Yf/crypto algo alignment#2794
Closed
WildFireFlum wants to merge 44 commits into
Closed
Conversation
In this commit we will create new classes such that the Digest data and digest creation is decoupled. Digest data will be kept at the same place but the creation can be choosen by different libraries like cryptopp or openssl. This rearrangement of classes will be done in this PR. Rearranging DigestCreator and DigestHolder 1) Added the proper way for type subsetting 2) Added skeleton code for proper maintainability. This commit includes below changes:- * OpenSSL library implementation for SHA_256 & SHA3_256 hashing. * Design change for existing Crypto++ library hashing (existing Digest class modified). The storing of generated digest and the digest generation procedures are decoupled and achieved with the help of 'DigestHolder' & 'DigestCreator' classes respectively. * Introduced compilation macros to choose between cryptographic hashing libraries i.e. Cryptopp and OpenSSL (SHA_256 and SHA3_256). Review comments addressed. Cryptographic libs macros added in CI runs. This commit contains:- * CryptoppDigestCreator class implemented for digest generation. * DigestUtil class modified to templated DigestHelper class which takes the digest creator class. DigestUtil class removed. CryptoppDigestCreator will do the job of DigestUtil. Compilation error fixed. Review comments addressed. compute() added in interface. Changes mentioned below: - DigestCreator class moved to digest_creator.hpp file. - CryptoppDigestCreator class moved to cryptopp_digest_creator.*pp files. - OpenSSLDigestCreator class moved to openssl_digest_creator.ipp file. - DigestHolder class moved to digest_holder.hpp file. - Renamed files: Digest.hpp to digest.hpp, DigestType.hpp to digest_type.hpp. Removed unwanted file. Decoupling crypto digest to choose crypto algos In this commit we will create new classes such that the Digest data and digest creation is decoupled. Digest data will be kept at the same place but the creation can be choosen by different libraries like cryptopp or openssl. This rearrangement of classes will be done in this PR. Rearranging DigestCreator and DigestHolder 1) Added the proper way for type subsetting 2) Added skeleton code for proper maintainability. Merge pull request #2 from pkthapa/cryptographic-openssl-hashing OpenSSL SHA hashing implementation. Minor include changes.
- Remove init() from DigestCreator class. - Change update() and compute to updateDigest() and computeDigest() respectively. - static property of a function removed from EVPHash class.
- Remove init() from DigestCreator class. - Change update() and compute to updateDigest() and computeDigest() respectively. - static property of a function removed from EVPHash class.
Apollo now logs when it generates keys Apollo now logs the command line arguments when it starts a replica
Integrated EdDSA multisig to conconrd-bft's key generation and to commit path threshold signature collection Added unittests for EdDSA multisig interface
Introduced the USE_RELIC cmake option to control relic linkage and control relic-dependant target generation.
Added configuration flags to the threshsign benchmark
i. Compilation macros (USE_CRYPTOPP_RSA and USE_EDDSA_SINGLE_SIGN) for RSA and EdDSA removed. ii. The choice of signing algorithm is now based on the value set in 'replicaMsgSigningAlgo' and 'operatorMsgSigningAlgo' config variables.
…al-merge Compilation error fixed.
Review comments addressed.
Removed SHA3_256 digest algorithm as per spec review meeting comment.
WildFireFlum
force-pushed
the
yf/crypto-algo-alignment
branch
from
8046f3e to
0fa99a5
Compare
WildFireFlum
force-pushed
the
yf/crypto-algo-alignment
branch
2 times, most recently
from
9702db0 to
541b4ea
Compare
WildFireFlum
commented
Sep 12, 2022
|
|
||
| // Wrapper class for OpenSSL Crypto's EVP_PKEY objects implementing | ||
| // AsymmetricPrivateKey. | ||
| class EVPPKEYPrivateKey : public AsymmetricPrivateKey { |
Contributor
Author
There was a problem hiding this comment.
This class is needed if we want to use existing code to generate ecdsa keys.
We still need to adapt the interface to support PEM files, which are used by
ClientTlsKeyExchangeHandler::exchangeTlsKeys.
Contributor
Author
|
The purposes of moving all of the crypto utilities are:
Currently, cryptopp cannot be removed as it is used for ecdsa key generation and aes encryption. Both should be replaced by openssl so that we can build without cryptopp. |
WildFireFlum
force-pushed
the
yf/crypto-algo-alignment
branch
from
541b4ea to
7623ec6
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Remove relic and cryptopp from our repository and use openssl instead.
There have been multiple previous pull requests which were not directed to master:
arc-vmware#6
arc-vmware#15
arc-vmware#12