mirror/openssl
2
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2024-12-15 06:01:37 +08:00
Code Issues Packages Projects Releases Wiki Activity
30,854 Commits 34 Branches 385 Tags 513 MiB
17898ec601
Commit Graph

14 Commits

Author SHA1 Message Date
Tomas Mraz
3f773c911a fips module header inclusion fine-tunning 
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15974)
 2021-07-06 10:52:27 +10:00
Tomas Mraz
b247113c05 Detect low-level engine and app method based keys 
The low-level engine and app method based keys have to be treated
as foreign and must be used with old legacy pmeths.

Fixes #14632

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14859)
 2021-04-19 11:36:16 +02:00
Tomas Mraz
b4f447c038 Add selection support to the provider keymgmt_dup function 
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14793)
 2021-04-15 09:19:39 +02:00
Tomas Mraz
4a9fe33c8e Implement provider-side keymgmt_dup function 
To avoid mutating key data add OSSL_FUNC_KEYMGMT_DUP function
to the provider API and implement it for all asym-key key
managements.

Use it when copying everything to an empty EVP_PKEY
which is the case with EVP_PKEY_dup().

Fixes #14658

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14793)
 2021-04-15 09:19:39 +02:00
Pauli
9d8c53ed16 dh: fix coverty 1474423: resource leak 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14637)
 2021-03-24 09:40:26 +10:00
Richard Levitte
cf33379997 PROV: Add type specific PKCS#8 decoding to the DER->key decoders 
This required refactoring a number of functions from the diverse
EVP_PKEY_ASN1_METHOD implementations to become shared backend
functions.  It also meant modifying a few of them to return pointers
to our internal RSA / DSA/ DH / EC_KEY, ... structures instead of
manipulating an EVP_PKEY pointer directly, letting the caller do the
latter.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14314)
 2021-03-19 16:46:39 +01:00
Shane Lontis
19dbb742cd Fix external symbols related to dh keys 
Partial fix for #12964

This adds ossl_ names for the following symbols:

dh_new_by_nid_ex, dh_new_ex, dh_generate_ffc_parameters, dh_generate_public_key,
dh_get_named_group_uid_from_size, dh_gen_type_id2name, dh_gen_type_name2id,
dh_cache_named_group, dh_get0_params, dh_get0_nid,
dh_params_fromdata, dh_key_fromdata, dh_params_todata, dh_key_todata,
dh_check_pub_key_partial, dh_check_priv_key, dh_check_pairwise,
dh_get_method, dh_buf2key, dh_key2buf, dh_KDF_X9_42_asn1,
dh_pkey_method, dhx_pkey_method

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14231)
 2021-02-26 10:50:30 +10:00
Richard Levitte
4333b89f50 Update copyright year 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13999)
 2021-01-28 13:54:57 +01:00
Jon Spillett
2c04b34140 Allow EVP_PKEY private key objects to be created without a public component 
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13855)
 2021-01-15 17:24:41 +01:00
Matt Caswell
25e49af92a Deprecate more DH functions 
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13138)
 2020-11-27 11:04:54 +00:00
Richard Levitte
28e1d588f1 DH: stop setting the private key length arbitrarily 
The private key length is supposed to be a user settable parameter.
We do check if it's set or not, and if not, we do apply defaults.

Fixes #12071

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13140)
 2020-10-27 15:13:54 +01:00
Richard Levitte
0ba71d6a63 DH: make the private key length importable / exportable 
The DH private key length, which is an optional parameter, wasn't
properly imported / exported between legacy and provider side
implementations.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13166)
 2020-10-19 12:14:11 +02:00
Shane Lontis
7165593ce5 Add DH keygen to providers 
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11332)
 2020-04-16 01:14:00 +10:00
Richard Levitte
0abae1636d EVP: Implement support for key downgrading in backends 
Downgrading EVP_PKEYs from containing provider side internal keys to
containing legacy keys demands support in the EVP_PKEY_ASN1_METHOD.

This became a bit elaborate because the code would be almost exactly
the same as the import functions int EVP_KEYMGMT.  Therefore, we end
up moving most of the code to common backend support files that can be
used both by legacy backend code and by our providers.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11375)
 2020-03-25 17:01:32 +01:00