Implement pem_read_key directly through OSSL_DECODER by t8m · Pull Request #15045 · openssl/openssl

t8m · 2021-04-27T14:05:24Z

Using OSSL_STORE is too heavy and breaks things.

There were also needed various fixes mainly for missing proper
handling of the SM2 keys in the OSSL_DECODER.

Fixes #14788

Checklist

tests are added or updated

t8m · 2021-04-27T14:06:01Z

This is still WIP because there is missing legacy PEM handling.

t8m · 2021-04-27T14:12:13Z

This is still WIP because there is missing legacy PEM handling.

As reflected in the external GOST engine test failure.

beldmit · 2021-04-27T14:16:06Z

As reflected in the external GOST engine test failure.

Yes :)

test/sslapitest.c

t8m · 2021-04-27T16:42:56Z

Ready for review now.

t8m · 2021-04-27T17:23:22Z

I do not think the non-caching build failure is relevant. This seems to be some intermittent leak in the threads test.

t8m · 2021-05-04T11:33:09Z

Ping for reviews

t8m · 2021-05-07T14:01:19Z

Rebased again, ping again for reviews!

paulidale

One formatting NIT.

paulidale · 2021-05-12T00:12:10Z

crypto/pem/pem_pkey.c

openssl-machine · 2021-05-13T01:00:22Z

This pull request is ready to merge

t8m · 2021-05-13T09:46:30Z

Rebased to resolve the conflict in checksums

t8m · 2021-05-13T10:16:32Z

One more clean rebase to test the FIPS checksums action

Using OSSL_STORE is too heavy and breaks things. There were also needed various fixes mainly for missing proper handling of the SM2 keys in the OSSL_DECODER. Fixes openssl#14788

t8m · 2021-05-13T11:06:33Z

And one more

t8m · 2021-05-13T11:12:10Z

Hooray! The labeling works.

Using OSSL_STORE is too heavy and breaks things. There were also needed various fixes mainly for missing proper handling of the SM2 keys in the OSSL_DECODER. Fixes #14788 Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from #15045)

Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from #15045)

t8m · 2021-05-13T11:31:00Z

Merged to master. Thank you for the review!

Using OSSL_STORE is too heavy and breaks things. There were also needed various fixes mainly for missing proper handling of the SM2 keys in the OSSL_DECODER. Fixes openssl#14788 Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from openssl#15045)

Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from openssl#15045)

t8m added the branch: master Applies to master branch label Apr 27, 2021

levitte reviewed Apr 27, 2021

View reviewed changes

test/sslapitest.c Outdated Show resolved Hide resolved

t8m closed this Apr 27, 2021

t8m reopened this Apr 27, 2021

t8m changed the title ~~WIP: Implement pem_read_key directly through OSSL_DECODER~~ Implement pem_read_key directly through OSSL_DECODER Apr 27, 2021

t8m added the approval: review pending This pull request needs review by a committer label Apr 27, 2021

t8m mentioned this pull request Apr 27, 2021

Extreme number of memory allocation calls #14837

Closed

t8m mentioned this pull request Apr 30, 2021

WIP: Add a stand-alone "timing" program #15088

Closed

t8m force-pushed the pem-read-regression branch from 445124b to b65d69b Compare May 4, 2021 11:32

t8m force-pushed the pem-read-regression branch 2 times, most recently from dc12f9c to 5a1d7eb Compare May 7, 2021 14:00

t8m added this to the 3.0.0 beta1 milestone May 7, 2021

paulidale approved these changes May 12, 2021

View reviewed changes

crypto/pem/pem_pkey.c Outdated

Copy link

Contributor

paulidale May 12, 2021

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

blank line

paulidale added approval: done This pull request has the required number of approvals and removed approval: review pending This pull request needs review by a committer labels May 12, 2021

openssl-machine removed the approval: done This pull request has the required number of approvals label May 13, 2021

openssl-machine added the approval: ready to merge The 24 hour grace period has passed, ready to merge label May 13, 2021

t8m force-pushed the pem-read-regression branch from 5a1d7eb to e9949cb Compare May 13, 2021 09:45

t8m force-pushed the pem-read-regression branch from e9949cb to cff5ff4 Compare May 13, 2021 10:16

Implement pem_read_key directly through OSSL_DECODER

9aaaf7d

Using OSSL_STORE is too heavy and breaks things. There were also needed various fixes mainly for missing proper handling of the SM2 keys in the OSSL_DECODER. Fixes openssl#14788

Fallback to legacy pem decoding if OSSL_DECODER fails

d16f8f7

t8m force-pushed the pem-read-regression branch from cff5ff4 to d16f8f7 Compare May 13, 2021 11:06

github-actions bot added the severity: fips change The pull request changes FIPS provider sources label May 13, 2021

openssl-machine pushed a commit that referenced this pull request May 13, 2021

Fallback to legacy pem decoding if OSSL_DECODER fails

7bc027d

Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from #15045)

t8m closed this May 13, 2021

devnexen pushed a commit to devnexen/openssl that referenced this pull request Jul 7, 2021

Fallback to legacy pem decoding if OSSL_DECODER fails

6391ed3

Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from openssl#15045)

Uh oh!

Conversation

t8m commented Apr 27, 2021

Checklist

Uh oh!

t8m commented Apr 27, 2021

Uh oh!

t8m commented Apr 27, 2021

Uh oh!

beldmit commented Apr 27, 2021

Uh oh!

Uh oh!

t8m commented Apr 27, 2021

Uh oh!

t8m commented Apr 27, 2021 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

t8m commented May 4, 2021

Uh oh!

t8m commented May 7, 2021

Uh oh!

paulidale left a comment

Choose a reason for hiding this comment

Uh oh!

paulidale May 12, 2021

Choose a reason for hiding this comment

Uh oh!

openssl-machine commented May 13, 2021

Uh oh!

t8m commented May 13, 2021

Uh oh!

t8m commented May 13, 2021

Uh oh!

t8m commented May 13, 2021

Uh oh!

t8m commented May 13, 2021

Uh oh!

t8m commented May 13, 2021

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

5 participants

t8m commented Apr 27, 2021 •

edited

Loading