Re: [openssl-dev] Add a new algorithm in "crypto" dir, how to add the source code into the build system

[Dmitry Belyavsky]

Dear Wei,

You will need hardcoded NIDs for many protocols implemented in OpenSSL
(TLS, PKCS12).

For most other purposes the dynamic allocation of objects using OBJ_
functions works fine,
but some years ago I had problems with some applications when I used engine
that allocated objects dynamically.
I hope that it was my fault.


On Fri, Dec 23, 2016 at 5:28 AM, Wei, Changzheng 
wrote:

> It works. Thanks a lot!
>
>
>
> *From:* openssl-dev [mailto:openssl-dev-boun...@openssl.org] *On Behalf
> Of *Peter Waltenberg
> *Sent:* Friday, December 23, 2016 8:56 AM
>
> *To:* openssl-dev@openssl.org
> *Subject:* Re: [openssl-dev] Add a new algorithm in "crypto" dir, how to
> add the source code into the build system
>
>
>
> It's changed in recent OpenSSL.
>
> 1.1.0c the directories are in Configure.
>
> # Top level directories to build
> $config{dirs} = [ "crypto", "ssl", "engines", "apps", "test", "util",
> "tools", "
> fuzz" ];
> # crypto/ subdirectories to build
> $config{sdirs} = [
> "objects",
> "md2", "md4", "md5", "sha", "mdc2", "hmac", "ripemd", "whrlpool",
> "poly1305"
> , "blake2",
> "des", "aes", "rc2", "rc4", "rc5", "idea", "bf", "cast", "camellia",
> "seed",
>  "chacha", "modes",
> "bn", "ec", "rsa", "dsa", "dh", "dso", "engine",
> "buffer", "bio", "stack", "lhash", "rand", "err",
> "evp", "asn1", "pem", "x509", "x509v3", "conf", "txt_db", "pkcs7",
> "pkcs12",
>  "comp", "ocsp", "ui",
> "cms", "ts", "srp", "cmac", "ct", "async", "kdf", "sha3"  <  Added
> sha3 to the list
> ];
>
> Persist, it can be done but there was quite a bit of trial and error
> before I got it working.
>
> Peter
>
>
>
> From:"Wei, Changzheng" 
> To:"openssl-dev@openssl.org" 
> Date:23/12/2016 10:41
> Subject:Re: [openssl-dev] Add a new algorithm in "crypto" dir,
> how to add the source code into the build system
> Sent by:"openssl-dev" 
> --
>
>
>
>
> Hi
> Thanks for your reply.
> My question is that, I add a new subdir(named *abc*) in openssl/crypto/
> *abc*, and implement codes , Makefile and build.info in the crypt/abc
> directory, but when I re-build OpenSSL, I found that this new added sub dir
> is not involved into the build system, any source file in this subdir is
> not compiled. So I want to know how to compile these new added files in
> OpenSSL build system.
>
> Thanks
>
> *From:* openssl-dev [mailto:openssl-dev-boun...@openssl.org
> ] *On Behalf Of *Short, Todd
> * Sent:* Friday, December 23, 2016 5:14 AM
> * To:* openssl-dev@openssl.org
> * Subject:* Re: [openssl-dev] Add a new algorithm in "crypto" dir, how to
> add the source code into the build system
>
> Easiest way is to fork the OpenSSL Github repo and then clone it down to
> your local machine where you can do the work locally. Once you are happy,
> push it back up to your forked Github repo, and then make a pull request
> back to the OpenSSL repo.
>
> There are lots of places you can get information on git and Github; but
> this list isn’t one of them.
> --
> -Todd Short
> // tsh...@akamai.com
> // "One if by land, two if by sea, three if by the Internet."
>
> On Dec 22, 2016, at 8:12 AM, Wei, Changzheng 
> wrote:
>
> Hi,
> I want to implement some new algorithm. To make my future work smoothly, I
> want to add a new algorithm method like “RSA_METHOD” in OpenSSL framework
> so as to I can use an “engine” to support such algorithm.
> So I add a new subdir in “crypto” and implement the code and build.inforefer
> to “crypto/rsa”.
> My question is how to add my new source code into the build system?
>
> Thanks in advance!
> --
> openssl-dev mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
>  --
> openssl-dev mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
>
>
>
> --
> openssl-dev mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
>
>


-- 
SY, Dmitry Belyavsky
-- 
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

Re: [openssl-dev] Add a new algorithm in "crypto" dir, how to add the source code into the build system

[Wei, Changzheng]

It works. Thanks a lot!

