[Bug 3005] New: Use high-level EVP PKEY API instead of low-level algorithm specific calls + separate digesting in the every backend

bugzilla-daemon Tue, 07 May 2019 08:32:27 -0700

https://bugzilla.mindrot.org/show_bug.cgi?id=3005


            Bug ID: 3005
           Summary: Use high-level EVP PKEY API instead of low-level
                    algorithm specific calls + separate digesting in the
                    every backend
           Product: Portable OpenSSH
           Version: 8.0p1
          Hardware: Other
                OS: Linux
            Status: NEW
          Severity: enhancement
          Priority: P5
         Component: ssh
          Assignee: [email protected]
          Reporter: [email protected]

Created attachment 3277
  --> https://bugzilla.mindrot.org/attachment.cgi?id=3277&action=edit
proposed patch

The OpenSSH is using low-level OpenSSL API to access and use keys,
which was fine in the past, but it is getting more complicated as the
amount of signature algorithms is expanding.

This patch mostly simplifies RSA signatures handling by dropping the
hardcoded hash algorithms OIDs and unifies the various key types
handling be encapsulating them in common EVP_PKEY structure.

I believe this API is also available in LibreSSL so it should not have
compatibility issues, but I did not test that.

-- 
You are receiving this mail because:
You are watching the assignee of the bug.
_______________________________________________
openssh-bugs mailing list
[email protected]
https://lists.mindrot.org/mailman/listinfo/openssh-bugs

[Bug 3005] New: Use high-level EVP PKEY API instead of low-level algorithm specific calls + separate digesting in the every backend

Reply via email to