Commit graph

46 commits

Author SHA1 Message Date
Dr. Stephen Henson
af7d6b936b CMS RSA-OAEP and RSA-PSS support.
Extend RSA ASN1 method to support CMS PSS signatures for both sign
and verify.

For signing the EVP_PKEY_CTX parameters are read and the appropriate
CMS structures set up.

For verification the CMS structures are analysed and the corresponding
parameters in the EVP_PKEY_CTX set.

Also add RSA-OAEP support.

For encrypt the EVP_PKEY_CTX parameters are used.

For decrypt the CMS structure is uses to set the appropriate EVP_PKEY_CTX
parameters.
(cherry picked from commit 0574cadf85)

Also sync error codes with OpenSSL 1.0.1 and add new ones.
2013-10-01 14:01:18 +01:00
Dr. Stephen Henson
a64b8786b5 Update to OAEP support.
Add OAEP ctrls to retrieve MD and label. Return errors if
an attempt is made to set or retrieve OAEP parameters when
padding mode is not OAEP.
(cherry picked from commit 211a14f627)
2013-10-01 14:01:17 +01:00
Dr. Stephen Henson
25f93585a7 Exetended OAEP support.
Extend OAEP support. Generalise the OAEP padding functions to support
arbitrary digests. Extend EVP_PKEY RSA method to handle the new OAEP
padding functions and add ctrls to set the additional parameters.
(cherry picked from commit 271fef0ef3)

Conflicts:

	CHANGES
2013-10-01 14:01:17 +01:00
Dr. Stephen Henson
d6dc5c506a Add control to retrieve signature MD.
(cherry picked from commit 810639536c)
2013-10-01 14:01:17 +01:00
Dr. Stephen Henson
a8cc9f1873 Typo.
(cherry picked from commit 0ded2a0689)
2013-03-31 17:43:42 +01:00
Dr. Stephen Henson
1dded7f7e8 Experimental multi-implementation support for FIPS capable OpenSSL.
When in FIPS mode the approved implementations are used as normal,
when not in FIPS mode the internal unapproved versions are used instead.
This means that the FIPS capable OpenSSL isn't forced to use the
(often lower perfomance) FIPS implementations outside FIPS mode.
2012-05-13 18:40:12 +00:00
Dr. Stephen Henson
0cd7a0325f Additional compatibility fix for MDC2 signature format.
Update RSA EVP_PKEY_METHOD to use the OCTET STRING form of MDC2 signature:
this will make all versions of MDC2 signature equivalent.
2012-02-15 14:14:01 +00:00
Dr. Stephen Henson
9d972207f0 incomplete provisional OAEP CMS decrypt support 2012-01-02 18:16:40 +00:00
Dr. Stephen Henson
2e51a4caa3 Function not used outside FIPS builds. 2011-06-06 11:24:47 +00:00
Dr. Stephen Henson
53dd05d8f6 Redirect RSA keygen, sign, verify to FIPS module. 2011-06-03 13:16:16 +00:00
Dr. Stephen Henson
a5b386205f Backport extended PSS support from HEAD: allow setting of mgf1Hash explicitly.
This is needed to handle FIPS redirection fully.
2011-06-02 18:13:33 +00:00
Dr. Stephen Henson
618265e645 Fix CVE-2010-1633 and CVE-2010-0742. 2010-06-01 13:17:06 +00:00
Dr. Stephen Henson
2e5975285e Update obsolete email address... 2008-11-05 18:39:08 +00:00
Dr. Stephen Henson
156ee88285 Indicate support for digest init ctrl. 2008-05-02 11:24:40 +00:00
Geoff Thorpe
1e26a8baed Fix a variety of warnings generated by some elevated compiler-fascism,
OPENSSL_NO_DEPRECATED, etc. Steve, please double-check the CMS stuff...
2008-03-16 21:05:46 +00:00
Dr. Stephen Henson
4f1aa191b3 Initial support for enveloped data decrypt. Extent runex.pl to cover these
examples. All RFC4134 examples can not be processed.
2008-03-15 23:21:33 +00:00
Dr. Stephen Henson
8931b30d84 And so it begins...
Initial support for CMS.

Add zlib compression BIO.

Add AES key wrap implementation.

Generalize S/MIME MIME code to support CMS and/or PKCS7.
2008-03-12 21:14:28 +00:00
Dr. Stephen Henson
0e1dba934f 1. Changes for s_client.c to make it return non-zero exit code in case
of handshake failure

2. Changes to x509_certificate_type function (crypto/x509/x509type.c) to
make it recognize GOST certificates as EVP_PKT_SIGN|EVP_PKT_EXCH
(required for s3_srvr to accept GOST client certificates).

3. Changes to EVP
	- adding of function EVP_PKEY_CTX_get0_peerkey
	- Make function EVP_PKEY_derive_set_peerkey work for context with
	  ENCRYPT operation, because we use peerkey field in the context to
	  pass non-ephemeral secret key to GOST encrypt operation.
	- added EVP_PKEY_CTRL_SET_IV control command. It is really
	  GOST-specific, but it is used in SSL code, so it has to go
	  in some header file, available during libssl compilation

4. Fix to HMAC to avoid call of OPENSSL_cleanse on undefined data

5. Include des.h if KSSL_DEBUG is defined into some libssl files, to
  make debugging output which depends on constants defined there, work
  and other KSSL_DEBUG output fixes

6. Declaration of real GOST ciphersuites, two authentication methods
   SSL_aGOST94 and SSL_aGOST2001 and one key exchange method SSL_kGOST

7. Implementation  of these methods.

8. Support for sending unsolicited serverhello extension if GOST
  ciphersuite is selected. It is require for interoperability with
  CryptoPro CSP 3.0 and 3.6 and controlled by
  SSL_OP_CRYPTOPRO_TLSEXT_BUG constant.
  This constant is added to SSL_OP_ALL, because it does nothing, if
  non-GOST ciphersuite is selected, and all implementation of GOST
  include compatibility with CryptoPro.

