* Explicitly set outl for zero inl
* Return null check to internal function
* Restore null checks for internal block ciphers and correct SAL annotations
* Support larger/smaller buffers for key exchange
* Return sufficient buffer size for ECDSA size
* Fix returns for ECDH size request and bump version
* Expose EC X and Y as parameters
* Make AES-CFB compatible with OpenSSL stream cipher calling pattern
* Cleanup
* PR comments, address in == out case
* Comment
* KeysInUse logging thread
* KeysInUse behavior control
* Keysinuse logging
* Connect keysinuse to provider init
* ECDSA keysinuse
* RSA keysinuse
* Properly free and upref keysinuse info
* Bugfixe found in first testing
* Allow KB, MB, GB suffixes for file size
* Associate keysinuse info with key data instead of operation context.
* Cleanup keysinuse file and update keysinuse error logging
* Properly support restricted PSS keys
* Fix printing all events on exit
* Enable keysinuse from environment
* Update example config
* Cleanup rebase
* Rebase cleanup and safer lock handling
* First round PR comments
* Put KeysInUseInfo in keyctx behind lock. Reset on new key material
* Second round PR comments
* Separate teardown function
* Initialize i
* PR comments
* PR comments and cleanup merge conflicts
* Move initialization after copying functions
* Support OSSL_PKEY_PARAM_EC_POINT_CONVERSION_FORMAT
* Initialize parameters in p_scossl_aes_copy_mac
* Fix remaining test failures due to RSA provider implementation
* Fix remaining test errors due to provider ECC
* Check HMAC md by name if type isn't available.
* Check paramters in provider KDF
* Use default GCM IV length until set in provider
* Only set DH gen group if a new group is passed by the caller
* Support variable length GCM IV in engine
* Re-remove XTS key set error tests for engine
* Remove fetched alloc functions
* Fix memory leaks
* PR comments
* Return correct ctx in kmac_dupctx
* Correct error check in dh export
* Support RSA algorithm ID parameter
* Support OSSL_PKEY_PARAM_EC_ENCODING parameter
* Support algorithm ID in ECDSA
* Track DH group independant of key
* Add libcrypto as link target for provider
* DH fixes for SSL layer
* Support TLS mode for AES block ciphers and styling
* PR comments
* Fix errors in SslPlay
* Add EVP test recipes
* Update permissions
* Update test cases
* Update test recipes
* Fix 1.1.1 engine errors in testing
* Move 3.0.2 test files
* Fix tests
* Fix errors found in test
* Split RSA tests
* Outstanding test fixes
* Rely on patched evp_test for 3.0 engine rather than expect errors
* Rename 3.0 test folder
* Update test readme
* Nit: spacing
* IV null check in correct function
* Update version and name to match expected
* Add named curve only test for Azure Linux
* PR comments
* Stub DH functions in provider
* Provider DH key mgmt
* DH provider
* Full DH support
* Fix warnings
* Require only private or public key for key import
* Cleanup
* Engine use common implementation for DH
* Engine fixes
* Better error checking in provider
* PR comments
* PR comments
* Copy correct group into dupctx
* RSA keygen
* Remove dependency on BN
* Kery match and import export stubs
* Key import/export
* Use BN for RSA parameters
* Add libctx to provider base context
* Common RSA signature implementation
* RSA PKCS1 signatures
* Move all RSA code under one folder
* PSS sign/verify
* Full RSA support, needs cleanup
* Refactor engine asym ciphers to common implementation
* Refactor engine sign/verify to common implementation
* Refactor engine PSS to common implementation
* Refactor switch statement in pkcs1 sign/verify
* First pass cleanup
* First pass cleanup on provider code
* Fix 1_1_1 engine build
* Clean up nits
* Cleanup and refactor key export to common code
* Minor fix to engine build
* Correct RSA keymgmt function names
* Add static modifiers to keymgmt functions
* Fix parameter types for keymgmt query operations
* Address comments. Don't use aligned alloc for provider structs
* Address PR comments
* Fix RSA pss cases
* Update parameter styling
* Handle RSA sign/verify with no digest
* Remove support for RSA sign/verify without digest
* Cleanup and address comments
* Ensure that SymCrypt structures have sufficient alignment
+ Previously SCOSSL would rely on allocations made by libcrypto being at
least 16-byte aligned for 64-bit platforms. This was normally true, but
in some environments where the allocator is modified, only 8-byte
alignment was being provided.
* Address comments
+ Make macro variable names unambiguous and scoped
+ Fix provider AES without zero-ing allocation for the ctx
+ Fix typo
* Add compile-time assert to ensure aligned allocations make sense
* Autodetect system-installed symcrypt library
Use pkg-config to find SymCrypt library in the system unless root
directory build were given as a variable. Make it fatal error unless any
of those were provided.
* Make openssl engines path configurable
Do not assume engines-1.1 is always the correct path. Allow simple
override with custom value. Useful for tests with OpenSSL 3.
+ On SCOSSL bind, load all EVP ciphers and then remove the stitched
ciphers that we do not support in SCOSSL. This is a workaround for
callers using EVP_get_cipherbyname.
+ Previously was wrong when RSA keys had a modulus size in bits which is
1 modulo 8. In this case using SCOSSL to sign/verify signatures with
RSA_PSS_SALTLEN_MAX would fail with invalid argument error in SymCrypt
+ Problem is with calculating length of EM as per RFC 3447 section 8.1.1 (step 1) - "Note that the octet length of EM will be one less than k if modBits - 1 is divisible by 8 and equal to k otherwise."
+ Amend SslPlay testcases to test this corner case
+ Add SSH-KDF support to Engine. SSH-KDF implementation is disabled by default and can be enabled by adding -DSCOSSL_SSHKDF=1 argument to CMake. OpenSSL source code is required in the build process.
* Initial implementation
* Add test case for recomputing tag with the same key
Revert to OpenSSL hmac_ctrl_str implementation
* Add comments to the scossl_hmac_ctrl function
+ Avoid crash on invalid RSA-PSS input
+ Avoid double free if Engine is destroyed multiple times
+ Tweak AES-GCM to only Finalize when passed in pointer of NULL
+ Use EC_KEY_set_public_key with an EC_POINT created by SCOSSL, rather
than using EC_KEY_set_public_key_affine_coordinates, which also
performs validation that SymCrypt has already taken care of
* Various tidying to reduce warnings in build
+ Allow libsymcrypt to be found from root of SymCrypt-OpenSSL directory
+ Update README to make compilation instructions a little clearer
+ Add CMake version/description
* Address PR comments
* Implement EVP_CTRL_GCM_IV_GEN / EVP_CTRL_GCM_IV_INV
+ Required for OpenSSH which directly calls EVP_CTRL_GCM_IV_GEN to
increment invocation field in IV
+ Also required to make AES-GCM's IV distinct on a series of calls to
AES-GCM encrypt in TLS context
* Add some documentation about how IV Invocation Field works
+ Fix overlooked piece when entire IV is set by
EVP_CTRL_GCM_SET_IV_FIXED
Maxwell Moyer-McKee
Kevin Jones
Mitch Lindgren
Maxwell Moyer-McKee
Samuel Lee
ironyman
Petr Menšík
Çağdaş Çalık