mirrors/openssl
0
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2025-01-10 03:54:08 +08:00
Code Issues Packages Projects Releases Wiki Activity
0abae1636d
openssl/crypto/evp
History
Richard Levitte acb90ba8ff EVP: Downgrade keys rather than upgrade 
Upgrading EVP_PKEYs from containing legacy keys to containing provider
side keys proved to be risky, with a number of unpleasant corner
cases, and with functions like EVP_PKEY_get0_DSA() failing
unexpectedly.

We therefore change course, and instead of upgrading legacy internal
keys to provider side internal keys, we downgrade provider side
internal keys to legacy ones.  To be able to do this, we add
|import_from| and make it a callback function designed for
evp_keymgmt_export().

This means that evp_pkey_upgrade_to_provider() is replaced with
evp_pkey_downgrade().

EVP_PKEY_copy_parameters() is the most deeply affected function of
this change.

Fixes #11366

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11375)
2020-03-25 17:01:10 +01:00
..
bio_b64.c Remove unneeded switch statement to fix warning 2020-02-20 18:53:50 +10:00
bio_enc.c Remove unneeded switch statement to fix warning 2020-02-20 18:53:50 +10:00
bio_md.c Remove unneeded switch statement to fix warning 2020-02-20 18:53:50 +10:00
bio_ok.c Remove unneeded switch statement to fix warning 2020-02-20 18:53:50 +10:00
build.info Adapt all build.info and test recipes to the new $disabled{'deprecated-x.y'} 2020-02-07 14:54:36 +01:00
c_allc.c Reorganize private crypto header files 2019-09-28 20:26:34 +02:00
c_alld.c Restore MD5-SHA1 in legacy method database 2019-10-14 16:07:41 +02:00
cmeth_lib.c Reorganize local header files 2019-09-28 20:26:35 +02:00
digest.c Handle the case where there is no digest in an EVP_MD_CTX 2020-03-19 11:39:39 +00:00
e_aes_cbc_hmac_sha1.c Deprecate the low level AES functions 2020-01-06 15:09:57 +00:00
e_aes_cbc_hmac_sha256.c Deprecate the low level AES functions 2020-01-06 15:09:57 +00:00
e_aes.c Deprecate the low level AES functions 2020-01-06 15:09:57 +00:00
e_aria.c Allow specifying the tag after AAD in CCM mode (2) 2019-11-20 10:40:55 +01:00
e_bf.c Deprecate Low Level Blowfish APIs 2020-01-08 11:25:25 +00:00
e_camellia.c Deprecate Low Level Camellia APIs 2020-01-13 13:38:20 +00:00
e_cast.c Deprecate the Low Level CAST APIs 2020-01-13 13:44:27 +00:00
e_chacha20_poly1305.c Reorganize local header files 2019-09-28 20:26:35 +02:00
e_des3.c Deprecate the low level DES functions. 2020-01-25 09:30:59 +10:00
e_des.c Deprecate the low level DES functions. 2020-01-25 09:30:59 +10:00
e_idea.c Deprecate the low level IDEA functions. 2020-01-19 10:38:49 +10:00
e_null.c Reorganize private crypto header files 2019-09-28 20:26:34 +02:00
e_old.c Update source files for pre-3.0 deprecation 2019-11-07 11:37:25 +01:00
e_rc2.c Deprecate the low level RC2 functions 2020-01-16 07:07:27 +10:00
e_rc4_hmac_md5.c Deprecate the low level MD5 functions. 2020-01-19 10:14:39 +10:00
e_rc4.c Deprecate the low level RC4 functions 2020-01-16 07:07:27 +10:00
e_rc5.c Deprecate the low level RC5 functions 2020-01-16 07:07:27 +10:00
e_seed.c Deprecate the low level SEED functions 2020-01-16 07:06:14 +10:00
e_sm4.c Reorganize private crypto header files 2019-09-28 20:26:34 +02:00
e_xcbc_d.c Deprecate the low level DES functions. 2020-01-25 09:30:59 +10:00
encode.c Reorganize local header files 2019-09-28 20:26:35 +02:00
evp_cnf.c EVP configuration section: add 'default_properties' command 2019-04-05 15:43:37 +02:00
evp_enc.c Implement the NULL cipher in the default provider 2020-01-20 15:28:39 +00:00
evp_err.c EVP: Downgrade keys rather than upgrade 2020-03-25 17:01:10 +01:00
evp_fetch.c Refactor evp_pkey_make_provided() to do legacy to provider export 2020-02-22 01:19:54 +01:00
