cossacklabs / themis / 5226459101

5226459101

push

github

web-flow 
OpenSSL 3 support (#996)

* Update API usage to OpenSSL 3 (#989)

These changes are supposed to make Themis more compatible with OpenSSL 3
by dropping usage of deprecated functions and using new slternatives instead.
There are also places where non-deprecated functions were used, but they turned
out to be incompatible with EVP_PKEY* created using newer API. Such places are
affected as well, using `#if` macro to conditionally compile code based on target
OpenSSL version.

Update CMakeLists.txt, add flags
* to control building for OpenSSL 3 using
  WITH_EXPERIMENTAL_OPENSSL_3_SUPPORT
* to disable NIST STS tests

Create copy of `soter_ec_key.c` that contains newer implementation and uses
OpenSSL 3 APIs for key serialization/deserialization routines.
Difference from OpenSSL 1.1 includes:
* Get rid of `EC_KEY*`
* Get rid of `EC_GROUP*`, use string curve identifier instead, extracted
  from `EVP_PKEY*` using `EVP_PKEY_get_utf8_string_param()`
* Get rid of `EC_POINT*`, use `EVP_PKEY_get_octet_string_param()` to
  extract curve public key from `EVP_PKEY*` directly. Deserialize public EC key
  directly from provided buffer using `EVP_PKEY_fromdata()`, this same
  function yields recreated `EVP_PKEY*` in case of success

Also, in a different file:
* Replace `EVP_MD_CTX_md()` with `EVP_MD_CTX_get0_md()`

Update CHANGELOG.md

* Update API usage to OpenSSL 3 (RSA) (#993)

* Move common RSA util functinos to separate file

* Create copy of soter_rsa_key.c for OpenSSL 3

Just a copy for now, OpenSSL 3 specific changes will follow

* Rewrite RSA keys serialization

* Get rid of `RSA*` struct usage and its depracated methods, extract
  bigints directly from `EVP_PKEY*` using EVP_PKEY_get_bn_param()
* Extract following params for public key:
  - OSSL_PKEY_PARAM_RSA_N
  - OSSL_PKEY_PARAM_RSA_E
* And a couple of additional ones for private key:
  - OSSL_PKEY_PARAM_RSA_FACTOR1 (also known as P)
  - OSSL_PKEY_PARAM_RSA_FACTOR2... (continued)

141 of 141 new or added lines in 6 files covered. (100.0%)

5037 of 6051 relevant lines covered (83.24%)

13763.78 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

79.45
/src/themis/secure_session.c


Source Not Available