I think that the following patch on 20110815 should resolve the segfault and 
report the correct algorithm with cmac e.g.

[root@localhost bin]# ./openssl dgst -mac cmac -macopt cipher:aes256 -macopt 
key:IZEASGTBPOIZEASGTBPOIZEASGTBPOIZ -c /lorum-ipsum.txt
CMAC-AES-256-CBC(/lorum-ipsum.txt)= 
3d:15:36:74:0b:75:eb:6e:ea:f4:9d:56:e5:08:30:c6

It has had cursory testing with both cmac (cipher:aes128/256) and hmac 
(sha256/384 instead of dgst)

Best Regards
Nick
----------

diff --git a/apps/dgst.c b/apps/dgst.c
index 8a5609f..d7051f9 100755
--- a/apps/dgst.c
+++ b/apps/dgst.c
@@ -107,6 +107,7 @@ int MAIN(int argc, char **argv)
        unsigned char *buf=NULL;
        int i,err=1;
        const EVP_MD *md=NULL,*m;
+       EVP_CIPHER *cipher=NULL;
        BIO *in=NULL,*inp;
        BIO *bmd=NULL;
        BIO *out = NULL;
@@ -389,6 +390,7 @@ int MAIN(int argc, char **argv)
                                        ERR_print_errors(bio_err);
                                        goto mac_end;
                                        }
+                               cipher = 
*(EVP_CIPHER**)EVP_PKEY_CTX_get_data(mac_ctx);
                                }
                        }
                if (EVP_PKEY_keygen(mac_ctx, &sigkey) <= 0)
@@ -508,7 +510,7 @@ int MAIN(int argc, char **argv)
                }
        else
                {
-               const char *md_name = NULL, *sig_name = NULL;
+               const char *alg_name = NULL, *sig_name = NULL;
                if(!out_bin)
                        {
                        if (sigkey)
@@ -519,7 +521,8 @@ int MAIN(int argc, char **argv)
                                        EVP_PKEY_asn1_get0_info(NULL, NULL,
                                                NULL, NULL, &sig_name, ameth);
                                }
-                       md_name = EVP_MD_name(md);
+
+                       alg_name = (cipher) ? EVP_CIPHER_name(cipher) : (md) ? 
EVP_MD_name(md) : "None";
                        }
                err = 0;
                for (i=0; i<argc; i++)
@@ -533,7 +536,7 @@ int MAIN(int argc, char **argv)
                                }
                        else
                        r=do_fp(out,buf,inp,separator,out_bin,sigkey,sigbuf,
-                               siglen,sig_name,md_name, argv[i],bmd);
+                               siglen,sig_name,alg_name, argv[i],bmd);
                        if(r)
                            err=r;
                        (void)BIO_reset(bmd);

________________________________
The details of this company are as follows:
G4S Technology Limited, Registered Office: Challenge House, International 
Drive, Tewkesbury, Gloucestershire GL20 8UQ, Registered in England No. 2382338.

This communication may contain information which is confidential, personal 
and/or privileged.

It is for the exclusive use of the intended recipient(s).
If you are not the intended recipient(s), please note that any distribution, 
forwarding, copying or use of this communication or the information in it is 
strictly prohibited.

Any personal views expressed in this e-mail are those of the individual sender 
and the company does not endorse or accept responsibility for them.

Prior to taking any action based upon this e-mail message, you should seek 
appropriate confirmation of its authenticity.

This e-mail has been scanned for all viruses by MessageLabs.

I think that the following patch on 20110815 should resolve the segfault and report the correct algorithm with cmac e.g.

 

[root@localhost bin]# ./openssl dgst -mac cmac -macopt cipher:aes256 -macopt key:IZEASGTBPOIZEASGTBPOIZEASGTBPOIZ -c /lorum-ipsum.txt

CMAC-AES-256-CBC(/lorum-ipsum.txt)= 3d:15:36:74:0b:75:eb:6e:ea:f4:9d:56:e5:08:30:c6

 

It has had cursory testing with both cmac (cipher:aes128/256) and hmac (sha256/384 instead of dgst)

 

Best Regards

Nick

----------

 

diff --git a/apps/dgst.c b/apps/dgst.c

index 8a5609f..d7051f9 100755

--- a/apps/dgst.c

+++ b/apps/dgst.c

@@ -107,6 +107,7 @@ int MAIN(int argc, char **argv)

        unsigned char *buf=NULL;

        int i,err=1;

        const EVP_MD *md=NULL,*m;

+       EVP_CIPHER *cipher=NULL;

        BIO *in=NULL,*inp;

        BIO *bmd=NULL;

        BIO *out = NULL;

@@ -389,6 +390,7 @@ int MAIN(int argc, char **argv)

                                        ERR_print_errors(bio_err);

                                        goto mac_end;

                                        }

+                               cipher = *(EVP_CIPHER**)EVP_PKEY_CTX_get_data(mac_ctx);

                                }

                        }

                if (EVP_PKEY_keygen(mac_ctx, &sigkey) <= 0)

@@ -508,7 +510,7 @@ int MAIN(int argc, char **argv)

                }

        else

                {

-               const char *md_name = NULL, *sig_name = NULL;

+               const char *alg_name = NULL, *sig_name = NULL;

                if(!out_bin)

                        {

                        if (sigkey)

@@ -519,7 +521,8 @@ int MAIN(int argc, char **argv)

                                        EVP_PKEY_asn1_get0_info(NULL, NULL,

                                                NULL, NULL, &sig_name, ameth);

                                }

-                       md_name = EVP_MD_name(md);

+                      

+                       alg_name = (cipher) ? EVP_CIPHER_name(cipher) : (md) ? EVP_MD_name(md) : "None";

                        }

                err = 0;

                for (i=0; i<argc; i++)

@@ -533,7 +536,7 @@ int MAIN(int argc, char **argv)

                                }

                        else

                        r=do_fp(out,buf,inp,separator,out_bin,sigkey,sigbuf,

-                               siglen,sig_name,md_name, argv[i],bmd);

+                               siglen,sig_name,alg_name, argv[i],bmd);

                        if(r)

                            err=r;

                        (void)BIO_reset(bmd);



The details of this company are as follows:
G4S Technology Limited, Registered Office: Challenge House, International Drive, Tewkesbury, Gloucestershire GL20 8UQ, Registered in England No. 2382338.

This communication may contain information which is confidential, personal and/or privileged.

It is for the exclusive use of the intended recipient(s).
If you are not the intended recipient(s), please note that any distribution, forwarding, copying or use of this communication or the information in it is strictly prohibited.

Any personal views expressed in this e-mail are those of the individual sender and the company does not endorse or accept responsibility for them.

Prior to taking any action based upon this e-mail message, you should seek appropriate confirmation of its authenticity.

This e-mail has been scanned for all viruses by MessageLabs.

Reply via email to