projects / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 28833f1) | patch
Add KEM (Key encapsulation mechanism) support to providers
authorShane Lontis <shane.lontis@oracle.com>
Sat, 19 Sep 2020 08:08:46 +0000 (18:08 +1000)
committerShane Lontis <shane.lontis@oracle.com>
Sat, 19 Sep 2020 08:08:46 +0000 (18:08 +1000)
commit80f4fd18f72c0d3faae864da6979b83acc4f89a2
tree0882ccf31406c4f9948674913f51e3c46efff64dtree | snapshot
parent28833f1465a2dd197f8df80a69095d1913e6e85ecommit | diff
Add KEM (Key encapsulation mechanism) support to providers

SP800-56Br2 requires support for the RSA primitives for RSASVE generate and recover.
As these are simple KEM operations another operation type has been added that can support future extensions.

Added public functions EVP_PKEY_encapsulate_init(), EVP_PKEY_encapsulate(), EVP_PKEY_decapsulate_init() and EVP_PKEY_decapsulate()
Added EVP_KEM_* functions.
Added OSSL_FUNC_kem_* dispatch functions

Added EVP_PKEY_CTX_set_kem_op() so that different types of KEM can be added in the future. This value must currently be set to
"RSASVE" after EVP_PKEY_encapsulate_init() & EVP_PKEY_decapsulate_init() as there is no default value.
This allows the existing RSA key types, keymanagers, and encoders to be used with the encapsulation operations.

The design of the public API's resulted from contributions from @romen & @levitte.

Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12750)
27 files changed:
crypto/evp/build.info diff | blob | history
crypto/evp/evp_local.h diff | blob | history
crypto/evp/kem.c [new file with mode: 0644] blob
crypto/evp/pmeth_lib.c diff | blob | history
doc/man3/EVP_KEM_free.pod [new file with mode: 0644] blob
doc/man3/EVP_PKEY_CTX_ctrl.pod diff | blob | history
doc/man3/EVP_PKEY_decapsulate.pod [new file with mode: 0644] blob
doc/man3/EVP_PKEY_encapsulate.pod [new file with mode: 0644] blob
doc/man7/EVP_KEM-RSA.pod [new file with mode: 0644] blob
doc/man7/OSSL_PROVIDER-FIPS.pod diff | blob | history
doc/man7/OSSL_PROVIDER-default.pod diff | blob | history
doc/man7/provider-kem.pod [new file with mode: 0644] blob
doc/man7/provider.pod diff | blob | history
include/crypto/evp.h diff | blob | history
include/openssl/core_dispatch.h diff | blob | history
include/openssl/core_names.h diff | blob | history
include/openssl/evp.h diff | blob | history
include/openssl/types.h diff | blob | history
providers/defltprov.c diff | blob | history
providers/fips/fipsprov.c diff | blob | history
providers/implementations/build.info diff | blob | history
providers/implementations/include/prov/implementations.h diff | blob | history
providers/implementations/kem/build.info [new file with mode: 0644] blob
providers/implementations/kem/rsa_kem.c [new file with mode: 0644] blob
providers/implementations/keymgmt/rsa_kmgmt.c diff | blob | history
test/evp_libctx_test.c diff | blob | history
util/libcrypto.num diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.