#
af6d8dd3 |
| 17-Feb-2020 |
Matt Caswell |
Add Key Management support for EdDSA keys Support added for Ed25519 and Ed448 Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl
Add Key Management support for EdDSA keys Support added for Ed25519 and Ed448 Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/11261)
show more ...
|
#
f552d900 |
| 16-Feb-2020 |
Shane Lontis |
Add Serializers for EC Provide EC serializers for text, pem and der. EC parameters use ANS1 'CHOICE' - which means they are more embedded than other parameters used by other KEY
Add Serializers for EC Provide EC serializers for text, pem and der. EC parameters use ANS1 'CHOICE' - which means they are more embedded than other parameters used by other KEY types (which normally have a SEQUENCE at the top level). For this reason the ANS1_STRING type that was being passed around has been changed to a void so that the code can still be shared with EC. The EC serializer only supports named curves currently. NOTE the serializer code assumes PKCS8 format - if the older encode methods are needed they will need to be added in another PR. (Probably when deserialization is considered). EVP_PKEY_key_fromdata_init was changed from using a keypair selection to all bits of a key. A side effect of this was that the very restrictive checks in the ecx code needed to be relaxed as it was assuming all selection flags were non optional. As this is not the case for any other key the code has been modified. Fixed a bug in legacy_ctrl_str_to_params() - "ecdh_cofactor_mode" was being incorrectly converted to the wrong keyname. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11107)
show more ...
|
#
8efc4a9c |
| 27-Feb-2020 |
Matt Caswell |
Implement the ECX Serializers Provide serializers for X25519 and X448 for text, pem and der. There are no parameter serializers because there are no parameters for these algorithms.
Implement the ECX Serializers Provide serializers for X25519 and X448 for text, pem and der. There are no parameter serializers because there are no parameters for these algorithms. Add some documentation about the various import/export types available Add additional testing for the serializers Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/11095)
show more ...
|
Revision tags: OpenSSL_1_0_2u |
|
#
6f4b7663 |
| 01-Dec-2019 |
Richard Levitte |
PROV: add RSA signature implementation This includes legacy PSS controls to params conversion, and an attempt to generalise the parameter names when they are suitable for more than o
PROV: add RSA signature implementation This includes legacy PSS controls to params conversion, and an attempt to generalise the parameter names when they are suitable for more than one operation. Also added crypto/rsa/rsa_aid.c, containing proper AlgorithmIdentifiers for known RSA+hash function combinations. Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/10557)
show more ...
|
#
4fe54d67 |
| 14-Dec-2019 |
Nicola Tuveri |
[PROV][KMGMT][KEXCH][EC] Implement EC keymgtm and ECDH Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Shane Lontis <shan
[PROV][KMGMT][KEXCH][EC] Implement EC keymgtm and ECDH Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/10631)
show more ...
|
#
6f7d2135 |
| 24-Jan-2020 |
Matt Caswell |
Add X25519/X448 Key Exchange to the default provider Reviewed-by: Patrick Steuer <patrick.steuer@de.ibm.com> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://
Add X25519/X448 Key Exchange to the default provider Reviewed-by: Patrick Steuer <patrick.steuer@de.ibm.com> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/10964)
show more ...
|
#
90d3cb57 |
| 27-Jan-2020 |
Matt Caswell |
Implement Provider side Key Management for X25519 and X448 Reviewed-by: Patrick Steuer <patrick.steuer@de.ibm.com> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from ht
Implement Provider side Key Management for X25519 and X448 Reviewed-by: Patrick Steuer <patrick.steuer@de.ibm.com> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/10964)
show more ...
|
#
068489a2 |
| 08-Jan-2020 |
Matt Caswell |
Implement the NULL cipher in the default provider Libssl uses the null cipher in certain situations. It should be converted to a provided cipher. Reviewed-by: Shane Lontis <shan
Implement the NULL cipher in the default provider Libssl uses the null cipher in certain situations. It should be converted to a provided cipher. Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10865)
show more ...
|
#
0d2bfe52 |
| 06-Jan-2020 |
Shane Lontis |
Add AES_CBC_HMAC_SHA ciphers to providers. Also Add ability for providers to dynamically exclude cipher algorithms. Cipher algorithms are only returned from providers if their capable()
Add AES_CBC_HMAC_SHA ciphers to providers. Also Add ability for providers to dynamically exclude cipher algorithms. Cipher algorithms are only returned from providers if their capable() method is either NULL, or the method returns 1. This is mainly required for ciphers that only have hardware implementations. If there is no hardware support, then the algorithm needs to be not available. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10146)
show more ...
|
#
264b789b |
| 18-Nov-2019 |
Richard Levitte |
PROV SERIALIZER: add support for writing DSA keys and parameters Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10394)
|
#
045e51cb |
| 18-Nov-2019 |
Richard Levitte |
PROV SERIALIZER: add support for writing DH keys and parameters Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10394)
|
#
677add38 |
| 18-Nov-2019 |
Richard Levitte |
PROV SERIALIZER: add support for writing RSA keys This also adds the missing accessor RSA_get0_pss_params(), so those parameters can be included in the PKCS#8 data structure without
PROV SERIALIZER: add support for writing RSA keys This also adds the missing accessor RSA_get0_pss_params(), so those parameters can be included in the PKCS#8 data structure without needing to know the inside of the RSA structure. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10394)
show more ...
|
#
89abd1b6 |
| 28-Oct-2019 |
Matt Caswell |
Move RSA Asym cipher code to the default provider Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10152)
|
#
8fece335 |
| 10-Oct-2019 |
Shane Lontis |
Add rc4_hmac_md5 cipher to default provider Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10179)
|
#
eb173822 |
| 08-Nov-2019 |
Shane Lontis |
Add AES SIV ciphers to default provider Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/opens
Add AES SIV ciphers to default provider Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/10120)
show more ...
|
#
33f54da3 |
| 17-Sep-2019 |
Simo Sorce |
Add KRB5KDF from RFC 3961 Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (M
Add KRB5KDF from RFC 3961 Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/9949)
show more ...
|
#
29be6023 |
| 15-Oct-2019 |
Richard Levitte |
New RSA keymgmt implementation to handle import / export of RSA keys Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10190)
|
#
3d5a7578 |
| 16-Oct-2019 |
Shane Lontis |
Add ChaCha related ciphers to default provider Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10081)
|
#
af3e7e1b |
| 04-Oct-2019 |
Richard Levitte |
Cleanup: move providers/common/include/internal/provider_args.h New name is providers/implementations/include/prov/implementations.h All inclusions are adapted accordingly. Revi
Cleanup: move providers/common/include/internal/provider_args.h New name is providers/implementations/include/prov/implementations.h All inclusions are adapted accordingly. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10088)
show more ...
|