Project

General

Profile

Actions

Feature #5154

closed

OpenSSL 3.0 support

Added by Davide Pesavento over 3 years ago. Updated over 1 year ago.

Status:
Closed
Priority:
Normal
Category:
Security
Target version:
Start date:
Due date:
% Done:

100%

Estimated time:
Tags:


Related issues 2 (1 open1 closed)

Related to ndn-cxx - Task #5241: Redesign support for HMAC keysNew

Actions
Related to ndn-cxx - Bug #5251: EVP_PKEY_base_id returns 0ClosedVarun Patil

Actions
Actions #1

Updated by Davide Pesavento over 3 years ago

  • % Done changed from 0 to 30

With this patch, ndn-cxx can successfully detect openssl 3.0.0-alpha13. The build then proceeds normally.
There are about 40 test failures across various modules, plus several deprecation warnings in security/transform/private-key.cpp and tests/unit/util/random.t.cpp.

Actions #2

Updated by Davide Pesavento over 3 years ago

  • Description updated (diff)
  • Target version changed from 0.8.0 to 0.9.0
Actions #3

Updated by Davide Pesavento over 3 years ago

  • Description updated (diff)
Actions #4

Updated by Davide Pesavento over 3 years ago

  • Description updated (diff)
Actions #5

Updated by Davide Pesavento over 3 years ago

  • Category changed from Build to Security
  • % Done changed from 30 to 60

https://gerrit.named-data.net/c/ndn-cxx/+/6497 This patch conditionally disables testing of the DES-encrypted PKCS #8 private keys in Security/Transform/TestPrivateKey because OpenSSL 3.0 no longer supports DES in the default crypto provider, so loading those keys will fail. It also adds testing of AES-encrypted keys (generated/exported by current versions of ndn-cxx) and DES-EDE3-encrypted keys (briefly used between v0.6.0 and v0.6.3 included).

Actions #6

Updated by Davide Pesavento over 2 years ago

  • % Done changed from 60 to 70

https://gerrit.named-data.net/c/ndn-cxx/+/6700 fixes the deprecation warnings in private (EC/RSA) key generation.
Most HMAC functionality remains disabled and I'm afraid it will require a major redesign.

Actions #7

Updated by Davide Pesavento over 2 years ago

  • Related to Task #5241: Redesign support for HMAC keys added
Actions #8

Updated by Davide Pesavento over 2 years ago

  • Status changed from In Progress to Closed
  • Target version changed from 0.9.0 to 0.8.1
  • % Done changed from 70 to 100

The HMAC redesign is split into #5241.

Actions #9

Updated by Davide Pesavento almost 2 years ago

  • Related to Bug #5251: EVP_PKEY_base_id returns 0 added
Actions #10

Updated by Davide Pesavento over 1 year ago

  • Tags set to openssl
Actions

Also available in: Atom PDF