| Message ID | 20240404181630.2431991-7-juliusz@wolfssl.com |
|---|---|
| State | New |
| Headers | show
Return-Path:
<hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@legolas.ozlabs.org
Authentication-Results: legolas.ozlabs.org;
dkim=pass (2048-bit key;
secure) header.d=lists.infradead.org header.i=@lists.infradead.org
header.a=rsa-sha256 header.s=bombadil.20210309 header.b=hkm2QADr;
dkim=fail reason="signature verification failed" (2048-bit key;
unprotected) header.d=wolfssl-com.20230601.gappssmtp.com
header.i=@wolfssl-com.20230601.gappssmtp.com header.a=rsa-sha256
header.s=20230601 header.b=goNntcH0;
dkim-atps=neutral
Authentication-Results: legolas.ozlabs.org;
spf=none (no SPF record) smtp.mailfrom=lists.infradead.org
(client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org;
envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org;
receiver=patchwork.ozlabs.org)
Received: from bombadil.infradead.org (bombadil.infradead.org
[IPv6:2607:7c80:54:3::133])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384)
(No client certificate requested)
by legolas.ozlabs.org (Postfix) with ESMTPS id 4V9VGG0ybjz23tv
for <incoming@patchwork.ozlabs.org>; Fri, 5 Apr 2024 05:17:42 +1100 (AEDT)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
d=lists.infradead.org; s=bombadil.20210309; h=Sender:
Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post:
List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To:
Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description:
Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:
List-Owner; bh=GpoJ8FDBxSQKNwNNAWC09+Wh3CT05TtCs28P+UnFPP8=; b=hkm2QADr6H/9Fu
7o6EGGBEbwdmy6BxsUHZEPx1kK507gJr8UFcBQzvZNm+beuIQR8ysBR7yXMtx5mbs+M8F6XTwOvDN
96M0AcWWNUtDNvn2ZUVBuU1fBs3ZuoBwN6hbOjWXOuCmOBO4t94E7TYUd5guu5YSBU9DvRDUEecrv
7r8GrghV0pf161xrRZX0pum1FkFXeku7jaWGyyaGhPOdP+qjY4jzLXM0IWewWcwvPxbH5Hw8rHfpz
wNv4MFwggghLrU2wJNpwOL9vZLiDU3N9MCU8jjnqWHi1N4RnQZXPeF7mDXPkFgEObUwrvnmYGLBK9
ZDk8msmxHVNcV1Cewibg==;
Received: from localhost ([::1] helo=bombadil.infradead.org)
by bombadil.infradead.org with esmtp (Exim 4.97.1 #2 (Red Hat Linux))
id 1rsReG-00000003moO-4At1;
Thu, 04 Apr 2024 18:17:17 +0000
Received: from mail-ed1-x52f.google.com ([2a00:1450:4864:20::52f])
by bombadil.infradead.org with esmtps (Exim 4.97.1 #2 (Red Hat Linux))
id 1rsRe5-00000003mgA-0ads
for hostap@lists.infradead.org;
Thu, 04 Apr 2024 18:17:07 +0000
Received: by mail-ed1-x52f.google.com with SMTP id
4fb4d7f45d1cf-56c404da0ebso2068119a12.0
for <hostap@lists.infradead.org>;
Thu, 04 Apr 2024 11:17:03 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=wolfssl-com.20230601.gappssmtp.com; s=20230601; t=1712254622;
x=1712859422; darn=lists.infradead.org;
h=content-transfer-encoding:mime-version:references:in-reply-to
:message-id:date:subject:cc:to:from:from:to:cc:subject:date
:message-id:reply-to;
bh=3R70+eupGDd8L+NNWHGCaTOFznCr5OXhBOwvMzRo7AE=;
b=goNntcH0T1bjR1IOPKWyZ1K9TlwTNTctwU/NJHjU6XxoSh/9FQJn7sONZABCYXBbCw
y2wIss+VqraGsPA6ZACaUknh6mn9BHHFj2ZM1FDJNWcVeP9vefM8W121cj3D3sKs6ZZ2
SLsW8jbBapE+17vQIwQoL+lVfO5d/LouWdBCFSwaKvV9PkXWTyXwosgno+iLFFmFAtlK
KyyS0aF9SHlN2ISZRUcMENYeaUTGpRS3leK/KokR+i/TITlNSItqhszz1Cobf0Ldmtve
cL9ybr8ETW+1ZvterjmTVKgIJ6HwPthg5JVEmJ+e+JgVe8fw75kSAkTGbA+h0xaNn52u
A19A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20230601; t=1712254622; x=1712859422;
h=content-transfer-encoding:mime-version:references:in-reply-to
:message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc
:subject:date:message-id:reply-to;
bh=3R70+eupGDd8L+NNWHGCaTOFznCr5OXhBOwvMzRo7AE=;
b=w3s0/XlLhMb5W4PKTBhwOWLxsSZvR5GW9AUSbS1aaBdI8iKpHTOThpxaa4WKc4hCXS
sr0AepN0YmDpNZi3IJiMKwzYbijY8U2UWEJ2Z6/hn9NGC5kVIeZ+Bq2hny/RjBnSW6We
WVCDairieBqUMCsqMnzj2mB/qNkMxNM8laZAoswku6HQtCXkkLcymqjcEUnJpFq764lk
isANkk6wTZFKM9lE6EwzpoXTu9WWKhnR03XUmpWDwj6eh2MHANKSLwW+SjxNFcpPsKSJ
D98868Dbub4sG0mA5DwbDWIwYKwki81P5nwsyxErYrt2XJqhzV2Z/qmDwTLP2tBpIUx7
FORg==
