Message ID | 20240404181630.2431991-7-juliusz@wolfssl.com |
---|---|
State | New |
Headers | show
Return-Path: <hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org> X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=hkm2QADr; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=wolfssl-com.20230601.gappssmtp.com header.i=@wolfssl-com.20230601.gappssmtp.com header.a=rsa-sha256 header.s=20230601 header.b=goNntcH0; dkim-atps=neutral Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=patchwork.ozlabs.org) Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4V9VGG0ybjz23tv for <incoming@patchwork.ozlabs.org>; Fri, 5 Apr 2024 05:17:42 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=GpoJ8FDBxSQKNwNNAWC09+Wh3CT05TtCs28P+UnFPP8=; b=hkm2QADr6H/9Fu 7o6EGGBEbwdmy6BxsUHZEPx1kK507gJr8UFcBQzvZNm+beuIQR8ysBR7yXMtx5mbs+M8F6XTwOvDN 96M0AcWWNUtDNvn2ZUVBuU1fBs3ZuoBwN6hbOjWXOuCmOBO4t94E7TYUd5guu5YSBU9DvRDUEecrv 7r8GrghV0pf161xrRZX0pum1FkFXeku7jaWGyyaGhPOdP+qjY4jzLXM0IWewWcwvPxbH5Hw8rHfpz wNv4MFwggghLrU2wJNpwOL9vZLiDU3N9MCU8jjnqWHi1N4RnQZXPeF7mDXPkFgEObUwrvnmYGLBK9 ZDk8msmxHVNcV1Cewibg==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.97.1 #2 (Red Hat Linux)) id 1rsReG-00000003moO-4At1; Thu, 04 Apr 2024 18:17:17 +0000 Received: from mail-ed1-x52f.google.com ([2a00:1450:4864:20::52f]) by bombadil.infradead.org with esmtps (Exim 4.97.1 #2 (Red Hat Linux)) id 1rsRe5-00000003mgA-0ads for hostap@lists.infradead.org; Thu, 04 Apr 2024 18:17:07 +0000 Received: by mail-ed1-x52f.google.com with SMTP id 4fb4d7f45d1cf-56c404da0ebso2068119a12.0 for <hostap@lists.infradead.org>; Thu, 04 Apr 2024 11:17:03 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=wolfssl-com.20230601.gappssmtp.com; s=20230601; t=1712254622; x=1712859422; darn=lists.infradead.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=3R70+eupGDd8L+NNWHGCaTOFznCr5OXhBOwvMzRo7AE=; b=goNntcH0T1bjR1IOPKWyZ1K9TlwTNTctwU/NJHjU6XxoSh/9FQJn7sONZABCYXBbCw y2wIss+VqraGsPA6ZACaUknh6mn9BHHFj2ZM1FDJNWcVeP9vefM8W121cj3D3sKs6ZZ2 SLsW8jbBapE+17vQIwQoL+lVfO5d/LouWdBCFSwaKvV9PkXWTyXwosgno+iLFFmFAtlK KyyS0aF9SHlN2ISZRUcMENYeaUTGpRS3leK/KokR+i/TITlNSItqhszz1Cobf0Ldmtve cL9ybr8ETW+1ZvterjmTVKgIJ6HwPthg5JVEmJ+e+JgVe8fw75kSAkTGbA+h0xaNn52u A19A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1712254622; x=1712859422; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=3R70+eupGDd8L+NNWHGCaTOFznCr5OXhBOwvMzRo7AE=; b=w3s0/XlLhMb5W4PKTBhwOWLxsSZvR5GW9AUSbS1aaBdI8iKpHTOThpxaa4WKc4hCXS sr0AepN0YmDpNZi3IJiMKwzYbijY8U2UWEJ2Z6/hn9NGC5kVIeZ+Bq2hny/RjBnSW6We WVCDairieBqUMCsqMnzj2mB/qNkMxNM8laZAoswku6HQtCXkkLcymqjcEUnJpFq764lk isANkk6wTZFKM9lE6EwzpoXTu9WWKhnR03XUmpWDwj6eh2MHANKSLwW+SjxNFcpPsKSJ D98868Dbub4sG0mA5DwbDWIwYKwki81P5nwsyxErYrt2XJqhzV2Z/qmDwTLP2tBpIUx7 FORg== X-Gm-Message-State: AOJu0YywEy5nPXvYoPQG3jwsC/mnpW1SERWoJ76SU4oWM7lav+W8tI/M gQ6wnuesjIrOEozyVCgc4F4gifnwwFCdGVyU2X+CTKJrXnSMki5kfSEug1+CCEWkKnpvpxe4Tte Pzbs= X-Google-Smtp-Source: AGHT+IFYAzixVtlKsmZhTdSVfTMN6WkLo/t3CFZNDIo15w+qXomCtRaE4ADOl3r3wanypksby8BAig== X-Received: by 2002:a50:9517:0:b0:56e:d2f:4da5 with SMTP id u23-20020a509517000000b0056e0d2f4da5mr2660870eda.34.1712254622272; Thu, 04 Apr 2024 11:17:02 -0700 (PDT) Received: from localhost.localdomain ([82.118.30.15]) by smtp.gmail.com with ESMTPSA id dh26-20020a0564021d3a00b0056e0b358e86sm1976349edb.97.2024.04.04.11.17.01 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 04 Apr 2024 11:17:01 -0700 (PDT) From: Juliusz Sosinowicz <juliusz@wolfssl.com> To: hostap@lists.infradead.org Cc: Juliusz Sosinowicz <juliusz@wolfssl.com> Subject: [PATCH 07/24] openssl: Use uncompressed format for ECC keys Date: Thu, 4 Apr 2024 20:16:13 +0200 Message-Id: <20240404181630.2431991-7-juliusz@wolfssl.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20240404181630.2431991-1-juliusz@wolfssl.com> References: <20240404181630.2431991-1-juliusz@wolfssl.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20240404_111705_319465_41EE6B52 X-CRM114-Status: GOOD ( 10.34 ) X-Spam-Score: 0.0 (/) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: OpenSSL <3.0 uses ECC keys in the uncompressed format. We should keep it that way for compatibility. The wolfSSL backend also uses the uncompressed format. Signed-off-by: Juliusz Sosinowicz <juliusz@wolfssl.com> --- src/crypto/crypto_openssl.c | 2 ++ 1 file changed, 2 insertions(+) Content analysis details: (0.0 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [2a00:1450:4864:20:0:0:0:52f listed in] [list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: <hostap.lists.infradead.org> List-Unsubscribe: <http://lists.infradead.org/mailman/options/hostap>, <mailto:hostap-request@lists.infradead.org?subject=unsubscribe> List-Archive: <http://lists.infradead.org/pipermail/hostap/> List-Post: <mailto:hostap@lists.infradead.org> List-Help: <mailto:hostap-request@lists.infradead.org?subject=help> List-Subscribe: <http://lists.infradead.org/mailman/listinfo/hostap>, <mailto:hostap-request@lists.infradead.org?subject=subscribe> Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: "Hostap" <hostap-bounces@lists.infradead.org> Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org |
Series |
[01/24] wolfssl: simplify tls_get_cipher
|
expand
|
diff --git a/src/crypto/crypto_openssl.c b/src/crypto/crypto_openssl.c index 2d8ff60aa9..e83a40b57c 100644 --- a/src/crypto/crypto_openssl.c +++ b/src/crypto/crypto_openssl.c @@ -3676,6 +3676,8 @@ struct wpabuf * crypto_ec_key_get_ecprivate_key(struct crypto_ec_key *key, 0); pkey = copy; } + EVP_PKEY_set_utf8_string_param(pkey, + OSSL_PKEY_PARAM_EC_POINT_CONVERSION_FORMAT, "uncompressed"); ctx = OSSL_ENCODER_CTX_new_for_pkey(pkey, selection, "DER", "type-specific", NULL);
OpenSSL <3.0 uses ECC keys in the uncompressed format. We should keep it that way for compatibility. The wolfSSL backend also uses the uncompressed format. Signed-off-by: Juliusz Sosinowicz <juliusz@wolfssl.com> --- src/crypto/crypto_openssl.c | 2 ++ 1 file changed, 2 insertions(+)