Feature #5154
closedOpenSSL 3.0 support
100%
Description
https://www.openssl.org/blog/blog/2021/09/07/OpenSSL3.Final/
https://www.openssl.org/blog/blog/2021/06/17/OpenSSL3.0ReleaseCandidate/
https://www.openssl.org/docs/OpenSSL300Design.html
https://www.openssl.org/news/changelog.html#openssl-30
https://www.openssl.org/docs/man3.0/man7/migration_guide.html
https://wiki.openssl.org/index.php/OpenSSL_3.0
Updated by Davide Pesavento over 3 years ago
- % Done changed from 0 to 30
With this patch, ndn-cxx can successfully detect openssl 3.0.0-alpha13. The build then proceeds normally.
There are about 40 test failures across various modules, plus several deprecation warnings in security/transform/private-key.cpp
and tests/unit/util/random.t.cpp
.
Updated by Davide Pesavento over 3 years ago
- Description updated (diff)
- Target version changed from 0.8.0 to 0.9.0
Updated by Davide Pesavento over 3 years ago
- Category changed from Build to Security
- % Done changed from 30 to 60
https://gerrit.named-data.net/c/ndn-cxx/+/6497 This patch conditionally disables testing of the DES-encrypted PKCS #8 private keys in Security/Transform/TestPrivateKey
because OpenSSL 3.0 no longer supports DES in the default crypto provider, so loading those keys will fail. It also adds testing of AES-encrypted keys (generated/exported by current versions of ndn-cxx) and DES-EDE3-encrypted keys (briefly used between v0.6.0 and v0.6.3 included).
Updated by Davide Pesavento over 2 years ago
- % Done changed from 60 to 70
https://gerrit.named-data.net/c/ndn-cxx/+/6700 fixes the deprecation warnings in private (EC/RSA) key generation.
Most HMAC functionality remains disabled and I'm afraid it will require a major redesign.
Updated by Davide Pesavento over 2 years ago
- Related to Task #5241: Redesign support for HMAC keys added
Updated by Davide Pesavento over 2 years ago
- Status changed from In Progress to Closed
- Target version changed from 0.9.0 to 0.8.1
- % Done changed from 70 to 100
The HMAC redesign is split into #5241.
Updated by Davide Pesavento almost 2 years ago
- Related to Bug #5251: EVP_PKEY_base_id returns 0 added