mirror of
https://github.com/nodejs/node.git
synced 2025-08-15 05:38:47 +02:00
src: update OpenSSL pqc checks
PR-URL: https://github.com/nodejs/node/pull/59436 Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: Richard Lau <richard.lau@ibm.com>
This commit is contained in:
Filip Skokan
GitHub
parent
abccbb438b
commit
db18bc865a
6 changed files with 22 additions and 19 deletions
8
deps/ncrypto/ncrypto.cc
vendored
8
deps/ncrypto/ncrypto.cc
vendored
|
|
@ -1897,7 +1897,7 @@ EVPKeyPointer EVPKeyPointer::NewRawPrivate(
|
|||
EVP_PKEY_new_raw_private_key(id, nullptr, data.data, data.len));
|
||||
}
|
||||
|
||||
#if OPENSSL_VERSION_MAJOR >= 3 && OPENSSL_VERSION_MINOR >= 5
|
||||
#if OPENSSL_WITH_PQC
|
||||
EVPKeyPointer EVPKeyPointer::NewRawSeed(
|
||||
int id, const Buffer<const unsigned char>& data) {
|
||||
if (id == 0) return {};
|
||||
|
|
@ -1968,7 +1968,7 @@ EVP_PKEY* EVPKeyPointer::release() {
|
|||
int EVPKeyPointer::id(const EVP_PKEY* key) {
|
||||
if (key == nullptr) return 0;
|
||||
int type = EVP_PKEY_id(key);
|
||||
#if OPENSSL_VERSION_MAJOR >= 3 && OPENSSL_VERSION_MINOR >= 5
|
||||
#if OPENSSL_WITH_PQC
|
||||
// https://github.com/openssl/openssl/issues/27738#issuecomment-3013215870
|
||||
if (type == -1) {
|
||||
if (EVP_PKEY_is_a(key, "ML-DSA-44")) return EVP_PKEY_ML_DSA_44;
|
||||
|
|
@ -2032,7 +2032,7 @@ DataPointer EVPKeyPointer::rawPublicKey() const {
|
|||
return {};
|
||||
}
|
||||
|
||||
#if OPENSSL_VERSION_MAJOR >= 3 && OPENSSL_VERSION_MINOR >= 5
|
||||
#if OPENSSL_WITH_PQC
|
||||
DataPointer EVPKeyPointer::rawSeed() const {
|
||||
if (!pkey_) return {};
|
||||
switch (id()) {
|
||||
|
|
@ -2515,7 +2515,7 @@ bool EVPKeyPointer::isOneShotVariant() const {
|
|||
switch (type) {
|
||||
case EVP_PKEY_ED25519:
|
||||
case EVP_PKEY_ED448:
|
||||
#if OPENSSL_VERSION_MAJOR >= 3 && OPENSSL_VERSION_MINOR >= 5
|
||||
#if OPENSSL_WITH_PQC
|
||||
case EVP_PKEY_ML_DSA_44:
|
||||
case EVP_PKEY_ML_DSA_65:
|
||||
case EVP_PKEY_ML_DSA_87:
|
||||
|
|
|
|||
13
deps/ncrypto/ncrypto.h
vendored
13
deps/ncrypto/ncrypto.h
vendored
|
|
@ -28,11 +28,14 @@
|
|||
#include <openssl/fips.h>
|
||||
#endif // OPENSSL_FIPS
|
||||
|
||||
#if OPENSSL_VERSION_MAJOR >= 3
|
||||
#define OSSL3_CONST const
|
||||
#if OPENSSL_VERSION_MINOR >= 5
|
||||
// Define OPENSSL_WITH_PQC for post-quantum cryptography support
|
||||
#if OPENSSL_VERSION_NUMBER >= 0x30500000L
|
||||
#define OPENSSL_WITH_PQC 1
|
||||
#include <openssl/core_names.h>
|
||||
#endif
|
||||
|
||||
#if OPENSSL_VERSION_MAJOR >= 3
|
||||
