- 17 4月, 2020 4 次提交
-
-
由 Matt Caswell 提交于
Previously import_to just took an EVP_PKEY as the argument. However we need to some additional context data as well - specifically the libctx. Therefore we pass an EVP_PKEY_CTX instead to hold the combination of both of these things. Reviewed-by: NTomas Mraz <tmraz@fedoraproject.org> Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11536)
-
由 Pauli 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11371)
-
由 Pauli 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11371)
-
由 Pauli 提交于
Specifically for x25519, x448, ed25519 and ed448. Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11371)
-
- 15 4月, 2020 1 次提交
-
-
由 Matt Caswell 提交于
The Ed448 private key deconding needs to use a library ctx. So we implement a priv_decode_with_libctx function for it. Reviewed-by: NShane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/11494)
-
- 09 4月, 2020 2 次提交
-
-
由 Matt Caswell 提交于
Ed25519 needs to fetch a digest and so needs to use the correct libctx. Reviewed-by: NTomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/11496)
-
由 Matt Caswell 提交于
The EC export_to function calls EC_POINT_point2buf that can later generate a random number in some circumstances. Therefore we pass in a BN_CTX associated with the library context. This means we have to change the export_to function signature to accept the library context. Reviewed-by: NTomas Mraz <tmraz@fedoraproject.org> Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11493)
-
- 28 3月, 2020 2 次提交
-
-
由 Pauli 提交于
Since this is public, it is best to make the underlying structure opaque. This means converting from stack allocation to dynamic allocation for all usages. Reviewed-by: NNicola Tuveri <nic.tuv@gmail.com> (Merged from https://github.com/openssl/openssl/pull/11390)
-
由 Pauli 提交于
The catalyst for this is the difficult of passing BNs through the other OSSL_PARAM APIs. Reviewed-by: NNicola Tuveri <nic.tuv@gmail.com> (Merged from https://github.com/openssl/openssl/pull/11390)
-
- 26 3月, 2020 1 次提交
-
-
由 Richard Levitte 提交于
Downgrading EVP_PKEYs from containing provider side internal keys to containing legacy keys demands support in the EVP_PKEY_ASN1_METHOD. This became a bit elaborate because the code would be almost exactly the same as the import functions int EVP_KEYMGMT. Therefore, we end up moving most of the code to common backend support files that can be used both by legacy backend code and by our providers. Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11375)
-
- 23 3月, 2020 1 次提交
-
-
由 Richard Levitte 提交于
The export-to-provider functions for DH, DSA and EC_KEY assumed that a public key is always present, and would fail if not. This blocks any attempt to export a key structure with only domain parameters. While fixing this, we also modify the selection declaration to evp_keymgmt_import() to be more adaptive, the diverse selection bits are now added when the corresponding data is added to the OSSL_PARAM array. Reviewed-by: NShane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/11374)
-
- 18 3月, 2020 1 次提交
-
-
由 Matt Caswell 提交于
This is largely based on the existing X25519 and X448 serializers - but a few adjustments were necessary so that we can identify what type of key we are using. Previously we used the keylen for this but X25519 and ED25519 have the same keylen. Reviewed-by: NShane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/11272)
-
- 09 3月, 2020 1 次提交
-
-
由 Matt Caswell 提交于
At the moment we only provider support for these algorithms in the default provider. These algorithms only support "one shot" EVP_DigestSign() and EVP_DigestVerify() as per the existing libcrypto versions. Reviewed-by: NShane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/11261)
-
- 12 2月, 2020 3 次提交
-
-
由 Matt Caswell 提交于
Reviewed-by: NPatrick Steuer <patrick.steuer@de.ibm.com> Reviewed-by: NShane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/10964)
-
由 Matt Caswell 提交于
Reviewed-by: NPatrick Steuer <patrick.steuer@de.ibm.com> Reviewed-by: NShane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/10964)
-
由 Matt Caswell 提交于
Add ref counting and control how we allocate storage for the private key. We will need this type in following commits where we move the ecx code to be provider aware. Reviewed-by: NPatrick Steuer <patrick.steuer@de.ibm.com> Reviewed-by: NShane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/10964)
-
- 04 2月, 2020 1 次提交
-
-
由 Pauli 提交于
Use of the low level ECDSA and EC_KEY_METHOD functions has been informally discouraged for a long time. We now formally deprecate them. Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10960)
-
- 19 1月, 2020 1 次提交
-
-
由 Pauli 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10791)
-
- 05 11月, 2019 2 次提交
-
-
由 Patrick Steuer 提交于
...in constant time. Signed-off-by: NPatrick Steuer <patrick.steuer@de.ibm.com> Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10339)
-
由 Patrick Steuer 提交于
The s390x x448 implementation does not correctly reduce non-canonical values i.e., u-coordinates >= p = 2^448 - 2^224 - 1. Signed-off-by: NPatrick Steuer <patrick.steuer@de.ibm.com> Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10339)
-
- 29 9月, 2019 2 次提交
