Property implementation

[paulidale]

A first pass at implementing some efficient property definition and query infrastructure.

Properties are defined by providers as strings which are parsed into name, value pairs.
Queries are parsed into name relation value triplets.
Implementations that match the query are considered for further use whereas implementations that don't match are immediately discarded from consideration.

The property system, allows global properties to be specified in addition to local properties (which can override globals).

If there is a match, there are capabilities for caching the outcome which will improve performance in the future.

The implementation database permits several interfaces to operate within:

1. add,
2. remove,
3. fetch,
4. cache_get,
5. cache_set and
6. set_global_properties

The generate usage pattern is:

if (cache_get(...) != NULL)
    return cache_got;

if ((result = fetch(...)) == NULL)
    return NULL;
cache_set(nid, properties, result)

• tests are added or updated

[levitte]

I added this PR to the newly created github project "3.0 New Core + FIPS"

Also, you need to rebase.

[levitte]

Also, would you mind adding internal documentation for the functions declared in include/internal/property.h, i.e. a manpage in doc/internal/man3?

[levitte]

I removed the FIPS label, as this isn't the FIPS module per se. I believe adding this to the "3.0 New Core + FIPS" is a better way to mark these sorts of PRs

[richsalz]

"unwarranted chumminess with the compiler" (web-search it)
Pay the price of portable code and make this a pointer.

[paulidale]

Double allocating and ruining cache coherency in code that's meant to be fast to avoid something that's always worked...

[richsalz]

I think that's a misguided/premature optimization, at the expense of more clear code. We're going to be dispatching to crypto code :)

[t8m]

C99 allows using char body[]; Is C99 viable target for OpenSSL 3.0.0?

[paulidale]

We can't use C99. However, this code is portable and safe. There are two restrictions: don't use an array of such structures (no space to use between records) and don't store a type other than char there (alignment).

[richsalz]

I think unquotedstring is a very big mistake. It makes it really hard to add keywords to the query language in the future. Look at perl's "barewords" evolution, for example.

[richsalz]

I think you should allow backslash-escape inside the quoted string.

[paulidale]

Why? so we can write fips="Y\e\s" ?

I'd be happy to ban \ inside a string to provide a capability to add it painlessly in the future.

[richsalz]

Banning it for future expansion helps. But I meant to only escape quotes, as in things like "Hello "world""

[levitte]

If anyone is ever going to want to have a Windows path in a quoted string, we'd better not use \ as the escape character.

That being said, the \ is more or less universally known as an escape character, and is already used as such elsewhere in OpenSSL, so it's actually a little surprising to have something different for property values.

(and I'm curious, where was ^ inspired from? That's actually used in VMS file specs, where you'll see things like openssl-1^.0^.2q^.tar.gz, but I've not seen you as VMS savvy, so...)

[mspncp]

where was ^ inspired from?

The caret at the beginning of a character class inverts the set, i.e. [^a-b] is the complement of [a-b]. If you want to include a literal caret, it must not be first in the set. See GREP(1).

[mspncp]

(Of course you know that, it's part of your Perl-fu. It was just too early in the morning... ;-) ).

[levitte]

D'oh.

And still, that was after the first coffee.

[paulidale]

I think the ^ is stretching eBNF a little.

[mattcaswell]

Where does this happen? I couldn't see it.

[paulidale]

See ossl_property_parse_init in property_parse.c.

[mattcaswell]

That function only seems to define "provider", "version", "fips" and "engine", but not "name"

[paulidale]

The question is which names are we going to reserve?

I changed "name" to "provider" since it seemed more applicable but missed the README.

[paulidale]

The fix is to not say which property names are pre-loaded, just to say that they are.

[paulidale]

We can have the discussion about which get added later. I expect some worthwhile ones will naturally appear over the course of the project.

[richsalz]

unnamed struct isn't common. also same bad chumminess thing.

[levitte]

Unnamed struct might be uncommon, but naming it becomes a bit silly if that name is never used. I see no reason to add a struct name now.

[levitte]

Looking through the code again and its intended use, I'm unsure that the functions declared in include/internal/property.h are named right.

That store (or those stores) are going to be used to save away methods, i.e. instances of EVP_CIPHER, EVP_MD, etc. Do we call them implementations or do we call them methods? Historically, they were called the latter (it's even more visible if you consider EVP_PKEY_METHOD), so I wonder of ossl_method_ isn't a better function prefix than ossl_impl_.

Food for thought.

[levitte]

Please make sure that this is called automatically, either as part of the init process, or in here with the help of a RUN_ONCE function (see #8225 to see how I do that)

[levitte]

Please make sure that this is called automatically, either as part of the cleanup process, or in here with the help of OPENSSL_atexit() (see #8225 to see how I do that)

[paulidale]

I've addressed most of the comments (resolving those that I did fix). This mostly leaves the library context (& g_implementations) some parsing questions and the run once.

[paulidale]

Looking through the code again and its intended use, I'm unsure that the functions declared in include/internal/property.h are named right.

Let's settle this before I do the documentation.

Settled.

[paulidale]

Travis failures look to be overly aggressive detection of unused macro generated functions. Do we have a standard way of prevent these without exposing the structures via a header file?

Fixed in a different PR.

[paulidale]

Tests are updated so that they don't reinitialise the properties anymore.
I think that's everything once the CIs pass.

[paulidale]

The CIs pass :)

[t-j-h]

I still don't think we should have bare PROPERTY and it should have an OSSL or OPENSSL prefix.

[paulidale]

Which PROPERTY ? Everything exposed outside of the crypto/property directory starts OSSL_ doesn't it? All functions exposed from crpyto/property also start ossl_. Some of the types don't, are they realistically a problem?

[t-j-h]

You have ossl_ prefixes on the functions expected to be used outside of the property directory but no prefix on the typedefs. They should be OSSL_ ... basically we don't want to run into clashes with other code and PS_IDX and PROPERTY are likely to clash.

Yes I know these aren't currently expected to be visible elsewhere - but they may evolve that way - and we should be clean in our "namespace" usage IMHO.

[paulidale]

I've prefixed the internal symbols.

[t-j-h]

Once the CIs show clear for the most recent change - approved.

[paulidale]

@levitte @mattcaswell I'll merge this in the morning (my time) unless there are objections.

[paulidale]

Squashed...

[levitte]

I'd like to run a test tomorrow against things I have that build on this...

[levitte]

(It looked good visually, though...)

[paulidale]

Let me know when you're done and I'll merge it or merge it yourself if the time-zones are immiscible.

[paulidale]

Merged, thanks for the extensive and positive feedback.

[levitte]

... someone's in a rush. 😉

My tests ran well after some appropriate mods. The manual bits need some fixups, something I discovered moments ago...

[paulidale]

In a rush or needing a rush? I waited until I thought I’d be asleep (which I have been). That I’m not indicative is indactive of a non-problem…. Pauli -- Dr Paul Dale | Cryptographer | Network Security & Encryption Phone +61 7 3031 7217 Oracle Australia

…

On 18 Feb 2019, at 6:00 pm, Richard Levitte ***@***.***> wrote: ... someone's in a rush. 😉 My tests ran well after some appropriate mods. The manual bits need some fixups, something I discovered moments ago... — You are receiving this because you modified the open/close state. Reply to this email directly, view it on GitHub <#8224 (comment)>, or mute the thread <https://github.com/notifications/unsubscribe-auth/ARFiwdynDshahU7-Wch_GVzyCWHeZRDOks5vOl2IgaJpZM4a5LHK>.

[levitte]

Care to look at #8265?