Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Accurate CryptographicAlgorithm for kmip key creation on elliptic curves #187

Merged
merged 27 commits into from
Mar 1, 2024
Merged

Accurate CryptographicAlgorithm for kmip key creation on elliptic curves #187

merged 27 commits into from
Mar 1, 2024

Conversation

JosePisco
Copy link
Contributor

This PR aims at generalizing the parameters CryptographicAlgorithm and CryptographicUsageMask on ECC key creation. It also contains strict verifications regarding usage and algorithms when operating in FIPS mode.

Not that most of the changes are just new tests.

ThibsG and others added 16 commits February 9, 2024 08:13
@ThibsG
Move crypto subcrate into kmip and dispatch other elements
1cbd12a
@ThibsG
Remove unused feature curve25519
8a9272f
@ThibsG
Set openssl as wanted feature for kmip deps in pyo3
23b6f11
@ThibsG
Update patched iana-time-zone to a non yanked version
2852bbc
feat: better crypto const organization
0f02187
feat: better zeroization
63a89fa
feat: finalize zeroization
10bf117
revert type in kmip operation back to vec<u8>
4dfbef8
fix build
f2abc28
revert commit reverting zeroizing + modification attempt at serializer
dbffacb
@ThibsG
Temporarily ignore rustsec from pqc-kyber
16d8a78
feat: code enhancement deserialize
c546606
feat: dynamic cryptographic algorithm and usage for creation. Tests fail
d351092
feat: dynami mask and cryptographic algorithm for ecc key creation
64f4931
fix: loose comparison
f4af330
feat: tests + refacto dynamic mask and algo for ecc key creation
329fb68
@JosePisco JosePisco requested review from ThibsG and Manuthor February 19, 2024 14:01
@JosePisco JosePisco linked an issue Feb 19, 2024 that may be closed by this pull request
Accurate CryptographicAlgorithm for KMIP key creation on elliptic curves #151
Closed
@JosePisco
Copy link
Contributor Author

After CI is complete, this branch will be ready for review.
Please review consts I declared in kmip/src/crypto/elliptic_curves/mod.rs to check if we agree on what public / private keys should be able to do in FIPS mode and in which algorithm situation.

@JosePisco JosePisco mentioned this pull request Feb 20, 2024
Merged
ThibsG
ThibsG reviewed Feb 21, 2024
View reviewed changes
Martin Grenouilloux and others added 3 commits February 21, 2024 11:36
feat: style + load provider in fips tests
ab48ee8
fix: remove P-192 from fips mask construction
11d6271
@JosePisco
feat: accurate CryptographicUsageMask for KMIP creation of RSA keys (#…
3b533a6 
…189)

* feat: dynamic cryptographic usage mask set and check

* feat: code enhancement

* feat: style + load provider in fips tests

* feat: load fips provider on rsa tests

* fix: inconsistent crypto consts (#190)

* feat: harmonising crypto consts in bits

* feat: style + load provider in fips tests

* feat: load fips provider on rsa tests

* fix: better const naming for passwd derivation
@Manuthor Manuthor merged commit 63ca4a2 into develop Mar 1, 2024
15 checks passed
@Manuthor Manuthor deleted the 151-accurate-cryptographicalgorithm-for-kmip-key-creation-on-elliptic-curves branch March 1, 2024 15:56
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ThibsG ThibsG ThibsG left review comments

@Manuthor Manuthor Awaiting requested review from Manuthor

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Accurate CryptographicAlgorithm for KMIP key creation on elliptic curves
3 participants
@JosePisco @ThibsG @Manuthor