-
-
由 Dr. Matthias St. Pierre 提交于
Apart from public and internal header files, there is a third type called local header files, which are located next to source files in the source directory. Currently, they have different suffixes like '*_lcl.h', '*_local.h', or '*_int.h' This commit changes the different suffixes to '*_local.h' uniformly. Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/9333)
-
由 Dr. Matthias St. Pierre 提交于
Currently, there are two different directories which contain internal header files of libcrypto which are meant to be shared internally: While header files in 'include/internal' are intended to be shared between libcrypto and libssl, the files in 'crypto/include/internal' are intended to be shared inside libcrypto only. To make things complicated, the include search path is set up in such a way that the directive #include "internal/file.h" could refer to a file in either of these two directoroes. This makes it necessary in some cases to add a '_int.h' suffix to some files to resolve this ambiguity: #include "internal/file.h" # located in 'include/internal' #include "internal/file_int.h" # located in 'crypto/include/internal' This commit moves the private crypto headers from 'crypto/include/internal' to 'include/crypto' As a result, the include directives become unambiguous #include "internal/file.h" # located in 'include/internal' #include "crypto/file.h" # located in 'include/crypto' hence the superfluous '_int.h' suffixes can be stripped. The files 'store_int.h' and 'store.h' need to be treated specially; they are joined into a single file. Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/9333)
-
- 25 9月, 2019 1 次提交
-
-
由 Patrick Steuer 提交于
using PCC and KDSA instructions. Signed-off-by: NPatrick Steuer <patrick.steuer@de.ibm.com> Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10004)
-
- 16 9月, 2019 1 次提交
-
-
由 ManishPatidar1 提交于
Reviewed-by: NDmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/9830)
-
- 06 8月, 2019 1 次提交
-
-
由 Matt Caswell 提交于
Reviewed-by: NNicola Tuveri <nic.tuv@gmail.com> (Merged from https://github.com/openssl/openssl/pull/9380)
-
- 02 7月, 2019 1 次提交
-
-
由 Antoine Cœur 提交于
CLA: trivial Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NMatthias St. Pierre <Matthias.St.Pierre@ncp-e.com> (Merged from https://github.com/openssl/openssl/pull/9288)
-
- 26 2月, 2019 1 次提交
-
-
由 Richard Levitte 提交于
The real cause for this change is that test/ec_internal_test.c includes ec_lcl.h, and including curve448/curve448_lcl.h from there doesn't work so well with compilers who always do inclusions relative to the C file being compiled. Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8334) (cherry picked from commit f408e2a3)
-
- 06 12月, 2018 1 次提交
-
-
由 Richard Levitte 提交于
[skip ci] Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7791)
-
- 22 8月, 2018 1 次提交
-
-
由 Matt Caswell 提交于
Previously you had to supply "null" as the digest to use EdDSA. This changes things so that any digest is ignored. Reviewed-by: NViktor Dukhovni <viktor@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6901)
-
- 08 6月, 2018 1 次提交
-
-
由 Matt Caswell 提交于
Only applies to algorithms that support it. Both raw private and public keys can be obtained for X25519, Ed25519, X448, Ed448. Raw private keys only can be obtained for HMAC, Poly1305 and SipHash Fixes #6259 Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NTim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6394)
-
- 25 5月, 2018 1 次提交
-
-
由 Matt Caswell 提交于
This reverts commit a6f5b116. The EVP_PKEY_sign() function is intended for pre-hashed input which is not supported by our EdDSA implementation. See the discussion in PR 5880 Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6284)
-
- 18 5月, 2018 1 次提交
-
-
由 Matt Caswell 提交于
Using the ca application to sign certificates with EdDSA failed because it is not possible to set the digest to "null". This adds the capability and updates the documentation accordingly. Fixes #6201 Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6286)
-
- 06 4月, 2018 1 次提交
-
-
由 Matt Caswell 提交于
Adding support for these operations for the EdDSA implementations makes pkeyutl usable for signing/verifying for these algorithms. Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5880)
-
- 20 3月, 2018 1 次提交
-
-
由 Matt Caswell 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5689)
-
- 15 3月, 2018 1 次提交
-
-
由 Matt Caswell 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5520)
-
- 02 3月, 2018 1 次提交
-
-
由 Matt Caswell 提交于
This adds all of the relevant EVP plumbing required to make X448 and Ed448 work. Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NKurt Roeckx <kurt@roeckx.be> (Merged from https://github.com/openssl/openssl/pull/5481)
-
- 30 7月, 2017 1 次提交
-
-
由 Bernd Edlinger 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4044)
-
- 21 6月, 2017 1 次提交
-
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3585)
-
- 31 5月, 2017 2 次提交
-
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3503)
-
由 Dr. Stephen Henson 提交于
Since ED25519 doesn't have an associated digest it needs custom sign/verify routines to handle ASN.1 signatures. Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3503)
-