tarantool icon indicating copy to clipboard operation
tarantool copied to clipboard

Published 20 hours ago verified publisher icon tarantool

lua: add RSA-PSS verify OSSL wrapper

Open Lord-KA opened this issue 1 year ago • 2 comments

This patch adds Lua wrapper for OpenSSL RSA-PSS signature verification. It is required by integrity module to validate hashes.json file.

Part of tarantool/tarantool-ee#679

NO_DOC=yet NO_CHANGELOG=yet NO_TEST=yet

Lord-KA avatar Feb 14 '24 07:02 Lord-KA

For now it fails because on static builds we use OpenSSL 1.* and the patch utilizes API from OpenSSL 3.*. Blocked by ossl bump: https://github.com/tarantool/tarantool-ee/issues/176.

Lord-KA avatar Apr 14 '24 11:04 Lord-KA

Well, there is an issue with the dynamic builds too, as they are built on runners with obsolete OpenSSL 1.1.1. Maybe it's time to drop all support for ossl 1 and move the runners to 3.*. Note that this should be accommodated by removing all duplicating code with ossl 1 API.

Lord-KA avatar May 02 '24 19:05 Lord-KA