From: openssl-dev [mailto:openssl-dev-boun...@openssl.org] On Behalf Of Peter 
Waltenberg
Sent: Friday, December 23, 2016 8:56 AM
To: openssl-dev@openssl.org
Subject: Re: [openssl-dev] Add a new algorithm in "crypto" dir, how to add the 
source code into the build system

It's changed in recent OpenSSL.

1.1.0c the directories are in Configure.

# Top level directories to build
$config{dirs} = [ "crypto", "ssl", "engines", "apps", "test", "util", "tools", "
fuzz" ];
# crypto/ subdirectories to build
$config{sdirs} = [
"objects",
"md2", "md4", "md5", "sha", "mdc2", "hmac", "ripemd", "whrlpool", "poly1305"
, "blake2",
"des", "aes", "rc2", "rc4", "rc5", "idea", "bf", "cast", "camellia", "seed",
 "chacha", "modes",
"bn", "ec", "rsa", "dsa", "dh", "dso", "engine",
"buffer", "bio", "stack", "lhash", "rand", "err",
"evp", "asn1", "pem", "x509", "x509v3", "conf", "txt_db", "pkcs7", "pkcs12",
 "comp", "ocsp", "ui",
"cms", "ts", "srp", "cmac", "ct", "async", "kdf", "sha3"  <  Added sha3 
to the list
];

Persist, it can be done but there was quite a bit of trial and error before I 
got it working.

Peter



From:"Wei, Changzheng" 
>
To:"openssl-dev@openssl.org" 
>
Date:23/12/2016 10:41
Subject:Re: [openssl-dev] Add a new algorithm in "crypto" dir, how to 
add the source code into the build system
Sent by:"openssl-dev" 
>




Hi
Thanks for your reply.
My question is that, I add a new subdir(named abc) in openssl/crypto/abc, and 
implement codes , Makefile and build.info in the crypt/abc directory, but when 
I re-build OpenSSL, I found that this new added sub dir is not involved into 
the build system, any source file in this subdir is not compiled. So I want to 
know how to compile these new added files in OpenSSL build system.

Thanks

From: openssl-dev [mailto:openssl-dev-boun...@openssl.org] On Behalf Of Short, 
Todd
Sent: Friday, December 23, 2016 5:14 AM
To: openssl-dev@openssl.org
Subject: Re: [openssl-dev] Add a new algorithm in "crypto" dir, how to add the 
source code into the build system

Easiest way is to fork the OpenSSL Github repo and then clone it down to your 
local machine where you can do the work locally. Once you are happy, push it 
back up to your forked Github repo, and then make a pull request back to the 
OpenSSL repo.

There are lots of places you can get information on git and Github; but this 
list isn’t one of them.
--
-Todd Short
// tsh...@akamai.com
// "One if by land, two if by sea, three if by the Internet."

On Dec 22, 2016, at 8:12 AM, Wei, Changzheng 
> wrote:

Hi,
I want to implement some new algorithm. To make my future work smoothly, I want 
to add a new algorithm method like “RSA_METHOD” in OpenSSL framework so as to I 
can use an “engine” to support such algorithm.
So I add a new subdir in “crypto” and implement the code and 
build.inforefer to “crypto/rsa”.
My question is how to add my new source code into the build system?

Thanks in advance!
--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
 --
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev


-- 
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

Re: [openssl-dev] Add a new algorithm in "crypto" dir, how to add the source code into the build system

[Peter Waltenberg]

It's changed in recent OpenSSL.

1.1.0c the directories are in Configure. 

# Top level directories to build
$config{dirs} = [ "crypto", "ssl", "engines", "apps", "test", "util", 
"tools", "
fuzz" ];
# crypto/ subdirectories to build
$config{sdirs} = [
"objects",
"md2", "md4", "md5", "sha", "mdc2", "hmac", "ripemd", "whrlpool", 
"poly1305"
, "blake2",
"des", "aes", "rc2", "rc4", "rc5", "idea", "bf", "cast", "camellia", 
"seed",
 "chacha", "modes",
"bn", "ec", "rsa", "dsa", "dh", "dso", "engine",
"buffer", "bio", "stack", "lhash", "rand", "err",
"evp", "asn1", "pem", "x509", "x509v3", "conf", "txt_db", "pkcs7", 
"pkcs12",
 "comp", "ocsp", "ui",
"cms", "ts", "srp", "cmac", "ct", "async", "kdf", "sha3"  <  Added 
sha3 to the list
];

Persist, it can be done but there was quite a bit of trial and error 
before I got it working.

