boringssl

kris/boringssl

Fork 0

Commit Graph

Author	SHA1	Message	Date
David Benjamin	19670949ca	Align EVP_PKEY Ed25519 API with upstream. Rather than adding a new mode to EVP_PKEY_CTX, upstream chose to tie single-shot signing to EVP_MD_CTX, adding functions which combine EVP_DigestUpdate and EVP_DigestFinal. This adds a weird vestigial EVP_MD_CTX and makes the signing digest parameter non-uniform, slightly complicating things. But it means APIs like X509_sign_ctx can work without modification. Align with upstream's APIs. This required a bit of fiddling around evp_test.cc. For consistency and to avoid baking details of parameter input order, I made it eagerly read all inputs before calling SetupContext. Otherwise which attributes are present depend a lot on the shape of the API we use---notably the NO_DEFAULT_DIGEST tests for RSA switch to failing before consuming an input, which is odd. (This only matters because we have some tests which expect the operation to abort the operation early with parameter errors and match against Error. Those probably should not use FileTest to begin with, but I'll tease that apart a later time.) Upstream also named NID_Ed25519 as NID_ED25519, even though the algorithm is normally stylized as "Ed25519". Switch it to match. Change-Id: Id6c8f5715930038e754de50338924d044e908045 Reviewed-on: https://boringssl-review.googlesource.com/17044 Commit-Queue: Steven Valdez <svaldez@google.com> Reviewed-by: Steven Valdez <svaldez@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>	2017-06-12 12:04:11 +00:00
David Benjamin	4e78e30933	Add a basic signing tool. This is mostly to make it easier for me to generate test Ed25519 certificates. Change-Id: I45e42f556d949d62eb6cdf684194958fa9f909bf Reviewed-on: https://boringssl-review.googlesource.com/14504 Reviewed-by: Adam Langley <agl@google.com>	2017-04-05 23:32:13 +00:00

Author

SHA1

Message

Date

David Benjamin

19670949ca

Align EVP_PKEY Ed25519 API with upstream.

Rather than adding a new mode to EVP_PKEY_CTX, upstream chose to tie
single-shot signing to EVP_MD_CTX, adding functions which combine
EVP_Digest*Update and EVP_Digest*Final. This adds a weird vestigial
EVP_MD_CTX and makes the signing digest parameter non-uniform, slightly
complicating things. But it means APIs like X509_sign_ctx can work
without modification.

Align with upstream's APIs. This required a bit of fiddling around
evp_test.cc. For consistency and to avoid baking details of parameter
input order, I made it eagerly read all inputs before calling
SetupContext. Otherwise which attributes are present depend a lot on the
shape of the API we use---notably the NO_DEFAULT_DIGEST tests for RSA
switch to failing before consuming an input, which is odd.

(This only matters because we have some tests which expect the operation
to abort the operation early with parameter errors and match against
Error. Those probably should not use FileTest to begin with, but I'll
tease that apart a later time.)

Upstream also named NID_Ed25519 as NID_ED25519, even though the
algorithm is normally stylized as "Ed25519". Switch it to match.

Change-Id: Id6c8f5715930038e754de50338924d044e908045
Reviewed-on: https://boringssl-review.googlesource.com/17044
Commit-Queue: Steven Valdez <svaldez@google.com>
Reviewed-by: Steven Valdez <svaldez@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>

2017-06-12 12:04:11 +00:00

David Benjamin

4e78e30933

Add a basic signing tool.

This is mostly to make it easier for me to generate test Ed25519
certificates.

Change-Id: I45e42f556d949d62eb6cdf684194958fa9f909bf
Reviewed-on: https://boringssl-review.googlesource.com/14504
Reviewed-by: Adam Langley <agl@google.com>

2017-04-05 23:32:13 +00:00

2 Commits