Use the new OpenSSL 3.* API for managing EVP_PKEY objects (RSA, ECDSA) #2380
Conversation
Jakuje
force-pushed
the
openssl-3-evp_pkey_v2
branch
2 times, most recently
from
c138e59 to
c401e7b
Compare
Jakuje
force-pushed
the
openssl-3-evp_pkey_v2
branch
from
c401e7b to
54d5669
Compare
|
Thanks for trying this approach. I think it's a clear improvement over just exposing arbitrary However, I still have pretty major concerns, which really come in two buckets:
Indeed, the combination of these may be that it becomes incredibly difficult for users to maintain code that works on both no-compat OpenSSL 3.x and also on LibreSSL, which would be a really crappy result. I wonder if the thing that doesn't make the most sense is to have the |
Thank you for the suggestion! I think this would be doable, even though there are some rough edges to cover. Just to make sure I understand it correctly, you suggest to implement the same api as the RSA that we have now, that will basically wrap the OSSL_PARAM operations as implemented in this PR? The rough cases include that the Let me have a look how it will turn out. |
|
That's the idea, basically no changes for end consumers. It's still 2xing our code with no possibility of reducing that, which is just a massive bummer and demotivater for me. We should probably get @sfackler's views before investing a ton of time into this. |
|
I spent some time trying to put this together, but it looks it will require too much bending of the existing crates, reimplementing the whole ForeignTypes trait as it really requires to work on the legacy RSA object, which would be very inefficient and would not solve the goal of using the new API at all. The whole RSA API is also based tightly around the assumptions of the old RSA API, which really do not hold for the usage through the new API (need to keep around the bignums when returning them from pkey params, no good error handling when we do not return Result, but just the bignum or panic, ...). So given that I do not think this approach is doable (or I am not proficient in the rust enough to be able to work it out). Given that we need to use the algorithms through the new API, I guess adding a new API probably makes more sense than trying to stay within of the old one.
I see only one way out from there -- implementing new API that will wrap the old API operations for older OpenSSL or forks. For the record, this is base for adding new API that will come with OpenSSL 3.5 for handling PQC algorithms, that we need to fit in. And if we do not want to expose the OSSL_PARAMS, we will have to wrap them in some new rust structures too. |
Jakuje
force-pushed
the
openssl-3-evp_pkey_v2
branch
from
54d5669 to
26e0a36
Compare
We discussed that this API is not well suitable for the end users but still, it required for several operations in OpenSSL 3.* so instead of calling to FFI for every use of this API, this introduces simple wrappers that allow building of the params and their usage. Signed-off-by: Jakub Jelen <[email protected]>
Signed-off-by: Jakub Jelen <[email protected]>
The OpenSSL 3.* users now do not have a way to use non-deprecated API by using this rust bindings, which is not sustainable in the long term as either distributions will stop building with the deprecated API or it will be eventually removed. This is now mostly PoC on using RSA keys using the new API. It does not expose OSSL_PARAM API as that is considered fragile. This is partially based on sfackler#2051 which was abandoned. Fixes: sfackler#2047 Signed-off-by: Jakub Jelen <[email protected]>
Signed-off-by: Jakub Jelen <[email protected]>
Jakuje
force-pushed
the
openssl-3-evp_pkey_v2
branch
from
26e0a36 to
6fb3d94
Compare
Jakuje
changed the title
|
Just wanted to chime in that we're really looking forward to using the PQC algorithms coming with OpenSSL 3.5: https://github.com/openssl/openssl/releases/tag/openssl-3.5.0 |
|
The PQC algorithms will need new definitions anyway, but could reuse some of the internals handling of the OSSL_PARAM and EVP_PKEY from here. I wanted to get back into this to see if I will be able to wrap this into the old API, but did not manage to do so yet. |
The OpenSSL 3.* users now do not have a way to use non-deprecated API by using this rust bindings, which is not sustainable in the long term as either distributions will stop building with the deprecated API or it will be eventually removed.
This is now mostly PoC on using RSA keys using the new API. It does not expose OSSL_PARAM API as that is considered fragile, therefore hidden (as discussed in #2368).
This is partially based on #2051 which was abandoned.
Fixes: #2047