Peter



From:   "Wei, Changzheng" 
To: "openssl-dev@openssl.org" 
Date:   23/12/2016 10:41
Subject:Re: [openssl-dev] Add a new algorithm in "crypto" dir, how 
to add the source code into the build system
Sent by:"openssl-dev" 



Hi
Thanks for your reply. 
My question is that, I add a new subdir(named abc) in openssl/crypto/abc, 
and implement codes , Makefile and build.info in the crypt/abc directory, 
but when I re-build OpenSSL, I found that this new added sub dir is not 
involved into the build system, any source file in this subdir is not 
compiled. So I want to know how to compile these new added files in 
OpenSSL build system.
 
Thanks
 
From: openssl-dev [mailto:openssl-dev-boun...@openssl.org] On Behalf Of 
Short, Todd
Sent: Friday, December 23, 2016 5:14 AM
To: openssl-dev@openssl.org
Subject: Re: [openssl-dev] Add a new algorithm in "crypto" dir, how to add 
the source code into the build system
 
Easiest way is to fork the OpenSSL Github repo and then clone it down to 
your local machine where you can do the work locally. Once you are happy, 
push it back up to your forked Github repo, and then make a pull request 
back to the OpenSSL repo. 
 
There are lots of places you can get information on git and Github; but 
this list isn’t one of them.
--
-Todd Short
// tsh...@akamai.com
// "One if by land, two if by sea, three if by the Internet."
 
On Dec 22, 2016, at 8:12 AM, Wei, Changzheng  
wrote:
 
Hi, 
I want to implement some new algorithm. To make my future work smoothly, I 
want to add a new algorithm method like “RSA_METHOD” in OpenSSL framework 
so as to I can use an “engine” to support such algorithm.
So I add a new subdir in “crypto” and implement the code and build.info 
refer to “crypto/rsa”.
My question is how to add my new source code into the build system?
 
Thanks in advance!
-- 
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
 -- 
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev




-- 
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

Re: [openssl-dev] Add a new algorithm in "crypto" dir, how to add the source code into the build system

[Wei, Changzheng]

Hi
Thanks for your reply.
My question is that, I add a new subdir(named abc) in openssl/crypto/abc, and 
implement codes , Makefile and build.info in the crypt/abc directory, but when 
I re-build OpenSSL, I found that this new added sub dir is not involved into 
the build system, any source file in this subdir is not compiled. So I want to 
know how to compile these new added files in OpenSSL build system.

Thanks

From: openssl-dev [mailto:openssl-dev-boun...@openssl.org] On Behalf Of Short, 
Todd
Sent: Friday, December 23, 2016 5:14 AM
To: openssl-dev@openssl.org
Subject: Re: [openssl-dev] Add a new algorithm in "crypto" dir, how to add the 
source code into the build system

Easiest way is to fork the OpenSSL Github repo and then clone it down to your 
local machine where you can do the work locally. Once you are happy, push it 
back up to your forked Github repo, and then make a pull request back to the 
OpenSSL repo.

There are lots of places you can get information on git and Github; but this 
list isn’t one of them.
--
-Todd Short
// tsh...@akamai.com
// "One if by land, two if by sea, three if by the Internet."

On Dec 22, 2016, at 8:12 AM, Wei, Changzheng 
> wrote:

Hi,
I want to implement some new algorithm. To make my future work smoothly, I want 
to add a new algorithm method like “RSA_METHOD” in OpenSSL framework so as to I 
can use an “engine” to support such algorithm.
So I add a new subdir in “crypto” and implement the code and 
build.info refer to “crypto/rsa”.
My question is how to add my new source code into the build system?

Thanks in advance!
--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

-- 
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

Re: [openssl-dev] Add a new algorithm in "crypto" dir, how to add the source code into the build system

[Richard Levitte]

In message <20161222.225335.92995302056231655.levi...@openssl.org> on Thu, 22 
Dec 2016 22:53:35 +0100 (CET), Richard Levitte  said:

levitte> In message  on Thu, 22 
Dec 2016 13:33:16 -0800, Joey Yandle  said:
levitte> 
levitte> xoloki> > May I suggest you have a look at the GOST engine?  It does 
implement
levitte> xoloki> > the algorithm entirely in the engine.  The only things added 
in the
levitte> xoloki> > OpenSSL code are the OIDs (not strictly necessary) and the 
TLS
levitte> xoloki> > ciphersuites (I don't think that can be done dynamically at 
all, at
levitte> xoloki> > least yet).
levitte> xoloki> 
levitte> xoloki> How are the OIDs not necessary?  What about the NIDs?
levitte> 
levitte> It's not stricly necessary to add them statically in the libcrypto
levitte> code.  They can be added dynamically by the engine by calling
levitte> OBJ_create() with the correct arguments.

