openssl - openssl

	Commit message (Collapse)	Author	Age	Files	Lines
*	Remove RSA SSLv23 padding mode	Rich Salz	2021-03-01	1	-1/+1
\| \| \| \| \| \|	Reviewed-by: Kurt Roeckx <kurt@roeckx.be> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14248)
*	Fix missing EOL at the end of the rsa/build.info	Tomas Mraz	2021-02-24	1	-1/+1
\| \| \| \| \| \|	Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14290)
*	bn: Deprecate the X9.31 RSA key generation related functions	Tomas Mraz	2021-01-25	1	-1/+4
\| \| \| \| \| \| \| \| \|	This key generation method is obsolete. Fixes #10111 Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13921)
*	Add ACVP fips module tests	Shane Lontis	2020-06-17	1	-0/+4
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	For FIPS validation purposes - Automated Cryptographic Validation Protocol (ACVP) tests need to be performed. (See https://github.com/usnistgov/ACVP). These tests are very similiar to the old CAVS tests. This PR uses a hardwired subset of these test vectors to perform similiar operations, to show the usage and prove that the API's are able to perform the required operations. It may also help with communication with the lab (i.e- The lab could add a test here to show a unworking use case - which we can then address). The EVP layer performs these tests instead of calling lower level API's as was done in the old FOM. Some of these tests require access to internals that are not normally allowed/required. The config option 'acvp_tests' (enabled by default) has been added so that this access may be removed. The mechanism has been implemented as additional OSSL_PARAM values that can be set and get. A callback mechanism did not seem to add any additional benefit. These params will not be added to the gettables lists. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11572)
*	RSA: Add rsa_schemes.c, to store scheme data and translator functions	Richard Levitte	2020-05-14	1	-1/+1
\| \| \| \| \| \| \| \| \|	The scheme currently added is OAEP-PSSDigestAlgorithms codified. The translator functions translate an EVP_MD into a NID, and a NID into a name, to support the creation and parsing of OSSL_PARAM items. Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/11710)
*	Use build.info, not ifdef for crypto modules	Rich Salz	2020-04-16	1	-1/+5
\| \| \| \| \| \| \| \| \| \| \|	Don't wrap conditionally-compiled files in global ifndef tests. Instead, test if the feature is disabled and, if so, do not compile it. Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11263)
*	PROV: Add DERlib support for RSA	Richard Levitte	2020-04-07	1	-1/+1
\| \| \| \| \| \| \|	This replaces crypto/rsa/rsa_aid.c with new code and generated OIDs Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11450)
*	Add EVP_PKEY_gettable_params support for accessing EVP_PKEY key data fields	Shane Lontis	2020-04-01	1	-1/+2
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	Currently only RSA, EC and ECX are supported (DH and DSA need to be added to the keygen PR's seperately because the fields supported have changed significantly). The API's require the keys to be provider based. Made the keymanagement export and get_params functions share the same code by supplying support functions that work for both a OSSL_PARAM_BLD as well as a OSSL_PARAM[]. This approach means that complex code is not required to build an empty OSSL_PARAM[] with the correct sized fields before then doing a second pass to populate the array. The RSA factor arrays have been changed to use unique key names to simplify the interface needed by the user. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11365)
*	EVP: Implement support for key downgrading in backends	Richard Levitte	2020-03-25	1	-1/+1
\| \| \| \| \| \| \| \| \| \| \| \| \|	Downgrading EVP_PKEYs from containing provider side internal keys to containing legacy keys demands support in the EVP_PKEY_ASN1_METHOD. This became a bit elaborate because the code would be almost exactly the same as the import functions int EVP_KEYMGMT. Therefore, we end up moving most of the code to common backend support files that can be used both by legacy backend code and by our providers. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11375)
*	PROV: add RSA signature implementation	Richard Levitte	2020-02-22	1	-1/+1
\| \| \| \| \| \| \| \| \| \| \| \| \|	This includes legacy PSS controls to params conversion, and an attempt to generalise the parameter names when they are suitable for more than one operation. Also added crypto/rsa/rsa_aid.c, containing proper AlgorithmIdentifiers for known RSA+hash function combinations. Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/10557)
*	Make the RSA ASYM_CIPHER implementation available inside the FIPS module	Matt Caswell	2020-02-13	1	-6/+9
\| \| \| \| \| \| \| \| \|	RSA ASYM_CIPHER was already available within the default provider. We now make it also available from inside the FIPS module. Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/10881)
*	FIPS 186-4 RSA Generation & Validation	Shane Lontis	2019-03-12	1	-1/+2
\| \| \| \| \| \|	Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6652)
*	Support multi-prime RSA (RFC 8017)	Paul Yang	2017-11-21	1	-1/+1
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	* Introduce RSA_generate_multi_prime_key to generate multi-prime RSA private key. As well as the following functions: RSA_get_multi_prime_extra_count RSA_get0_multi_prime_factors RSA_get0_multi_prime_crt_params RSA_set0_multi_prime_params RSA_get_version * Support EVP operations for multi-prime RSA * Support ASN.1 operations for multi-prime RSA * Support multi-prime check in RSA_check_key_ex * Support multi-prime RSA in apps/genrsa and apps/speed * Support multi-prime RSA manipulation functions * Test cases and documentation are added * CHANGES is updated Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from https://github.com/openssl/openssl/pull/4241)
*	Make default_method mostly compile-time	Rich Salz	2017-04-07	1	-1/+1
\| \| \| \| \| \| \| \|	Document thread-safety issues Have RSA_null return NULL (always fails) Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2244)
*	Make the RSA_METHOD structure opaque	Richard Levitte	2016-04-06	1	-1/+1
\| \| \| \| \| \| \| \| \|	Move rsa_meth_st away from public headers. Add RSA_METHOD creator/destructor functions. Add RSA_METHOD accessor/writer functions. Adapt all other source to use the creator, destructor, accessors and writers. Reviewed-by: Matt Caswell <matt@openssl.org>
*	unified build scheme: add build.info files	Richard Levitte	2016-02-01	1	-0/+6
	Now that we have the foundation for the "unified" build scheme in place, we add build.info files. They have been generated from the Makefiles in the same directories. Things that are platform specific will appear in later commits. Reviewed-by: Andy Polyakov <appro@openssl.org>