Re: [openssl-users] Behaviour changed between 1.1.0 and 1.1.1
Just created the PR: https://github.com/openssl/openssl/pull/7000 Thanks again for reporting this! Nicola Tuveri On Sat, 18 Aug 2018 at 00:15, Dmitry Belyavsky wrote: > Dear Nicola, > On Fri, Aug 17, 2018 at 11:00 PM Nicola wrote: > >> You just reproduced it :) >>> >>> Output for the file a.pem contains Private key, Public key and Parameter >>> set; the one for tmp.pem does not. >>> >> >> You are right, I was expecting some kind of error, and realized that >> there was something strange just after hitting the Send button, as usual! >> >> Anyway, I think I found the problem, with the invaluable help of Billy >> Brumley in the backstage! >> >> It's a bug in the current GFp_simple_ladder implementation that was not >> catched by existing regression testing. >> >> I'll open a proper PR to fix this as soon as we finish to test the >> alternative implementation. >> > > Thank you very much! > > >> >> In the meantime you might open a proper issue in Github for this problem >> so that the bug will be properly tracked! >> > > https://github.com/openssl/openssl/issues/6999 > > -- > SY, Dmitry Belyavsky > -- > openssl-users mailing list > To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users > -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] Behaviour changed between 1.1.0 and 1.1.1
Dear Nicola, On Fri, Aug 17, 2018 at 11:00 PM Nicola wrote: > You just reproduced it :) >> >> Output for the file a.pem contains Private key, Public key and Parameter >> set; the one for tmp.pem does not. >> > > You are right, I was expecting some kind of error, and realized that there > was something strange just after hitting the Send button, as usual! > > Anyway, I think I found the problem, with the invaluable help of Billy > Brumley in the backstage! > > It's a bug in the current GFp_simple_ladder implementation that was not > catched by existing regression testing. > > I'll open a proper PR to fix this as soon as we finish to test the > alternative implementation. > Thank you very much! > > In the meantime you might open a proper issue in Github for this problem > so that the bug will be properly tracked! > https://github.com/openssl/openssl/issues/6999 -- SY, Dmitry Belyavsky -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] Behaviour changed between 1.1.0 and 1.1.1
> > You just reproduced it :) > > Output for the file a.pem contains Private key, Public key and Parameter > set; the one for tmp.pem does not. > You are right, I was expecting some kind of error, and realized that there was something strange just after hitting the Send button, as usual! Anyway, I think I found the problem, with the invaluable help of Billy Brumley in the backstage! It's a bug in the current GFp_simple_ladder implementation that was not catched by existing regression testing. I'll open a proper PR to fix this as soon as we finish to test the alternative implementation. In the meantime you might open a proper issue in Github for this problem so that the bug will be properly tracked! Thanks for reporting this, Nicola Tuveri -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] Behaviour changed between 1.1.0 and 1.1.1
Dear Nicola, You just reproduced it :) Output for the file a.pem contains Private key, Public key and Parameter set; the one for tmp.pem does not. On Fri, Aug 17, 2018 at 6:42 PM Nicola wrote: > I can't reproduce the issue, using latest master for both gost and openssl: > > /tmpram/gost > export OPENSSL_ENGINES=/tmpram/gost/engine/bin > /tmpram/gost > /tmpram/openssl-111-pre9-dev/bin/openssl pkey -engine gost > -pubout -text -in tmp.pem > engine "gost" set. > Private key: > 28A509558DB1969DB89A4CB517D8A759EAB79A6D09FEECDAE87B03BECA604B36 > /tmpram/gost > /tmpram/openssl-111-pre9-dev/bin/openssl pkey -engine gost > -pubout -text -in a.pem > engine "gost" set. > -BEGIN PUBLIC KEY- > MGMwHAYGKoUDAgITMBIGByqFAwICIwEGByqFAwICHgEDQwAEQORQaJaqv4S10bz4 > jw112dGlrtD+DyGR8TqkhmOvlJB46VUIbpBsEHs8nn0pXtzsIfEwgV8Oxo/QA0Ri > Qu5j7SU= > -END PUBLIC KEY- > Private key: > 46150327559001221F9F1F9A50CD9E6A0CD5F5D0ADEA6439C1DB5E9EBD994BF6 > Public key: >X:789094AF6386A43AF191210FFED0AEA5D1D9750D8FF8BCD1B584BFAA966850E4 >Y:25ED63EE42624403D08FC60E5F8130F121ECDC5E297D9E3C7B106C906E0855E9 > Parameter set: id-GostR3410-2001-CryptoPro-A-ParamSet > > > On Fri, 17 Aug 2018 at 18:15, Dmitry Belyavsky wrote: > >> Hello, >> >> I use my engine providing gost algorithms ( >> https://github.com/gost-engine/engine). It seems not to have any >> relevant changes between 1.1.0 and current master, but the command >> >> OPENSSL_CONF=engine.conf openssl pkey -pubout -text -in tmp.pem >> >> works ok for 1.1.0 