
int SSL_CTX_check_private_key(const SSL_CTX *ctx) {
// There is no need to actually check consistency because inconsistent values
// can never be configured.
- return has_cert_and_key(ctx->cert->default_credential.get());
+ return has_cert_and_key(ctx->cert->legacy_credential.get());
}
int SSL_check_private_key(const SSL *ssl) {
@@ -1765,7 +1765,7 @@
// There is no need to actually check consistency because inconsistent values
// can never be configured.
- return has_cert_and_key(ssl->config->cert->default_credential.get());
+ return has_cert_and_key(ssl->config->cert->legacy_credential.get());
}
long SSL_get_default_timeout(const SSL *ssl) {
@@ -2557,11 +2557,11 @@
assert(ssl->config);
return nullptr;
}
- return ssl->config->cert->default_credential->privkey.get();
+ return ssl->config->cert->legacy_credential->privkey.get();
}
EVP_PKEY *SSL_CTX_get0_privatekey(const SSL_CTX *ctx) {
- return ctx->cert->default_credential->privkey.get();
+ return ctx->cert->legacy_credential->privkey.get();
}
const SSL_CIPHER *SSL_get_current_cipher(const SSL *ssl) {
diff --git a/ssl/ssl_privkey.cc b/ssl/ssl_privkey.cc
index 471be76..76ba084 100644
--- a/ssl/ssl_privkey.cc
+++ b/ssl/ssl_privkey.cc
@@ -397,7 +397,7 @@
}
return SSL_CREDENTIAL_set1_private_key(
- ssl->config->cert->default_credential.get(), pkey);
+ ssl->config->cert->legacy_credential.get(), pkey);
}
int SSL_use_PrivateKey_ASN1(int type, SSL *ssl, const uint8_t *der,
@@ -450,7 +450,7 @@
return 0;
}
- return SSL_CREDENTIAL_set1_private_key(ctx->cert->default_credential.get(),
+ return SSL_CREDENTIAL_set1_private_key(ctx->cert->legacy_credential.get(),
pkey);
}
@@ -477,13 +477,13 @@
return;
}
BSSL_CHECK(SSL_CREDENTIAL_set_private_key_method(
- ssl->config->cert->default_credential.get(), key_method));
+ ssl->config->cert->legacy_credential.get(), key_method));
}
void SSL_CTX_set_private_key_method(SSL_CTX *ctx,
const SSL_PRIVATE_KEY_METHOD *key_method) {
BSSL_CHECK(SSL_CREDENTIAL_set_private_key_method(
- ctx->cert->default_credential.get(), key_method));
+ ctx->cert->legacy_credential.get(), key_method));
}
static constexpr size_t kMaxSignatureAlgorithmNameLen = 24;
@@ -657,7 +657,7 @@
int SSL_CTX_set_signing_algorithm_prefs(SSL_CTX *ctx, const uint16_t *prefs,
size_t num_prefs) {
return SSL_CREDENTIAL_set1_signing_algorithm_prefs(
- ctx->cert->default_credential.get(), prefs, num_prefs);
+ ctx->cert->legacy_credential.get(), prefs, num_prefs);
}
int SSL_set_signing_algorithm_prefs(SSL *ssl, const uint16_t *prefs,
@@ -666,7 +666,7 @@
return 0;
}
return SSL_CREDENTIAL_set1_signing_algorithm_prefs(
- ssl->config->cert->default_credential.get(), prefs, num_prefs);
+ ssl->config->cert->legacy_credential.get(), prefs, num_prefs);
}
static constexpr struct {
diff --git a/ssl/ssl_test.cc b/ssl/ssl_test.cc
index 34dd5ed..17fe5c6 100644
--- a/ssl/ssl_test.cc
+++ b/ssl/ssl_test.cc
@@ -6068,7 +6068,7 @@
continue;
}
- ExpectSigAlgsEqual(test.expected, ctx->cert->default_credential->sigalgs);
+ ExpectSigAlgsEqual(test.expected, ctx->cert->legacy_credential->sigalgs);
}
}
@@ -6126,7 +6126,7 @@
continue;
}
- ExpectSigAlgsEqual(test.expected, ctx->cert->default_credential->sigalgs);
+ ExpectSigAlgsEqual(test.expected, ctx->cert->legacy_credential->sigalgs);
}
}
diff --git a/ssl/ssl_x509.cc b/ssl/ssl_x509.cc
index 66c3210..e121ff8 100644
--- a/ssl/ssl_x509.cc
+++ b/ssl/ssl_x509.cc
@@ -198,11 +198,11 @@
// which case no change to |cert->chain| is made. It preverses the existing
// leaf from |cert->chain|, if any.