X-Gm-Message-State: AOJu0YywEy5nPXvYoPQG3jwsC/mnpW1SERWoJ76SU4oWM7lav+W8tI/M
gQ6wnuesjIrOEozyVCgc4F4gifnwwFCdGVyU2X+CTKJrXnSMki5kfSEug1+CCEWkKnpvpxe4Tte
Pzbs=
X-Google-Smtp-Source:
AGHT+IFYAzixVtlKsmZhTdSVfTMN6WkLo/t3CFZNDIo15w+qXomCtRaE4ADOl3r3wanypksby8BAig==
X-Received: by 2002:a50:9517:0:b0:56e:d2f:4da5 with SMTP id
u23-20020a509517000000b0056e0d2f4da5mr2660870eda.34.1712254622272;
Thu, 04 Apr 2024 11:17:02 -0700 (PDT)
Received: from localhost.localdomain ([82.118.30.15])
by smtp.gmail.com with ESMTPSA id
dh26-20020a0564021d3a00b0056e0b358e86sm1976349edb.97.2024.04.04.11.17.01
(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
Thu, 04 Apr 2024 11:17:01 -0700 (PDT)
From: Juliusz Sosinowicz <juliusz@wolfssl.com>
To: hostap@lists.infradead.org
Cc: Juliusz Sosinowicz <juliusz@wolfssl.com>
Subject: [PATCH 07/24] openssl: Use uncompressed format for ECC keys
Date: Thu, 4 Apr 2024 20:16:13 +0200
Message-Id: <20240404181630.2431991-7-juliusz@wolfssl.com>
X-Mailer: git-send-email 2.34.1
In-Reply-To: <20240404181630.2431991-1-juliusz@wolfssl.com>
References: <20240404181630.2431991-1-juliusz@wolfssl.com>
MIME-Version: 1.0
X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3
X-CRM114-CacheID: sfid-20240404_111705_319465_41EE6B52
X-CRM114-Status: GOOD ( 10.34 )
X-Spam-Score: 0.0 (/)
X-Spam-Report: Spam detection software,
running on the system "bombadil.infradead.org",
has NOT identified this incoming email as spam. The original
message has been attached to this so you can view it or label
similar future email. If you have any questions, see
the administrator of that system for details.
Content preview: OpenSSL <3.0 uses ECC keys in the uncompressed format. We
should keep it that way for compatibility. The wolfSSL backend also uses
the
uncompressed format. Signed-off-by: Juliusz Sosinowicz
<juliusz@wolfssl.com>
--- src/crypto/crypto_openssl.c | 2 ++ 1 file changed, 2 insertions(+)
Content analysis details: (0.0 points, 5.0 required)
pts rule name description
---- ----------------------
--------------------------------------------------
-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no
trust
[2a00:1450:4864:20:0:0:0:52f listed in]
[list.dnswl.org]
-0.0 SPF_PASS SPF: sender matches SPF record
0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record
-0.1 DKIM_VALID Message has at least one valid DKIM or DK
signature
0.1 DKIM_SIGNED Message has a DKIM or DK signature,
not necessarily valid
X-BeenThere: hostap@lists.infradead.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: <hostap.lists.infradead.org>
List-Unsubscribe: <http://lists.infradead.org/mailman/options/hostap>,
<mailto:hostap-request@lists.infradead.org?subject=unsubscribe>
List-Archive: <http://lists.infradead.org/pipermail/hostap/>
List-Post: <mailto:hostap@lists.infradead.org>
List-Help: <mailto:hostap-request@lists.infradead.org?subject=help>
List-Subscribe: <http://lists.infradead.org/mailman/listinfo/hostap>,
<mailto:hostap-request@lists.infradead.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: "Hostap" <hostap-bounces@lists.infradead.org>
Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org
|
| Series |
[01/24] wolfssl: simplify tls_get_cipher
|
expand
|
diff --git a/src/crypto/crypto_openssl.c b/src/crypto/crypto_openssl.c index 2d8ff60aa9..e83a40b57c 100644 --- a/src/crypto/crypto_openssl.c +++ b/src/crypto/crypto_openssl.c @@ -3676,6 +3676,8 @@ struct wpabuf * crypto_ec_key_get_ecprivate_key(struct crypto_ec_key *key, 0); pkey = copy; } + EVP_PKEY_set_utf8_string_param(pkey, + OSSL_PKEY_PARAM_EC_POINT_CONVERSION_FORMAT, "uncompressed"); ctx = OSSL_ENCODER_CTX_new_for_pkey(pkey, selection, "DER", "type-specific", NULL);
OpenSSL <3.0 uses ECC keys in the uncompressed format. We should keep it that way for compatibility. The wolfSSL backend also uses the uncompressed format. Signed-off-by: Juliusz Sosinowicz <juliusz@wolfssl.com> --- src/crypto/crypto_openssl.c | 2 ++ 1 file changed, 2 insertions(+)