evp_key.c crypto/evp/evp_key.c: #define BUFSIZ if <stdio.h> doesn't #define it 2019-05-27 08:01:50 +10:00
evp_lib.c Modify EVP_CIPHER_is_a() and EVP_MD_is_a() to handle legacy methods too 2020-01-17 08:59:41 +01:00
evp_local.h CORE: Add the key object generator libcrypto<->provider interface 2020-03-12 10:43:58 +01:00
evp_pbe.c Explicitly test against NULL; do not use !p or similar 2019-10-09 21:32:15 +02:00
evp_pkey.c Reorganize private crypto header files 2019-09-28 20:26:34 +02:00
evp_utils.c Reorganize local header files 2019-09-28 20:26:35 +02:00
exchange.c EVP: fetch the EVP_KEYMGMT earlier 2020-03-21 09:28:11 +01:00
kdf_lib.c Modify EVP_CIPHER_is_a() and EVP_MD_is_a() to handle legacy methods too 2020-01-17 08:59:41 +01:00
kdf_meth.c Final cleanup after move to leaner EVP_PKEY methods 2019-11-10 05:00:28 +01:00
keymgmt_lib.c EVP: Add EVP_PKEY_set_type_by_keymgmt() and use it 2020-03-25 17:01:10 +01:00
keymgmt_meth.c CORE: Add the key object generator libcrypto<->provider interface 2020-03-12 10:43:58 +01:00
legacy_blake2.c Cleanup legacy digest methods. 2019-12-18 14:46:01 +10:00
legacy_md2.c Deprecate the low level MD2 functions. 2020-01-12 12:02:17 +10:00
legacy_md4.c Deprecate the low level MD4 functions. 2020-01-12 12:02:17 +10:00
legacy_md5_sha1.c Deprecate the low level MD5 functions. 2020-01-19 10:14:39 +10:00
legacy_md5.c Deprecate the low level MD5 functions. 2020-01-19 10:14:39 +10:00
legacy_mdc2.c Deprecate the low level MDC2 functions. 2020-01-12 12:02:17 +10:00
legacy_meth.h Cleanup legacy digest methods. 2019-12-18 14:46:01 +10:00
legacy_ripemd.c Deprecate the low level RIPEMD160 functions. 2020-01-12 12:00:31 +10:00
legacy_sha.c Deprecate the low level SHA functions. 2020-01-19 10:14:39 +10:00
legacy_wp.c Deprecate the low level Whirlpool functions. 2020-01-12 12:05:04 +10:00
m_null.c Reorganize private crypto header files 2019-09-28 20:26:34 +02:00
m_sigver.c Handle mdname in legacy EVP_DigestSignInit_ex codepaths 2020-03-23 11:09:49 +00:00
mac_lib.c Modify EVP_CIPHER_is_a() and EVP_MD_is_a() to handle legacy methods too 2020-01-17 08:59:41 +01:00
mac_meth.c Final cleanup after move to leaner EVP_PKEY methods 2019-11-10 05:00:28 +01:00
names.c Ensure EVP_get_digestbyname() and EVP_get_cipherbyname() know all aliases 2019-11-06 10:11:31 +00:00
p5_crpt2.c Params: change UTF8 construct calls to avoid explicit strlen(3) calls. 2020-02-06 16:22:00 +10:00
p5_crpt.c Avoid leak in error path of PKCS5_PBE_keyivgen 2020-01-22 18:29:39 +01:00
p_dec.c Deprecate the low level RSA functions. 2020-02-20 18:58:40 +10:00
p_enc.c Deprecate the low level RSA functions. 2020-02-20 18:58:40 +10:00
p_lib.c EVP: Downgrade keys rather than upgrade 2020-03-25 17:01:10 +01:00
p_open.c EVP: Adapt EVP_PKEY Seal and Open for provider keys 2020-01-25 13:16:09 +01:00
p_seal.c EVP: Adapt EVP_PKEY Seal and Open for provider keys 2020-01-25 13:16:09 +01:00
p_sign.c Reorganize private crypto header files 2019-09-28 20:26:34 +02:00
p_verify.c Reorganize private crypto header files 2019-09-28 20:26:34 +02:00
pbe_scrypt.c Usages of KDFs converted to use the name macros 2019-09-11 10:22:49 +10:00
pkey_kdf.c Params: add argument to the _from_text calls to indicate if the param exists. 2020-02-21 13:04:25 +01:00
pkey_mac.c Fix EVP_PKEY_new_mac_key() 2020-03-25 10:56:35 +00:00
pmeth_check.c EVP: Clarify the states of an EVP_PKEY 2020-03-25 17:00:39 +01:00
pmeth_fn.c EVP: Check that key methods aren't foreign when exporting 2020-03-09 10:54:01 +01:00
pmeth_gn.c EVP: Downgrade keys rather than upgrade 2020-03-25 17:01:10 +01:00
pmeth_lib.c EVP: Clarify the states of an EVP_PKEY 2020-03-25 17:00:39 +01:00
signature.c EVP: fetch the EVP_KEYMGMT earlier 2020-03-21 09:28:11 +01:00