static bool ssl_cert_set1_chain(CERT *cert, STACK_OF(X509) *chain) {
- cert->default_credential->ClearIntermediateCerts();
+ cert->legacy_credential->ClearIntermediateCerts();
for (X509 *x509 : chain) {
UniquePtr<CRYPTO_BUFFER> buffer = x509_to_buffer(x509);
if (!buffer ||
- !cert->default_credential->AppendIntermediateCert(std::move(buffer))) {
+ !cert->legacy_credential->AppendIntermediateCert(std::move(buffer))) {
return false;
}
}
@@ -412,10 +412,10 @@
}
static bool ssl_crypto_x509_ssl_auto_chain_if_needed(SSL_HANDSHAKE *hs) {
- // Only build a chain if the feature isn't disabled, the default credential
+ // Only build a chain if the feature isn't disabled, the legacy credential
// exists but has no intermediates configured.
SSL *ssl = hs->ssl;
- SSL_CREDENTIAL *cred = hs->config->cert->default_credential.get();
+ SSL_CREDENTIAL *cred = hs->config->cert->legacy_credential.get();
if ((ssl->mode & SSL_MODE_NO_AUTO_CHAIN) || !cred->IsComplete() ||
sk_CRYPTO_BUFFER_num(cred->chain.get()) != 1) {
return true;
@@ -720,9 +720,8 @@
static int ssl_cert_cache_leaf_cert(CERT *cert) {
assert(cert->x509_method);
- const SSL_CREDENTIAL *cred = cert->default_credential.get();
- if (cert->x509_leaf != NULL ||
- cred->chain == NULL) {
+ const SSL_CREDENTIAL *cred = cert->legacy_credential.get();
+ if (cert->x509_leaf != NULL || cred->chain == NULL) {
return 1;
}
@@ -764,7 +763,7 @@
UniquePtr<CRYPTO_BUFFER> buffer = x509_to_buffer(x509);
if (!buffer ||
- !cert->default_credential->AppendIntermediateCert(std::move(buffer))) {
+ !cert->legacy_credential->AppendIntermediateCert(std::move(buffer))) {
return 0;
}
@@ -867,9 +866,8 @@
static int ssl_cert_cache_chain_certs(CERT *cert) {
assert(cert->x509_method);
- const SSL_CREDENTIAL *cred = cert->default_credential.get();
- if (cert->x509_chain != nullptr ||
- cred->chain == nullptr ||
+ const SSL_CREDENTIAL *cred = cert->legacy_credential.get();
+ if (cert->x509_chain != nullptr || cred->chain == nullptr ||
sk_CRYPTO_BUFFER_num(cred->chain.get()) < 2) {
return 1;
}
@@ -1155,7 +1153,7 @@
// Should only be called during handshake, but check to be sure.
BSSL_CHECK(ssl->config);
- if (ssl->config->cert->default_credential->IsComplete() ||
+ if (ssl->config->cert->legacy_credential->IsComplete() ||
ssl->ctx->client_cert_cb == nullptr) {
return 1;
}
diff --git a/ssl/test/test_config.cc b/ssl/test/test_config.cc
index 2db2a89..abd66ed 100644
--- a/ssl/test/test_config.cc
+++ b/ssl/test/test_config.cc
@@ -486,7 +486,7 @@
&TestConfig::expect_selected_credential),
// Credential flags are stateful. First, use one of the
// -new-*-credential flags to introduce a new credential. Then the flags
- // below switch from acting on the default credential to the newly-added
+ // below switch from acting on the legacy credential to the newly-added
// one. Repeat this process to continue adding them.
NewCredentialFlag("-new-x509-credential", CredentialConfigType::kX509),
NewCredentialFlag("-new-delegated-credential",