9. Support for CertificateVerify message without length field. It is
   another CryptoPro bug, but support is made unconditional, because it
   does no harm for draft-conforming implementation.

10. In tls1_mac extra copy of stream mac context is no more done.
  When I've written currently commited code I haven't read
  EVP_DigestSignFinal manual carefully enough and haven't noticed that
  it does an internal digest ctx copying.

This implementation was tested against
1. CryptoPro CSP 3.6 client and server
2. Cryptopro CSP 3.0 server
2007-10-26 12:06:36 +00:00
Ben Laurie
777c47acbe Make things static that should be. Declare stuff in headers that should be.
Fix warnings.
2006-08-28 17:01:04 +00:00
Dr. Stephen Henson
786aa98da1 Use correct pointer types for various functions. 2006-07-20 16:56:47 +00:00
Dr. Stephen Henson
b7683e3a5d Allow digests to supply S/MIME micalg values from a ctrl.
Send ctrls to EVP_PKEY_METHOD during signing of PKCS7 structure so
customisation is possible.
2006-07-10 18:36:55 +00:00
Richard Levitte
0cfc80c4c3 rslen is unsigned, so it can never go below 0. 2006-05-28 19:36:29 +00:00
Dr. Stephen Henson
8bdcef40e4 New function to dup EVP_PKEY_CTX. This will be needed to make new signing
functions and EVP_MD_CTX_copy work properly.
2006-05-24 23:49:30 +00:00
Dr. Stephen Henson
eaff5a1412 Use size_t for new crypto size parameters. 2006-05-24 12:33:46 +00:00
Dr. Stephen Henson
7f57b076a6 New functions to get key types without dereferncing EVP_PKEY.
More error checking for RSA pmeth.
2006-05-11 21:33:00 +00:00
Dr. Stephen Henson
399a6f0bd1 Update PKCS#7 enveloped data to new API. 2006-05-08 12:44:25 +00:00
Dr. Stephen Henson
b010b7c434 Use more flexible method of determining output length, by setting &outlen
value of the passed output buffer is NULL.

The old method of using EVP_PKEY_size(pkey) isn't flexible enough to cover all
cases where the output length may depend on the operation or the parameters
associated with it.
2006-04-15 18:50:56 +00:00
Dr. Stephen Henson
09b88a4a55 Update copyright notices on a few files where all original SSLeay code has
been deleted.
2006-04-14 17:36:18 +00:00
Dr. Stephen Henson
d87e615209 Add key derivation support. 2006-04-13 12:56:41 +00:00
Dr. Stephen Henson
c927df3fa1 Initial DSA EVP_PKEY_METHOD. Fixup some error codes. 2006-04-12 10:20:47 +00:00
Dr. Stephen Henson
54d853ebc3 Add support for setting keybits and public exponent value for pkey RSA keygen. 2006-04-11 17:28:37 +00:00
Dr. Stephen Henson
f5cda4cbb1 Initial keygen support. 2006-04-11 13:28:52 +00:00
Dr. Stephen Henson
f9a6348a53 ctrls to set PSS salt length. 2006-04-10 12:55:04 +00:00
Dr. Stephen Henson
a7ffd9d19c Preliminary PSS support. 2006-04-10 12:41:21 +00:00
Dr. Stephen Henson
29db322e8f Beginnings of PSS support. 2006-04-10 11:48:35 +00:00
Dr. Stephen Henson
716630c0eb Change operation values so they can be used as a mask.
Fix rsa_pkey_method.
2006-04-10 11:16:11 +00:00
Dr. Stephen Henson
4f59b6587f Implementation of pkey_rsa_verify. Some constification. 2006-04-10 01:06:17 +00:00
Dr. Stephen Henson
75d44c0452 Store digests as EVP_MD instead of a NID.
Add digest size sanity checks.
2006-04-09 21:24:48 +00:00
Dr. Stephen Henson
a58a636838 Constification. 2006-04-09 20:53:19 +00:00
Dr. Stephen Henson
9fdab72dd7 Bugfix X9.31 padding. 2006-04-09 20:44:00 +00:00
Dr. Stephen Henson
b2a97be7f4 Support for digest signing and X931 in rsa_pkey_meth. 2006-04-09 19:17:25 +00:00
Dr. Stephen Henson
6471c9f478 Add checking to padding ctrl. 2006-04-09 12:53:55 +00:00
Dr. Stephen Henson
4a3dc3c0e3 Add RSA ctrl for padding mode, add ctrl support in pkeyutl. 2006-04-09 12:42:09 +00:00
Dr. Stephen Henson
8cd44e3630 Implement encrypt/decrypt using RSA. 2006-04-08 13:02:04 +00:00
Dr. Stephen Henson
07e970c7e6 Initial functions for RSA EVP_PKEY_METHOD.
Update dependencies.
2006-04-08 00:15:07 +00:00
Dr. Stephen Henson
0b6f3c66cd Initial definitions and a few functions for EVP_PKEY_METHOD: an extension
of the EVP routines to public key algorithms.
2006-04-06 13:02:06 +00:00