OpenSSL 3.2 features to expose

[reaperhulk]

This is a tracking issue for the features in OpenSSL 3.2.0 we want to expose or investigate further:

• [x] AES-GCM-SIV
• [x] RFC6979 (needs rust-openssl work for OSSL_PARAM)
• [ ] argon2id (needs rust-openssl work for OSSL_PARAM)
• [x] Investigate whether we need to compile with no-sm2-precomp to prevent linking in a half megabyte of precomputed table.
• [x] Build with no-apps and no-docs
• [ ] ed25519/ed448 [ctx/ph]
• [ ] HPKE
• [x] default implicit rejection is now enabled for RSA (#9785)

[alex]

https://github.com/pyca/cryptography/pull/9914

[adiroiban]

Thanks for including OpenSSL 3.2.1 in 42.0.2

I am looking into argon2 support, so that I can read Putty v3 SSH key files.

I see that argon2 support in cryptography is blocked by rust-openssl I don't see any issue created for argon2 in the rust-openssl repo.

I guess that this needs to be defined here https://github.com/sfackler/rust-openssl/blob/master/openssl-sys/src/evp.rs

I am new to rust, but I am happy to help with the work required for argon2

Should I create a PR for rust-openssl ?

Thanks!

[reaperhulk]

Adding argon2 in rust-OpenSSL is the blocker, yes. However that requires implementing EVP_KDF support, which in turn requires OSSL_PARAM. The latter should not be exposed as a public API in the rust library. We intend to do this work but don’t have an ETA so if you want to contribute feel free!

[adiroiban]

I can see that OSSL_PARAM is available since version 0.9.100 https://github.com/sfackler/rust-openssl/pull/2144 I guess that is just the low-level binding API.

So it also needs https://www.openssl.org/docs/manmaster/man3/EVP_KDF.html this bindings

---

Why not implement this via cffi python bindings, similar to what is already implemented here https://github.com/pyca/cryptography/blob/main/src/_cffi_src/openssl/evp.py ?

[reaperhulk]

We are actively moving away from cffi and intend to eliminate it entirely at some point in the future.