Applications will then have to find out the nid by calling
OBJ_txt2nid, OBJ_sn2nid or OBJ_ln2nid, depending on the data they
have.  Note: this can already be done for the built in OIDs.

Cheers,
Richard

-- 
Richard Levitte levi...@openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
-- 
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

Re: [openssl-dev] Add a new algorithm in "crypto" dir, how to add the source code into the build system

[Richard Levitte]

In message  on Thu, 22 Dec 2016 
13:33:16 -0800, Joey Yandle  said:

xoloki> > May I suggest you have a look at the GOST engine?  It does implement
xoloki> > the algorithm entirely in the engine.  The only things added in the
xoloki> > OpenSSL code are the OIDs (not strictly necessary) and the TLS
xoloki> > ciphersuites (I don't think that can be done dynamically at all, at
xoloki> > least yet).
xoloki> 
xoloki> How are the OIDs not necessary?  What about the NIDs?

It's not stricly necessary to add them statically in the libcrypto
code.  They can be added dynamically by the engine by calling
OBJ_create() with the correct arguments.

Cheers,
Richard

-- 
Richard Levitte levi...@openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
-- 
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

Re: [openssl-dev] Add a new algorithm in "crypto" dir, how to add the source code into the build system

[Joey Yandle]

May I suggest you have a look at the GOST engine?  It does implement
the algorithm entirely in the engine.  The only things added in the
OpenSSL code are the OIDs (not strictly necessary) and the TLS
ciphersuites (I don't think that can be done dynamically at all, at
least yet).


How are the OIDs not necessary?  What about the NIDs?

I've been working on an engine to add support for SIDH, using GOST as a  
template:


  https://github.com/xoloki/openssl-sidh/

GOST already had NID support in the base openssl.  I had to add at least  
one line to crypto/objects/objects.txt to get my NID:


+# NIDs for SIDH
+1 3 102 100 : SIDH : Supersingular isogeny  
Diffie–Hellman


Is there some way to add the NID dynamically?  If not, how can an  
algorithm be added?  The build system in 1.1.0 at least makes this  
relatively simple.  In 1.0.x it is far more difficult.


cheers,

Joey
--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

Re: [openssl-dev] Add a new algorithm in "crypto" dir, how to add the source code into the build system

[Richard Levitte]

In message 
<936be946f26e274a8595dbf91a05bd767c4fa...@shsmsx101.ccr.corp.intel.com> on Thu, 
22 Dec 2016 13:12:36 +, "Wei, Changzheng"  said:

changzheng.wei> Hi,
changzheng.wei> 
changzheng.wei> I want to implement some new algorithm. To make my future work
changzheng.wei> smoothly, I want to add a new algorithm method like 
“RSA_METHOD” in
changzheng.wei> OpenSSL framework so as to I can use an “engine” to support such
changzheng.wei> algorithm.
changzheng.wei> 
changzheng.wei> So I add a new subdir in “crypto” and implement the code and
changzheng.wei> build.info refer to “crypto/rsa”.
changzheng.wei> 
changzheng.wei> My question is how to add my new source code into the build 
system?

A note here: if you're implementing a new algo, OpenSSL doesn't need
to know anything at all, everything can be added dynamically from the
engine and be reachable through the EVP API.

The only exception for now is the code in libssl.

May I suggest you have a look at the GOST engine?  It does implement
the algorithm entirely in the engine.  The only things added in the
OpenSSL code are the OIDs (not strictly necessary) and the TLS
ciphersuites (I don't think that can be done dynamically at all, at
least yet).

https://github.com/gost-engine/engine

Cheers,
Richard

-- 
Richard Levitte levi...@openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
-- 
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

Re: [openssl-dev] Add a new algorithm in "crypto" dir, how to add the source code into the build system

[Short, Todd]

Easiest way is to fork the OpenSSL Github repo and then clone it down to your 
local machine where you can do the work locally. Once you are happy, push it 
back up to your forked Github repo, and then make a pull request back to the 
OpenSSL repo.

There are lots of places you can get information on git and Github; but this 
list isn’t one of them.
--
-Todd Short
// tsh...@akamai.com
// "One if by land, two if by sea, three if by the Internet."

On Dec 22, 2016, at 8:12 AM, Wei, Changzheng 
> wrote:

Hi,
I want to implement some new algorithm. To make my future work smoothly, I want 
to add a new algorithm method like “RSA_METHOD” in OpenSSL framework so as to I 
can use an “engine” to support such algorithm.
So I add a new subdir in “crypto” and implement the code and 
build.info refer to “crypto/rsa”.
My question is how to add my new source code into the build system?

Thanks in advance!
--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

-- 
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev