pkey_ctx: add ability to generate DSA params & keys #2432
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
huwcbjones
force-pushed
the
huw/pkey-ctx-dsa-paramgen
branch
2 times, most recently
from
91c42c5 to
7b510d7
Compare
huwcbjones
force-pushed
the
huw/pkey-ctx-dsa-paramgen
branch
2 times, most recently
from
c97df0f to
d9fa658
Compare
This was referenced Jul 31, 2025
|
Can you please add an assert to the test about the result of paramgen? |
huwcbjones
changed the title
|
@alex , have extended the test to use the params to generate a key. |
alex
reviewed
Aug 4, 2025
alex
reviewed
Aug 4, 2025
huwcbjones
force-pushed
the
huw/pkey-ctx-dsa-paramgen
branch
from
2a303a1 to
3589cbd
Compare
|
looks like there's some failing tests |
huwcbjones
force-pushed
the
huw/pkey-ctx-dsa-paramgen
branch
2 times, most recently
from
b7e21ad to
9a63861
Compare
boring doesn't support DSA paramgen in a pkey ctx since google/boringssl@2e295b9
huwcbjones
force-pushed
the
huw/pkey-ctx-dsa-paramgen
branch
from
9a63861 to
17fe4c8
Compare
alex
approved these changes
Aug 4, 2025
|
It would be nice if DSA support in rust-openssl honored OPENSSL_NO_DSA so it can be turned off in libcrypto some time in the future. This is really not a primitive that should be used anymore if you can help it. |
|
I'd be happy to review a PR to annotate everything with OPENSSL_NO_DSA.
…On Tue, Aug 5, 2025 at 6:18 AM Theo Buehler ***@***.***> wrote:
*botovq* left a comment (sfackler/rust-openssl#2432)
<#2432 (comment)>
It would be nice if DSA support in rust-openssl honored OPENSSL_NO_DSA so
it can be turned off in libcrypto some time in the future. This is really
not a primitive that should be used anymore if you can help it.
—
Reply to this email directly, view it on GitHub
<#2432 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AAAAGBEREJWTS6MN6W6FHVD3MCAH3AVCNFSM6AAAAACCWKWCBWVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZTCNJUGU4DMMJSGA>
.
You are receiving this because you modified the open/close state.Message
ID: ***@***.***>
--
All that is necessary for evil to succeed is for good people to do nothing.
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Progress towards #2047 by adding ability to generate DSA params using the EVP_* interfaces (rather than the deprecated DSA_* interfaces, excluding boring because they removed support for DSA in PKEY_CTX).