#define OSSL3_CONST const
|
||||
#else
|
||||
#define OSSL3_CONST
|
||||
#endif
|
||||
|
|
@ -820,7 +823,7 @@ class EVPKeyPointer final {
|
|||
const Buffer<const unsigned char>& data);
|
||||
static EVPKeyPointer NewRawPrivate(int id,
|
||||
const Buffer<const unsigned char>& data);
|
||||
#if OPENSSL_VERSION_MAJOR >= 3 && OPENSSL_VERSION_MINOR >= 5
|
||||
#if OPENSSL_WITH_PQC
|
||||
static EVPKeyPointer NewRawSeed(int id,
|
||||
const Buffer<const unsigned char>& data);
|
||||
#endif
|
||||
|
|
@ -917,7 +920,7 @@ class EVPKeyPointer final {
|
|||
DataPointer rawPrivateKey() const;
|
||||
BIOPointer derPublicKey() const;
|
||||
|
||||
#if OPENSSL_VERSION_MAJOR >= 3 && OPENSSL_VERSION_MINOR >= 5
|
||||
#if OPENSSL_WITH_PQC
|
||||
DataPointer rawSeed() const;
|
||||
#endif
|
||||
|
||||
|
|
|
|||
|
|
@ -177,7 +177,7 @@ bool ExportJWKAsymmetricKey(Environment* env,
|
|||
// Fall through
|
||||
case EVP_PKEY_X448:
|
||||
return ExportJWKEdKey(env, key, target);
|
||||
#if OPENSSL_VERSION_MAJOR >= 3 && OPENSSL_VERSION_MINOR >= 5
|
||||
#if OPENSSL_WITH_PQC
|
||||
case EVP_PKEY_ML_DSA_44:
|
||||
// Fall through
|
||||
case EVP_PKEY_ML_DSA_65:
|
||||
|
|
@ -280,7 +280,7 @@ int GetNidFromName(const char* name) {
|
|||
nid = EVP_PKEY_X25519;
|
||||
} else if (strcmp(name, "X448") == 0) {
|
||||
nid = EVP_PKEY_X448;
|
||||
#if OPENSSL_VERSION_MAJOR >= 3 && OPENSSL_VERSION_MINOR >= 5
|
||||
#if OPENSSL_WITH_PQC
|
||||
} else if (strcmp(name, "ML-DSA-44") == 0) {
|
||||
nid = EVP_PKEY_ML_DSA_44;
|
||||
} else if (strcmp(name, "ML-DSA-65") == 0) {
|
||||
|
|
@ -620,7 +620,7 @@ Local<Function> KeyObjectHandle::Initialize(Environment* env) {
|
|||
SetProtoMethod(isolate, templ, "exportJwk", ExportJWK);
|
||||
SetProtoMethod(isolate, templ, "initECRaw", InitECRaw);
|
||||
SetProtoMethod(isolate, templ, "initEDRaw", InitEDRaw);
|
||||
#if OPENSSL_VERSION_MAJOR >= 3 && OPENSSL_VERSION_MINOR >= 5
|
||||
#if OPENSSL_WITH_PQC
|
||||
SetProtoMethod(isolate, templ, "initMlDsaRaw", InitMlDsaRaw);
|
||||
#endif
|
||||
SetProtoMethod(isolate, templ, "initJwk", InitJWK);
|
||||
|
|
@ -643,7 +643,7 @@ void KeyObjectHandle::RegisterExternalReferences(
|
|||
registry->Register(ExportJWK);
|
||||
registry->Register(InitECRaw);
|
||||
registry->Register(InitEDRaw);
|
||||
#if OPENSSL_VERSION_MAJOR >= 3 && OPENSSL_VERSION_MINOR >= 5
|
||||
#if OPENSSL_WITH_PQC
|
||||
registry->Register(InitMlDsaRaw);
|
||||
#endif
|
||||
registry->Register(InitJWK);
|
||||
|
|
@ -838,7 +838,7 @@ void KeyObjectHandle::InitEDRaw(const FunctionCallbackInfo<Value>& args) {
