PROV & KEYMGMT: Add PSS-parameter support in the RSA KEYMGMT implementation

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11710)

PROV: Adapt all our providers to use the new PROV_CTX structure

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11803)

Fix some misunderstandings in our providers' main modules

This started with adding forward declarations of all provider side
interface functions, and fixing all compiler errors.

Fix some misunderstandings in our providers' main modules

This started with adding forward declarations of all provider side
interface functions, and fixing all compiler errors.

Furthermore, diminish the faulty assumption that the provider context
is and always will be just a library context. That means adding a
teardown function in all providers that aren't necessarily built into
libcrypto.

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11777)

show more ...

Update copyright year

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11616)

Move legacy ciphers into the legacy provider

DES, idea, seed, rc2, rc4, rc5, cast and blowfish have been moved out of the default provider.
Code shared between desx and tdes has been mov

Move legacy ciphers into the legacy provider

DES, idea, seed, rc2, rc4, rc5, cast and blowfish have been moved out of the default provider.
Code shared between desx and tdes has been moved into a seperate file (cipher_tdes_common.c).
3 test recipes failed due to using app/openssl calls that used legacy ciphers.
These calls have been updated to supply both the default and legacy providers.
Fixed openssl app '-provider' memory leak

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11419)

show more ...

Implement serializers for ED25519 and ED448

This is largely based on the existing X25519 and X448 serializers - but
a few adjustments were necessary so that we can identify what type of

Implement serializers for ED25519 and ED448

This is largely based on the existing X25519 and X448 serializers - but
a few adjustments were necessary so that we can identify what type of key
we are using. Previously we used the keylen for this but X25519 and
ED25519 have the same keylen.

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11272)

show more ...

Add ECDSA to providers

Added ECDSA support for OSSL_SIGNATURE_PARAM_ALGORITHM_ID

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/opens

Add ECDSA to providers

Added ECDSA support for OSSL_SIGNATURE_PARAM_ALGORITHM_ID

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10968)

show more ...

Implement provider support for Ed25519 annd Ed448

At the moment we only provider support for these algorithms in the default
provider. These algorithms only support "one shot" EVP_Digest

Implement provider support for Ed25519 annd Ed448

At the moment we only provider support for these algorithms in the default
provider. These algorithms only support "one shot" EVP_DigestSign() and
EVP_DigestVerify() as per the existing libcrypto versions.

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11261)

show more ...

Add Key Management support for EdDSA keys

Support added for Ed25519 and Ed448

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl

Add Key Management support for EdDSA keys

Support added for Ed25519 and Ed448

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11261)

show more ...

Add Serializers for EC

Provide EC serializers for text, pem and der.

EC parameters use ANS1 'CHOICE' - which means they are more embedded than other parameters used by
other KEY

Add Serializers for EC

Provide EC serializers for text, pem and der.

EC parameters use ANS1 'CHOICE' - which means they are more embedded than other parameters used by
other KEY types (which normally have a SEQUENCE at the top level).
For this reason the ANS1_STRING type that was being passed around has been changed to a void so that the
code can still be shared with EC.

The EC serializer only supports named curves currently.

NOTE the serializer code assumes PKCS8 format - if the older encode methods are needed they will need to be
added in another PR. (Probably when deserialization is considered).

EVP_PKEY_key_fromdata_init was changed from using a keypair selection to all bits of a key. A side effect of this was
that the very restrictive checks in the ecx code needed to be relaxed as it was assuming all selection flags were non
optional. As this is not the case for any other key the code has been modified.

Fixed a bug in legacy_ctrl_str_to_params() - "ecdh_cofactor_mode" was being incorrectly converted to the wrong keyname.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11107)

show more ...

Implement the ECX Serializers

Provide serializers for X25519 and X448 for text, pem and der. There are
no parameter serializers because there are no parameters for these
algorithms.

Implement the ECX Serializers

Provide serializers for X25519 and X448 for text, pem and der. There are
no parameter serializers because there are no parameters for these
algorithms.

Add some documentation about the various import/export types available
Add additional testing for the serializers

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11095)

show more ...

Fix default provider merge glitch

Property "default" no longer exists, replace "default=yes" with
"provider=default"

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged fr

Fix default provider merge glitch

Property "default" no longer exists, replace "default=yes" with
"provider=default"

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11150)

show more ...

