Re: OSSL 0.9.8 Engine problems

Wed, 31 Aug 2005 13:53:27 -0700 

Steffen Pankratz wrote:

On Tue, 30 Aug 2005 23:53:37 +0200
Nils Larsch <[EMAIL PROTECTED]> wrote:



Steffen Pankratz wrote:
...


well, if openssl is build without DES support the DES nids are not
added to the internal list of OIDs when OPENSSL_add_all_ciphers is
called, hence the OBJ_* functions know nothing about DES.



logical
any chance to make openssl aware of -des-ecb when build without DES cipher 
support using a dynamic Engine module?


what about adding the necessary ciphers in the engine initialization
function (have a look at crypto/evp/c_allc.c to see which functions
are necessary) ?


will try later
for this i have to load the Engine module before i can use "openssl enc -engine 
...", right?


yep, otherwise apps/enc.c doesn't know "-des-ecb".




but loading seems to be ok

openssl enc -engine des-ecb
engine "des-ecb" set.

i tried a OSSL build with DES cipher support and got this

openssl enc -engine des-ecb -e -des-ecb -out testo -in testi
parallel processing
engine "des-ecb" set.
enter des-ecb encryption password:
Verifying - enter des-ecb encryption password:
Error setting cipher DES-ECB
10220:error:0607C085:digital envelope routines:EVP_CIPHER_CTX_ctrl:ctrl 
operation not implemented:evp_enc.c:533:
10220:error:0607B086:digital envelope routines:EVP_CipherInit_ex:initialization 
error:evp_enc.c:171:


is the EVP_CIPH_CTRL_INIT flag set in the EVP_CIPHER structure ?


it is (if you like, code is attached)


if the flag is set you must provide a support for this flag in
EVP_CIPHER::ctrl otherwise you get the above error (so if you don't
need that functionality don't use it).



even if i set the EVP_CIPH_CTRL_INIT flag to NULL i get this errormessage and 
on the other hand if the EVP_CIPH_CTRL_INIT is set to des_ctrl
there is a implementation for this in my des-ecb.c

so it seems to be another problem


no, I've just tested your code (with some necessary modifications) and
it seems to work. You set the EVP_CIPH_CTRL_INIT (== 64) flag in your
cipher_des_ecb structure hence you must add support for EVP_CTRL_INIT
in the switch statement in your des_ctrl function otherwise it can't
work (or don't set this flag in cipher_des_ecb).

Nils
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    openssl-users@openssl.org
Automated List Manager                           [EMAIL PROTECTED]

Reply via email to