|
|||
args.GetReturnValue().Set(true);
|
||||
}
|
||||
|
||||
#if OPENSSL_VERSION_MAJOR >= 3 && OPENSSL_VERSION_MINOR >= 5
|
||||
#if OPENSSL_WITH_PQC
|
||||
void KeyObjectHandle::InitMlDsaRaw(const FunctionCallbackInfo<Value>& args) {
|
||||
Environment* env = Environment::GetCurrent(args);
|
||||
KeyObjectHandle* key;
|
||||
|
|
@ -971,7 +971,7 @@ Local<Value> KeyObjectHandle::GetAsymmetricKeyType() const {
|
|||
return env()->crypto_x25519_string();
|
||||
case EVP_PKEY_X448:
|
||||
return env()->crypto_x448_string();
|
||||
#if OPENSSL_VERSION_MAJOR >= 3 && OPENSSL_VERSION_MINOR >= 5
|
||||
#if OPENSSL_WITH_PQC
|
||||
case EVP_PKEY_ML_DSA_44:
|
||||
return env()->crypto_ml_dsa_44_string();
|
||||
case EVP_PKEY_ML_DSA_65:
|
||||
|
|
@ -1254,7 +1254,7 @@ void Initialize(Environment* env, Local<Object> target) {
|
|||
NODE_DEFINE_CONSTANT(target, kWebCryptoKeyFormatJWK);
|
||||
NODE_DEFINE_CONSTANT(target, EVP_PKEY_ED25519);
|
||||
NODE_DEFINE_CONSTANT(target, EVP_PKEY_ED448);
|
||||
#if OPENSSL_VERSION_MAJOR >= 3 && OPENSSL_VERSION_MINOR >= 5
|
||||
#if OPENSSL_WITH_PQC
|
||||
NODE_DEFINE_CONSTANT(target, EVP_PKEY_ML_DSA_44);
|
||||
NODE_DEFINE_CONSTANT(target, EVP_PKEY_ML_DSA_65);
|
||||
NODE_DEFINE_CONSTANT(target, EVP_PKEY_ML_DSA_87);
|
||||
|
|
|
|||
|
|
@ -152,7 +152,7 @@ class KeyObjectHandle : public BaseObject {
|
|||
static void Init(const v8::FunctionCallbackInfo<v8::Value>& args);
|
||||
static void InitECRaw(const v8::FunctionCallbackInfo<v8::Value>& args);
|
||||
static void InitEDRaw(const v8::FunctionCallbackInfo<v8::Value>& args);
|
||||
#if OPENSSL_VERSION_MAJOR >= 3 && OPENSSL_VERSION_MINOR >= 5
|
||||
#if OPENSSL_WITH_PQC
|
||||
static void InitMlDsaRaw(const v8::FunctionCallbackInfo<v8::Value>& args);
|
||||
#endif
|
||||
static void InitJWK(const v8::FunctionCallbackInfo<v8::Value>& args);
|
||||
|
|
|
|||
|
|
@ -14,7 +14,7 @@ using v8::Value;
|
|||
|
||||
namespace crypto {
|
||||
|
||||
#if OPENSSL_VERSION_MAJOR >= 3 && OPENSSL_VERSION_MINOR >= 5
|
||||
#if OPENSSL_WITH_PQC
|
||||
constexpr const char* GetMlDsaAlgorithmName(int id) {
|
||||
switch (id) {
|
||||
case EVP_PKEY_ML_DSA_44:
|
||||
|
|
|
|||
|
|
@ -9,7 +9,7 @@
|
|||
|
||||
namespace node {
|
||||
namespace crypto {
|
||||
#if OPENSSL_VERSION_MAJOR >= 3 && OPENSSL_VERSION_MINOR >= 5
|
||||
#if OPENSSL_WITH_PQC
|
||||
bool ExportJwkMlDsaKey(Environment* env,
|
||||
const KeyObjectData& key,
|
||||
v8::Local<v8::Object> target);
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue