A mirror of https://github.com/libressl/openbsd.git https://git.lua4.win/openbsd/atom?h=OPENBSD_7_7 2025-01-25T17:59:44+00:00 2025-01-25T17:59:44+00:00 tb 2025-01-25T17:59:44+00:00 urn:sha1:5d52abc236226c5a47c36b07e2256e77141e373a discussed with jsing 2025-01-17T15:39:19+00:00 tb 2025-01-17T15:39:19+00:00 urn:sha1:13bb4d5ac808eefe3abb437533ddc959dfeeceee ok jsing 2025-01-17T08:50:07+00:00 tb 2025-01-17T08:50:07+00:00 urn:sha1:c7b7f02c70ae7b0b2ff0afb7ffca3587c3a5e4ea The atoi() would also accept the magic negative values and old openssl releases would expose these as arguments to -pkeyopt rsa_pss_saltlen:-1 in the openssl pkeyutl "app". While modern openssl switched to having readable alternatives to these, the oseid component of opensc would use the old syntax until yesterday. Still, this is our bug and we need to keep accepting the magic values as such, so do so. Everything below -3 will be rejected by the RSA_ctrl() handler later. Debugged by Doug Engert in https://github.com/OpenSC/OpenSC/issues/3317 ok jsing op 2025-01-05T15:39:12+00:00 tb 2025-01-05T15:39:12+00:00 urn:sha1:5c33a5ef4d95e91c63b215ad65de78c9bc54ff85 You can set custom sign and verify handlers on an RSA method (wihch is used to create RSA private and public key handles). However, even if you set them explicitly with RSA_meth_set_{sign,verify}(3), these handlers aren't used for the sake of "backward compatibility" (with what?). In order to use them, you need to opt your objects into using the custom methods you set by setting the RSA_FLAG_SIGN_VER flag. OpenSSL 1.1 dropped this requirement and therefore nobody sets this flag anyore. Like most of the mechanically added accessors, almost nothing uses them, but, as found by kn, the yubco-piv-tool does. This resulted in a public key being passed to rsa_private_encrypt(), which of course doesn't end well. So follow OpenSSL 1.1 and drop this muppetry. This makes kn's problem with yubico-piv-tool go away. ok jsing kn 2024-11-29T07:42:35+00:00 tb 2024-11-29T07:42:35+00:00 urn:sha1:916f80d01875d84154d09cf15bfc3c885c8c0b05 the weird thing it was supposed to be doing couldn't possibly work. ok jsing 2024-11-02T07:11:14+00:00 tb 2024-11-02T07:11:14+00:00 urn:sha1:c975c9b456e57c5865f4d9b623bf47a82decf566 2024-11-01T18:34:06+00:00 tb 2024-11-01T18:34:06+00:00 urn:sha1:f9a68fe280d96dbf02f5338a1e3437222592c77b Clean up the other includes while there. 2024-08-29T16:58:19+00:00 tb 2024-08-29T16:58:19+00:00 urn:sha1:c8099c070f0c547b73edced83591dbd871254307 This disables the EVP_PKEY_*check() API and makes it fail (more precisely indicate lack of support) on all key types. This is an intermediate step to full removal. Removal is ok beck jsing 2024-08-28T07:15:04+00:00 tb 2024-08-28T07:15:04+00:00 urn:sha1:f822543d6a7043acc1d14a3e0b44eddc1051b097 This is a slightly strange combination of OBJ_find_sigid_algs() and the security level API necessary because OBJ_find_sigid_algs() on its own isn't smart enough for the special needs of RSA-PSS and EdDSA. The API extracts the hash's NID and the pubkey's NID from the certificate's signatureAlgorithm and invokes special handlers for RSA-PSS and EdDSA for retrieving the corresponding information. This isn't entirely free for RSA-PSS, but for now we don't cache this information. The security bits calculation is a bit hand-wavy, but that's something that comes along with this sort of numerology. ok jsing 2024-08-26T22:01:28+00:00 op 2024-08-26T22:01:28+00:00 urn:sha1:07d3f305ea24da68aec66c7e4be39317f6ea7dae