Hello! I've made a quick fix to solve this problem (attached). The main problem with this fix is to move locally-defined engine constants to the level of evp.h, so if you suggest a better solution, I am ready to implement it.
Thank you! On Tue, Sep 16, 2014 at 9:29 PM, Dmitry Belyavsky via RT <r...@openssl.org> wrote: > Hello Openssl Team! > > I use openssl 1.0.1i with some patches in the GOST engine. > The command line is > > openssl speed -engine gost -evp gost-mac > > I get an error: > 3074107544:error:80073074:lib(128):GOST_IMIT_UPDATE:mac key not > set:gost_crypt.c:654: > (the line number where the error occurs may differ from the current one > from 1.0.1i). > > So gost-mac is treated as digest and the tests are using the EVP_Digest > method. But the gost-mac differs from common digests because it usage > requires a mac key to be set. > > What is the best way to fix it? Should I hardcode the gost-mac support in > apps/speed.c to process it correctly or there is a better way? > > Thank you! > > -- > SY, Dmitry Belyavsky > > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > Development Mailing List openssl-dev@openssl.org > Automated List Manager majord...@openssl.org > -- SY, Dmitry Belyavsky
Index: crypto/evp/evp.h =================================================================== --- crypto/evp/evp.h (revision 10555) +++ crypto/evp/evp.h (working copy) @@ -227,6 +227,8 @@ /* Minimum Algorithm specific ctrl value */ #define EVP_MD_CTRL_ALG_CTRL 0x1000 +#define EVP_MD_CTRL_KEY_LEN (EVP_MD_CTRL_ALG_CTRL+3) +#define EVP_MD_CTRL_SET_KEY (EVP_MD_CTRL_ALG_CTRL+4) #define EVP_PKEY_NULL_method NULL,NULL,{0,0,0,0} Index: engines/ccgost/gost_lcl.h =================================================================== --- engines/ccgost/gost_lcl.h (revision 10555) +++ engines/ccgost/gost_lcl.h (working copy) @@ -172,8 +172,8 @@ extern EVP_CIPHER cipher_gost; extern EVP_CIPHER cipher_gost_cpacnt; extern EVP_CIPHER cipher_gost_cpcnt_12; -#define EVP_MD_CTRL_KEY_LEN (EVP_MD_CTRL_ALG_CTRL+3) -#define EVP_MD_CTRL_SET_KEY (EVP_MD_CTRL_ALG_CTRL+4) +/*#define EVP_MD_CTRL_KEY_LEN (EVP_MD_CTRL_ALG_CTRL+3) +#define EVP_MD_CTRL_SET_KEY (EVP_MD_CTRL_ALG_CTRL+4)*/ /* EVP_PKEY_METHOD key encryption callbacks */ /* From gost94_keyx.c */ int pkey_GOST94cp_encrypt(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen, const unsigned char* key, size_t key_len ); Index: apps/speed.c =================================================================== --- apps/speed.c (revision 10555) +++ apps/speed.c (working copy) @@ -1985,17 +1985,37 @@ EVP_CIPHER_CTX_cleanup(&ctx); } if (evp_md) - { + { names[D_EVP]=OBJ_nid2ln(evp_md->type); print_message(names[D_EVP],save_count, - lengths[j]); + lengths[j]); + if (evp_md->type == NID_id_Gost28147_89_MAC) + { + Time_F(START); + for (count=0,run=1; COND(save_count*4*lengths[0]/lengths[j]); count++) + { + EVP_MD_CTX ctx; - Time_F(START); - for (count=0,run=1; COND(save_count*4*lengths[0]/lengths[j]); count++) - EVP_Digest(buf,lengths[j],&(md[0]),NULL,evp_md,NULL); + EVP_MD_CTX_init(&ctx); + EVP_MD_CTX_set_flags(&ctx,EVP_MD_CTX_FLAG_ONESHOT); + EVP_DigestInit_ex(&ctx, evp_md, NULL); + evp_md->md_ctrl(&ctx, EVP_MD_CTRL_SET_KEY, 32, (void *)key32); + EVP_DigestUpdate(&ctx, buf, lengths[j]); + EVP_DigestFinal_ex(&ctx, md, NULL); + EVP_MD_CTX_cleanup(&ctx); + } - d=Time_F(STOP); + d=Time_F(STOP); } + else + { + Time_F(START); + for (count=0,run=1; COND(save_count*4*lengths[0]/lengths[j]); count++) + EVP_Digest(buf,lengths[j],&(md[0]),NULL,evp_md,NULL); + + d=Time_F(STOP); + } + } print_result(D_EVP,j,count,d); } }