[Openvpn-devel,v3,05/21,OSSL,3.0] Use EVP_PKEY based API for loading DH keys

From: Arne Schwabe <arne@rfc2549.org>
To: openvpn-devel@lists.sourceforge.net
Date: Tue, 19 Oct 2021 20:31:11 +0200
Message-Id: <20211019183127.614175-6-arne@rfc2549.org>
In-Reply-To: <20211019183127.614175-1-arne@rfc2549.org>
References: <20211019183127.614175-1-arne@rfc2549.org>
MIME-Version: 1.0
Subject: [Openvpn-devel] [PATCH v3 05/21] [OSSL 3.0] Use EVP_PKEY based API
 for loading DH keys
Precedence: list
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: openvpn-devel-bounces@lists.sourceforge.net

Message ID	20211019183127.614175-6-arne@rfc2549.org
State	Accepted
Headers	show Return-Path: <openvpn-devel-bounces@lists.sourceforge.net> From: Arne Schwabe <arne@rfc2549.org> To: openvpn-devel@lists.sourceforge.net Date: Tue, 19 Oct 2021 20:31:11 +0200 Message-Id: <20211019183127.614175-6-arne@rfc2549.org> In-Reply-To: <20211019183127.614175-1-arne@rfc2549.org> References: <20211019183127.614175-1-arne@rfc2549.org> MIME-Version: 1.0 preview: OpenSSL 3.0 replaces the DH API with a generic EVP_KEY based API to load DH parameters. Signed-off-by: Arne Schwabe <arne@rfc2549.org> --- src/openvpn/ssl_openssl.c \| 23 +++++++++++++++++++++-- 1 file changed, 21 insertions(+), 2 deletions(-) Content analysis details: (0.3 points, 6.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 0.2 HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level mail domains are different 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record Subject: [Openvpn-devel] [PATCH v3 05/21] [OSSL 3.0] Use EVP_PKEY based API for loading DH keys Precedence: list Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox
Series	OpenSSL 3.0 improvements for OpenVPN \| expand [Openvpn-devel,v3,00/21] OpenSSL 3.0 improvements for OpenVPN [Openvpn-devel,v3,01/21,OSSL,3.0] Use new EVP_MAC API for HMAC implementation [Openvpn-devel,v3,02/21,OSSL,3.0] Add --with-openssl-engine autoconf option (auto\|yes\|no) [Openvpn-devel,v3,03/21,OSSL,3.0] Implement DES ECB encrypt via EVP_CIPHER api [Openvpn-devel,v3,04/21,OSSL,3.0] Remove DES check with OpenSSL 3.0 [Openvpn-devel,v3,05/21,OSSL,3.0] Use EVP_PKEY based API for loading DH keys [Openvpn-devel,v3,06/21,OSSL,3.0] Deprecate --ecdh-curve with OpenSSL 3.0 and adjust mbed TLS messa… [Openvpn-devel,v3,07/21,OSSL,3.0] Remove DES key fixup code [Openvpn-devel,v3,08/21,OSSL,3.0] Use EVP_PKEY_get_group_name to query group name [Openvpn-devel,v3,09/21] Refactor early initialisation and uninitialisation into methods [Openvpn-devel,v3,10/21,OSSL,3.0] Replace EVP_get_cipherbyname with EVP_CIPHER_fetch [Openvpn-devel,v3,11/21,OSSL,3.0] USe EVP_MD_get0_name instead EV_MD_name [Openvpn-devel,v3,12/21,OSSL,3.0] Allow loading of non default providers [Openvpn-devel,v3,13/21,OSSL,3.0] Remove dependency on BF-CBC existance from test_ncp [Openvpn-devel,v3,14/21,OSSL,3.0] Use TYPE_do_all_provided function for listing cipher/digest [Openvpn-devel,v3,15/21,OSSL,3.0] Do not allow CTS ciphers [Openvpn-devel,v3,16/21] Add message when decoding PKCS12 file fails. [Openvpn-devel,v3,17/21] Add small unit test for testing HMAC [Openvpn-devel,v3,18/21] Fix error when BF-CBC is not available [Openvpn-devel,v3,19/21] Add insecure tls-cert-profile options [Openvpn-devel,v3,20/21] Add macos OpenSSL 3.0 and ASAN builds [Openvpn-devel,v3,21/21] Always use 8192 bytes for ERR_BUF_SIZE

[Openvpn-devel,v3,05/21,OSSL,3.0] Use EVP_PKEY based API for loading DH keys

Commit Message

Comments

Patch