Hello,
I've got a problem with calculating gost-mac using Openssl 1.0.0a
May be problem with cmd options, but I was unable to find out how to get it work
Trying to generate gost-mac.
Example from documentation (engines/ccgost/README.gost)
Calculation of GOST 28147 MAC
openssl dgst -mac gost-mac -macopt key:32 bytes of key datafile
Note absense of an option that specifies digest algorithm. gost-mac
algorithm supports only one digest (which is actually part of
implementation of this mac) and OpenSSL is clever enough to find out
this.
# ./apps/openssl dgst -mac gost-mac -macopt key:FF openssl.doxy
Algorithm gost-mac not found
Well, do it like this:
# ./apps/openssl dgst -gost-mac -macopt key:ff openssl.doxy
Read Error in openssl.doxy
3076327052:error:88073074:lib(136):GOST_IMIT_UPDATE:mac key not
set:gost_crypt.c:527:
The reason is that key for this mac is not set.
The only place where it can be set is control function gost_imit_ctrl
engines/ccgost/gost_crypt.c:595
But this function int gost_imit_ctrl(EVP_MD_CTX, int, int, void *)
never called.
So length of key option is not a root cause.
As I understand, control functions for dgst called only if parameter
-mac is specified.
See apps/dgst.c:228 else if (!strcmp(*argv,-mac))
and
apps/dgst.c:362 if (mac_name)
But since there is no such parameter it not supposed to work.
But if we do specify it - openssl can't find an algorithms (see first
command line example).
So the question is: is it a bug or it is possible to specify some
valid parameter for -mac option in this case?
Or may be there is other way to get it work?
__
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager majord...@openssl.org