WIP: Preview of CMP implementation, incremental PR chunk 4: CMP context/parameters

mpeylo / cmpossl

An OpenSSL-based implementation of the Certificate Management Protocol (CMP), defined in IETF RFCs 4210, 4211, and 6712. It is being extended according to the emerging RFCs 'CMP Updates' (CMPv3), 'CMP Algorithms', and 'Lightweight CMP Profile'.

https://github.com/mpeylo/cmpossl/wiki

Other

35 stars 13 forks source link

WIP: Preview of CMP implementation, incremental PR chunk 4: CMP context/parameters #178

Closed DDvO closed 5 years ago

DDvO commented 5 years ago

NOTE: this is not an actual pull request but is meant as a preview of a later OpenSSL PR. While chunk 3 https://github.com/openssl/openssl/pull/8669 is not yet fully approved, this preview can be used for adding initial review comments.

Certificate Management Protocol (CMP, RFC 4210) extension to OpenSSL. Also includes CRMF (RFC 4211) and HTTP transfer (RFC 6712).

CMP and CRMF API is added to libcrypto, and the "cmp" app to the openssl CLI. Adds extensive man pages and tests. Integration into build scripts.

4th chunk: CMP context/parameters in cmp_ctx.c and cmp_ctx_test.c and related files.

Checklist

[ ] documentation is added or updated
[x] tests are added or updated

DDvO commented 5 years ago

@mattcaswell, did you notice that, as discussed in with our PR for chunk3: https://github.com/openssl/openssl/pull/8669, the preview of our chunk 4 is here?

mattcaswell commented 5 years ago

Yes, I noticed...I just haven't got as far as taking a look yet. Will try to do that soon.

DDvO commented 5 years ago

Thanks @mattcaswell for all your comments! Meanwhile we have addressed all of them.

mattcaswell commented 5 years ago

Can this be raised as an official PR now?

DDvO commented 5 years ago

Can this be raised as an official PR now?

Did you see the two comments I made above: https://github.com/mpeylo/cmpossl/pull/178#discussion_r290520870 and https://github.com/mpeylo/cmpossl/pull/178#discussion_r290488571 yesterday evening? Among others, I wrote

In preparation of a separate PR for the trace API improvements and CMP chunk 4 (which I plan for later this week) I've just moved the enhancements of the trace API (namely, a severity/verbosity level and automatic output of function name, file name, line number, and severity level) to trace.h and trace.c and did some small further improvements. What do you think about the new trace/logging code?

DDvO commented 5 years ago

@mattcaswell, I've just dome some further small improvements to the preliminary trace enhancements. Would be nice if you can give some quick first feedback on them before I raise this as an official PR (after carving out the changes to the trace API as an extra RP) because it includes some assumptions about the features of the trace API (mostly in cmp_util.h and cmp_util.c). I can do the PRs for CMP chunk 4 and for the trace API improvements either tomorrow or on Friday.

mattcaswell commented 5 years ago

Will try and take a look tomorrow.

DDvO commented 5 years ago

@mattcaswell, we have just provided

CMP chunk 4: https://github.com/openssl/openssl/pull/9107 and
the separate PR on the trace API enhancements: https://github.com/openssl/openssl/pull/9110

mattcaswell commented 5 years ago

Yes I saw - apologies for not getting back to you before you got that far.