Crypto lib #16825
Crypto lib #16825
Conversation
Signed-off-by: Michael Boquard <michael@redpanda.com>
Added myself to CODEOWNERS for crypto library Signed-off-by: Michael Boquard <michael@redpanda.com>
Signed-off-by: Michael Boquard <michael@redpanda.com>
michael-redpanda
requested review from
dotnwat,
BenPope,
oleiman,
pgellert and
graphcareful
|
ducktape was retried in https://buildkite.com/redpanda/redpanda/builds/45526#018df822-60eb-4f1b-86da-8ef1b8f73b92 ducktape was retried in https://buildkite.com/redpanda/redpanda/builds/45526#018df825-f626-41fc-ae15-aa9fa1f60900 ducktape was retried in https://buildkite.com/redpanda/redpanda/builds/45543#018df9cd-b49a-4bd7-8558-7b830a10a36d |
michael-redpanda
force-pushed
the
crypto-lib2
branch
from
c6e338b
to
37a2cd1
Compare
|
Force push
|
| if (1 != RAND_priv_bytes_ex(nullptr, buf.data(), buf.size(), 0)) { | ||
| throw internal::ossl_error( | ||
| "Failed to get random output from private RNG"); | ||
| } | ||
| } else { | ||
| if (1 != RAND_bytes_ex(nullptr, buf.data(), buf.size(), 0)) { |
There was a problem hiding this comment.
What does it mean for "The bytes generated will have a security strength of at least strength bits", when strength is 0?
There was a problem hiding this comment.
I believe '0' means "don't care" (it's not documented at all... RAND_bytes calls RAND_bytes_ex with a strength of 0). The strength indicates an expected level of security. So if the DRBG supports 128 bits of security but the caller requests 256, it will fail. I don't believe it's necessarily a parameter to condition the DRBG output but just to ensure it meets a minimum level.
But I will look into it.
There was a problem hiding this comment.
Yeah confirmed.... strength is just a check to ensure the RNG being used can supply the appropriate security level, per their docs:
The bytes generated will have a security strength of at least strength bits.
There was a problem hiding this comment.
It's still not clear to me what it is. This is about as far as I got trying to figure it out: openssl/openssl#15560
* MD5 * SHA256 * SHA512 Signed-off-by: Michael Boquard <michael@redpanda.com>
Signed-off-by: Michael Boquard <michael@redpanda.com>
Support loading PEM encoded RSA public and private keys and RSA public keys via modulus and public exponent. Signed-off-by: Michael Boquard <michael@redpanda.com>
Signed-off-by: Michael Boquard <michael@redpanda.com>
Signed-off-by: Michael Boquard <michael@redpanda.com>
michael-redpanda
force-pushed
the
crypto-lib2
branch
from
37a2cd1
to
ec0b9ac
Compare
|
Force push
|
| @@ -124,6 +124,7 @@ add_subdirectory(wasm) | |||
| add_subdirectory(transform) | |||
| add_subdirectory(container) | |||
| add_subdirectory(strings) | |||
| add_subdirectory(crypto) | |||
There was a problem hiding this comment.
Please add a note to src/v/README.md about the crypto library.
| ctx.update(bytes_view_to_string_view(sha256_test_val)); | ||
| bytes dgst(bytes::initialized_later{}, ctx.size()); | ||
| ctx.reset(bytes_span_to_char_span(dgst)); | ||
| ASSERT_EQ(dgst, sha256_expected_val); |
There was a problem hiding this comment.
FWIW the "recommended" way to use GTest is to always use EXPECT_ except when not doing so would lead to a crash or UB.
Example of when to use assert: https://github.com/abseil/abseil-cpp/blob/8dc90ff07402cd027daec520bb77f46e51855889/absl/algorithm/container_test.cc#L314-L319
TEST_F(NonMutatingTest, LowerBound) {
std::list<int>::iterator i = absl::c_lower_bound(sequence_, 3);
ASSERT_TRUE(i != sequence_.end());
EXPECT_EQ(2, std::distance(sequence_.begin(), i));
EXPECT_EQ(3, *i);
}
Implementation of a cryptographic middleware that abstracts away the underlying cryptographic library.
See the README for information on how to use the library.
Fixes: https://github.com/redpanda-data/core-internal/issues/1096
This replaces #16752
Backports Required
Release Notes