2
0
mirror of https://github.com/openssl/openssl.git synced 2024-12-27 06:21:43 +08:00
Commit Graph

21 Commits

Author SHA1 Message Date
Tomas Mraz
7ed6de997f Copyright year updates
Reviewed-by: Neil Horman <nhorman@openssl.org>
Release: yes
2024-09-05 09:35:49 +02:00
Dmitry Belyavskiy
bd3b24c3af Encap/decap in pkeyutl - tests
Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Paul Dale <ppzgs1@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/25127)
2024-08-13 11:03:11 +02:00
Matt Caswell
da1c088f59 Copyright year updates
Reviewed-by: Richard Levitte <levitte@openssl.org>
Release: yes
2023-09-07 09:59:15 +01:00
Matt Caswell
810f7dc1c7 Add a test for pkeyutl encrypt/decrypt using SM2
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21272)
2023-06-26 09:28:23 +01:00
Yi Li
4032cd9a14 configure: introduce no-ecx to remove ECX related feature
This can effectively reduce the binary size for platforms
that don't need ECX feature(~100KB).

Signed-off-by: Yi Li <yi1.li@intel.com>

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20781)
2023-06-14 13:06:22 +10:00
Tomas Mraz
d105a24c89 Add some tests for -inform/keyform enforcement
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15100)
2021-05-06 11:43:32 +01:00
Matt Caswell
8020d79b40 Update copyright year
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14512)
2021-03-11 13:27:36 +00:00
Petr Gotthard
6ceaf67257 Fix -pkeyopt handling in apps/pkeyutl -rawin
The EVP_DigestSignInit and EVP_DigestVerifyInit actually have to
be initialized before EVP_PKEY_CTX_ctrl_str is invoked.
Otherwise, when the ctx not initialized, the ctrl command fails.

Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13828)
2021-02-22 12:30:49 +01:00
Richard Levitte
c150a94857 TEST: Make our test data binary
Our test data (test/data.txt and test/data2.txt) are text files, but
declaring them binary means that there will be no line ending
transformation done on them.  This is necessary for testing on
non-Unix platforms, where certain tests could otherwise give results
that don't match expected results.

Fixes 

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13477)
2020-11-24 11:01:58 +01:00
Matt Caswell
fb2a6954fb Clean up some SM2 related TODOs in the tests
Now that we have full SM2 support, we can remove some TODOs from the tests.

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12913)
2020-09-25 11:13:53 +01:00
Richard Levitte
a10847c427 "Downgrade" provider-native keys to legacy where needed
Some sub-systems and openssl sub-commands do not yet deal cleanly with
purely provider-native EVP_PKEYs.  We compensate that by "downgrading"
keys in select places, or ensure that the 'file:' scheme ENGINE loader
is activated.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12587)
2020-09-03 17:48:32 +02:00
Dr. David von Oheimb
036cbb6bbf Rename NOTES*, README*, VERSION, HACKING, LICENSE to .md or .txt
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12109)
2020-07-05 11:29:43 +02:00
Matt Caswell
33388b44b6 Update copyright year
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11616)
2020-04-23 13:55:52 +01:00
Richard Levitte
fda127beb2 TEST: Adapt all applicable tests to the new distinguishing ID
Fixes 

Reviewed-by: Paul Yang <kaishen.yy@antfin.com>
(Merged from https://github.com/openssl/openssl/pull/11302)
2020-03-15 19:42:05 +01:00
Richard Levitte
35746c7948 TEST: Modify test/recipes/20-test_pkeyutl.t to leave artifacts behind
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11080)
2020-02-18 09:45:52 +01:00
Nicola Tuveri
ef1e59ed83 More testing for sign/verify through dgst and pkeyutl
Add tests for signature generation and verification with `dgst` and
`pkeyutl` CLI for common key types:
- RSA
- DSA
- ECDSA
- EdDSA

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10410)
2019-12-11 18:44:38 +01:00
Shane Lontis
10c25644e3 EC only uses approved curves in FIPS mode.
Once there are buildable fips tests, some tests that are data driven
from files will need to be modified to exclude non approved curves in
fips mode.

These changes were tested by temporarily adding #define FIPS_MODE 1 to
all the modified source files.

Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9081)
2019-06-25 12:00:25 +10:00
Paul Yang
317ba78fe1 Add test cases for SM2 cert verification
This follows  which added the SM2 certificate verification feature.
This commit adds some test cases for .

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8465)
2019-03-30 08:31:25 +09:00
Matt Caswell
ee633ace73 Enable pkeyutl to use Ed448 and Ed25519
With the recent addition of the -rawin option it should be possible for
pkeyutl to sign and verify with Ed448 and Ed2559. The main remaining
stumbling block is that those algorirthms only support "oneshot" operation.
This commit enables pkeyutl to handle that.

Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/8431)
2019-03-14 12:42:16 +00:00
Matt Caswell
ed86f884ba Fix no-ec, no-sm2 and no-sm3
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8372)
2019-03-01 14:11:10 +00:00
Paul Yang
a7cef52f9b Support raw input data in apps/pkeyutl
Some signature algorithms require special treatment for digesting, such
as SM2. This patch adds the ability of handling raw input data in
apps/pkeyutl other than accepting only pre-hashed input data.

Beside, SM2 requries an ID string when signing or verifying a piece of data,
this patch also adds the ability for apps/pkeyutil to specify that ID
string.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8186)
2019-02-27 10:05:17 +08:00