version and does not work for current master. >> For the file a.pem both versions provide similar output. >> >> engine.conf is minimal conf to load gost engine: >> = >> openssl_conf = openssl_def >> [openssl_def] >> engines = engine_section >> >> [engine_section] >> gost = gost_section >> >> [gost_section] >> engine_id = gost >> dynamic_path = /path/to/libgost.so >> default_algorithms = ALL >> CRYPT_PARAMS = id-Gost28147-89-CryptoPro-A-ParamSet >> === >> >> I've found out that behavior of the >> function EC_POINT_get_affine_coordinates_GFp has changed between versions >> 1.1.0 and current master. >> >> Also I found that pkey command ignores result of the calls >> to EVP_PKEY_print_public and EVP_PKEY_print_private. >> >> Could you please clarify whether it's a bug in my engine or something >> incompatible in openssl code? >> >> Thank you! >> -- >> SY, Dmitry Belyavsky >> -- >> openssl-users mailing list >> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users >> > -- > openssl-users mailing list > To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users > -- SY, Dmitry Belyavsky -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] Behaviour changed between 1.1.0 and 1.1.1
I can't reproduce the issue, using latest master for both gost and openssl: /tmpram/gost > export OPENSSL_ENGINES=/tmpram/gost/engine/bin /tmpram/gost > /tmpram/openssl-111-pre9-dev/bin/openssl pkey -engine gost -pubout -text -in tmp.pem engine "gost" set. Private key: 28A509558DB1969DB89A4CB517D8A759EAB79A6D09FEECDAE87B03BECA604B36 /tmpram/gost > /tmpram/openssl-111-pre9-dev/bin/openssl pkey -engine gost -pubout -text -in a.pem engine "gost" set. -BEGIN PUBLIC KEY- MGMwHAYGKoUDAgITMBIGByqFAwICIwEGByqFAwICHgEDQwAEQORQaJaqv4S10bz4 jw112dGlrtD+DyGR8TqkhmOvlJB46VUIbpBsEHs8nn0pXtzsIfEwgV8Oxo/QA0Ri Qu5j7SU= -END PUBLIC KEY- Private key: 46150327559001221F9F1F9A50CD9E6A0CD5F5D0ADEA6439C1DB5E9EBD994BF6 Public key: X:789094AF6386A43AF191210FFED0AEA5D1D9750D8FF8BCD1B584BFAA966850E4 Y:25ED63EE42624403D08FC60E5F8130F121ECDC5E297D9E3C7B106C906E0855E9 Parameter set: id-GostR3410-2001-CryptoPro-A-ParamSet On Fri, 17 Aug 2018 at 18:15, Dmitry Belyavsky wrote: > Hello, > > I use my engine providing gost algorithms ( > https://github.com/gost-engine/engine). It seems not to have any relevant > changes between 1.1.0 and current master, but the command > > OPENSSL_CONF=engine.conf openssl pkey -pubout -text -in tmp.pem > > works ok for 1.1.0 version and does not work for current master. > For the file a.pem both versions provide similar output. > > engine.conf is minimal conf to load gost engine: > = > openssl_conf = openssl_def > [openssl_def] > engines = engine_section > > [engine_section] > gost = gost_section > > [gost_section] > engine_id = gost > dynamic_path = /path/to/libgost.so > default_algorithms = ALL > CRYPT_PARAMS = id-Gost28147-89-CryptoPro-A-ParamSet > === > > I've found out that behavior of the > function EC_POINT_get_affine_coordinates_GFp has changed between versions > 1.1.0 and current master. > > Also I found that pkey command ignores result of the calls > to EVP_PKEY_print_public and EVP_PKEY_print_private. > > Could you please clarify whether it's a bug in my engine or something > incompatible in openssl code? > > Thank you! > -- > SY, Dmitry Belyavsky > -- > openssl-users mailing list > To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users > -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
[openssl-users] Behaviour changed between 1.1.0 and 1.1.1
Hello, I use my engine providing gost algorithms ( https://github.com/gost-engine/engine). It seems not to have any relevant changes between 1.1.0 and current master, but the command OPENSSL_CONF=engine.conf openssl pkey -pubout -text -in tmp.pem works ok for 1.1.0 version and does not work for current master. For the file a.pem both versions provide similar output. engine.conf is minimal conf to load gost engine: = openssl_conf = openssl_def [openssl_def] engines = engine_section [engine_section] gost = gost_section [gost_section] engine_id = gost dynamic_path = /path/to/libgost.so default_algorithms = ALL CRYPT_PARAMS = id-Gost28147-89-CryptoPro-A-ParamSet === I've found out that behavior of the function EC_POINT_get_affine_coordinates_GFp has changed between versions 1.1.0 and current master. Also I found that pkey command ignores result of the calls to EVP_PKEY_print_public and EVP_PKEY_print_private. Could you please clarify whether it's a bug in my engine or something incompatible in openssl code? Thank you! -- SY, Dmitry Belyavsky a.pem Description: application/x509-ca-cert tmp.pem Description: application/x509-ca-cert -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
