[PATCH 00/21] DPP: Remove direct dependency on OpenSSL

Cedric Izoard cedric.izoard at ceva-dsp.com
Mon Jun 28 09:25:17 PDT 2021

The purpose of this series is to remove direct calls to OpenSSL
in DPP code and to use the crypto.h API instead.

The last 2 patches (CSR and PKCS7) will definitely need another
revision but I'm not sure what the best way to deal with this.

Cedric Izoard (21):
  Complete Documentation in crypto.h
  openssl: use EVP_PKEY as struct crypto_ec_key
  dpp: replace EVP_PKEY by struct crypto_ec_key
  dpp: move dpp_gen_keypair to crypto
  dpp: factorize conversion to ASN.1 ECPrivateKey
  dpp: replace dpp_get_pubkey_point by crypto_ec_key_get_pubkey_point
  dpp: move dpp_set_pubkey_point_group to crypto.h
  dpp: use crypto_ec_key_get_subject_public_key when possible
  dpp: use crypto_ec_key_parse_pub in dpp_get_subject_public_key
  dpp: use crypto_ec_key_parse_priv when possible
  dpp: Update pkex part to use crypto.h API
  dpp: Use ECDH from crypto.h
  dpp: Use crypto.h for authentication computation
  dpp: Update connector signing to use crypto.h
  dpp: Use crypto API for reconfig part
  dpp: Use crypto_ec_key_group to compare EC Key's group
  dpp: Add crypto_ec_key_cmp in crypto.h
  dpp: remove direct call to OpenSSL in dpp_test_gen_invalid_key
  dpp: Move debug print of EC key to crypto.h
  dpp: csr rewrote to use crypto.h
  dpp: rename dpp_pkcs7_certs to pkcs7_get_certificates

 src/common/dpp.c            |  169 ++--
 src/common/dpp.h            |   29 +-
 src/common/dpp_auth.c       |   18 +-
 src/common/dpp_backup.c     |   73 +-
 src/common/dpp_crypto.c     | 1860 +++++++++--------------------------
 src/common/dpp_i.h          |   64 +-
 src/common/dpp_pkex.c       |  278 ++----
 src/common/dpp_reconfig.c   |   34 +-
 src/crypto/crypto.h         |  354 ++++++-
 src/crypto/crypto_openssl.c |  827 +++++++++++++++-
 src/tls/pkcs7.h             |   13 +
 tests/hwsim/test_dpp.py     |   22 +-
 12 files changed, 1885 insertions(+), 1856 deletions(-)
 create mode 100644 src/tls/pkcs7.h


More information about the Hostap mailing list