Skip to content
  1. May 04, 2024
    • Alex Gaynor's avatar
      Prepare backports for 42.0.6 release (#10929) · cfad0047
      Alex Gaynor authored 
      * Upgrade openssl package for libressl 3.9.1 support

* Ensure a good error message when cffi module fails to import

* CHANGELOG

* Bump version for 42.0.6 release

* It's not FIPS anymore

* Resolve new clippy warnings (#10755)

The fixes themselves are of marginal value 🙃

* fix warning from latest nightly rust (#10486)

* fix warning from latest nightly rust

* Update lib.rs
      42.0.6
      cfad0047
  3. Feb 24, 2024
  5. Feb 21, 2024
    • Alex Gaynor's avatar
      Bump for 42.0.4 release (#10445) · fe18470f
      Alex Gaynor authored
      42.0.4
      fe18470f
    • Alex Gaynor's avatar
      Fix ASN.1 issues in PKCS#7 and S/MIME signing (#10373) (#10442) · aaa2dd06
      Alex Gaynor authored 
      

* Fix ASN.1 for S/MIME capabilities.

The current implementation defines the SMIMECapabilities attribute
so that its value is a SEQUENCE of all the algorithm OIDs that are
supported.
However, the S/MIME v3 spec (RFC 2633) specifies that each algorithm
should be specified in its own SEQUENCE:

SMIMECapabilities ::= SEQUENCE OF SMIMECapability

SMIMECapability ::= SEQUENCE {
   capabilityID OBJECT IDENTIFIER,
   parameters ANY DEFINED BY capabilityID OPTIONAL }

(RFC 2633, Appendix A)

This commit changes the implementation so that each algorithm
is inside its own SEQUENCE. This also matches the OpenSSL
implementation.

* Fix the RSA OID used for signing PKCS#7/SMIME

The current implementation computes the algorithm identifier used
in the `digest_encryption_algorithm` PKCS#7 field
(or `SignatureAlgorithmIdentifier` in S/MIME) based on both the
algorithm used to sign (e.g. RSA) and the digest algorithm (e.g. SHA512).

This is correct for ECDSA signatures, where the OIDs used include the
digest algorithm (e.g: ecdsa-with-SHA512). However, due to historical
reasons, when signing with RSA the OID specified should be the one
corresponding to just RSA ("1.2.840.113549.1.1.1" rsaEncryption),
rather than OIDs which also include the digest algorithm (such as
"1.2.840.113549.1.1.13", sha512WithRSAEncryption).

This means that the logic to compute the algorithm identifier is the
same except when signing with RSA, in which case the OID will always
be `rsaEncryption`. This is consistent with the OpenSSL implementation,
and the RFCs that define PKCS#7 and S/MIME.

See RFC 3851 (section 2.2), and RFC 3370 (section 3.2) for more details.

* Add tests for the changes in PKCS7 signing

* PKCS7 fixes from code review

* Update CHANGELOG

Co-authored-by: default avatarFacundo Tuesca <facundo.tuesca@trailofbits.com>
      aaa2dd06
  7. Feb 20, 2024
  9. Feb 18, 2024
  11. Feb 16, 2024
  13. Feb 04, 2024
    • Paul Kehrer's avatar
      backport: initialize openssl's legacy provider in rust (#10323) (#10333) · 0e0e46f5
      Paul Kehrer authored 
      * initialize openssl's legacy provider in rust (#10323)

* initialize openssl's legacy provider in rust

as we oxidize we need to do this here to ensure it actually happens

* alex is a comment format pedant

* remove the memleak tests (#10322)

they are fragile, haven't caught regressions, and increasingly pointless
as we oxidize.
      0e0e46f5
  15. Jan 31, 2024
  17. Jan 30, 2024
  19. Jan 27, 2024
  21. Jan 26, 2024
  23. Jan 25, 2024
  25. Jan 23, 2024
  27. Jan 22, 2024
  29. Jan 21, 2024
  31. Jan 20, 2024