PROV: add RSA signature implementation

This includes legacy PSS controls to params conversion, and an attempt
to generalise the parameter names when they are suitable for more than
o

PROV: add RSA signature implementation

This includes legacy PSS controls to params conversion, and an attempt
to generalise the parameter names when they are suitable for more than
one operation.

Also added crypto/rsa/rsa_aid.c, containing proper AlgorithmIdentifiers
for known RSA+hash function combinations.

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/10557)

show more ...

Introduce the provider property

Replace the properties default, fips and legacy with a single property
called "provider". So, for example, instead of writing "default=yes" to
get alg

Introduce the provider property

Replace the properties default, fips and legacy with a single property
called "provider". So, for example, instead of writing "default=yes" to
get algorithms from the default provider you would instead write
"provider=default". We also have a new "fips" property to indicate that
an algorithm is compatible with FIPS mode. This applies to all the
algorithms in the FIPS provider, as well as any non-cryptographic
algorithms (currently only serializers).

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/11097)

show more ...

[PROV][KMGMT][KEXCH][EC] Implement EC keymgtm and ECDH

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Shane Lontis <shan

[PROV][KMGMT][KEXCH][EC] Implement EC keymgtm and ECDH

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/10631)

show more ...

Add X25519/X448 Key Exchange to the default provider

Reviewed-by: Patrick Steuer <patrick.steuer@de.ibm.com>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://

Add X25519/X448 Key Exchange to the default provider

Reviewed-by: Patrick Steuer <patrick.steuer@de.ibm.com>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/10964)

show more ...

Implement Provider side Key Management for X25519 and X448

Reviewed-by: Patrick Steuer <patrick.steuer@de.ibm.com>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from ht

Implement Provider side Key Management for X25519 and X448

Reviewed-by: Patrick Steuer <patrick.steuer@de.ibm.com>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/10964)

show more ...

Adapt existing SERIALIZER implementations to the redesigned interface

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Pa

Adapt existing SERIALIZER implementations to the redesigned interface

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11006)

show more ...

Implement the NULL cipher in the default provider

Libssl uses the null cipher in certain situations. It should be
converted to a provided cipher.

Reviewed-by: Shane Lontis <shan

Implement the NULL cipher in the default provider

Libssl uses the null cipher in certain situations. It should be
converted to a provided cipher.

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10865)

show more ...

PROV: Adjust the KEYMGMT name specs to include all names

This is very simply to allow the common case, where the KEYMGMT is
fetched first, and all names are needed at that time to secure

PROV: Adjust the KEYMGMT name specs to include all names

This is very simply to allow the common case, where the KEYMGMT is
fetched first, and all names are needed at that time to secure that
they are found.

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/10647)

show more ...

Add the DSA serializers to the default provider tools

The DSA serializers are implemented, but didn't get added to the
default provider's serializer algorithm table.

Fixes #1064

Add the DSA serializers to the default provider tools

The DSA serializers are implemented, but didn't get added to the
default provider's serializer algorithm table.

Fixes #10645

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10772)

show more ...

Add AES_CBC_HMAC_SHA ciphers to providers.

Also Add ability for providers to dynamically exclude cipher algorithms.
Cipher algorithms are only returned from providers if their capable()

Add AES_CBC_HMAC_SHA ciphers to providers.

Also Add ability for providers to dynamically exclude cipher algorithms.
Cipher algorithms are only returned from providers if their capable() method is either NULL,
or the method returns 1.
This is mainly required for ciphers that only have hardware implementations.
If there is no hardware support, then the algorithm needs to be not available.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10146)

show more ...

Fix no-dh

The new serializer code broke no-dh builds so we add some more guards to fix it.

Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.co

Fix no-dh

The new serializer code broke no-dh builds so we add some more guards to fix it.

Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/10644)

show more ...

PROV SERIALIZER: add support for writing DH keys and parameters

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10394)

PROV SERIALIZER: add support for writing RSA keys

This also adds the missing accessor RSA_get0_pss_params(), so those
parameters can be included in the PKCS#8 data structure without

PROV SERIALIZER: add support for writing RSA keys

This also adds the missing accessor RSA_get0_pss_params(), so those
parameters can be included in the PKCS#8 data structure without
needing to know the inside of the RSA structure.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10394)

show more ...