[openssl-dev] [openssl.org #2459] ecdsa_method declaration prevents use in implementing a dynamic engine
This has been fixed in 1.1.0. Matt -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=2459 Please log in as guest with password guest if prompted -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
[openssl.org #2459] ecdsa_method declaration prevents use in implementing a dynamic engine
Hi, Any ETA for this? Just wanted to note that finish is also required to allow cleaning up resources. Any ETA on this? very important if we want to use ec based hardware cryptography. Thanks, Alon Bar-Lev __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
[openssl.org #2459] ecdsa_method declaration prevents use in implementing a dynamic engine
Hi, Just wanted to note that finish is also required to allow cleaning up resources. Any ETA on this? very important if we want to use ec based hardware cryptography. Thanks, Alon Bar-Lev __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
Re: [openssl.org #2459] ecdsa_method declaration prevents use in implementing a dynamic engine
On 9/18/2013 8:48 AM, Alon Bar-Lev via RT wrote: Hi, Just wanted to note that finish is also required to allow cleaning up resources. In the ecs_locl.h in the current ecdsa_method structure the init and finish are #if 0 out. So far this it has not been needed. The mods I sent in were based on not needing an init or finish function. Since the RSA_METHOD structure is exposed in rsa.h, I was expecting that moving the definition of the ECDSA_METHOD from ecs_locl.h to ecdsa.h would be the best way to expose this structure. The argument was that if changes were needed to this structure there could be incompatibility issues across releases. While moving this definition, in the next release, the #if 0 could be removed, so an init and finish would be available. Maybe if we can hash out what needs to be in the structure,for the next releaase, including an init and finish entry, we can get a stable structure that can be exposed like the RSA_METHOD is today. The OpenSSL people need to address the issue. Any ETA on this? very important if we want to use ec based hardware cryptography. Yes I too feel this is very important if we want to be able to use EC in hardware. Thanks, Alon Bar-Lev __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org -- Douglas E. Engert deeng...@anl.gov Argonne National Laboratory 9700 South Cass Avenue Argonne, Illinois 60439 (630) 252-5444 __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
Re: [openssl.org #2459] ecdsa_method declaration prevents use in implementing a dynamic engine
On 9/18/2013 8:48 AM, Alon Bar-Lev via RT wrote: Hi, Just wanted to note that finish is also required to allow cleaning up resources. In the ecs_locl.h in the current ecdsa_method structure the init and finish are #if 0 out. So far this it has not been needed. The mods I sent in were based on not needing an init or finish function. Since the RSA_METHOD structure is exposed in rsa.h, I was expecting that moving the definition of the ECDSA_METHOD from ecs_locl.h to ecdsa.h would be the best way to expose this structure. The argument was that if changes were needed to this structure there could be incompatibility issues across releases. While moving this definition, in the next release, the #if 0 could be removed, so an init and finish would be available. Maybe if we can hash out what needs to be in the structure,for the next releaase, including an init and finish entry, we can get a stable structure that can be exposed like the RSA_METHOD is today. The OpenSSL people need to address the issue. Any ETA on this? very important if we want to use ec based hardware cryptography. Yes I too feel this is very important if we want to be able to use EC in hardware. Thanks, Alon Bar-Lev __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org -- Douglas E. Engert deeng...@anl.gov Argonne National Laboratory 9700 South Cass Avenue Argonne, Illinois 60439 (630) 252-5444 __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
Re: [openssl.org #2459] ecdsa_method declaration prevents use in implementing a dynamic engine
On 9/12/2013 10:46 AM, Dr. Stephen Henson wrote:
On Thu, Sep 12, 2013, Douglas E. Engert wrote:
On 9/11/2013 2:01 PM, Stephen Henson via RT wrote:
[snip]
Yes similar to that but with a few minor changes.
The analogous functions for EVP_PKEY_METHOD are called set and not put.
For consistency we could use something like ECDSA_METHOD_set_sign() and so on.
I'd suggest a flag to indicate the structure has been malloced so a call to
ECDSA_METHOD_free with a static structure ends up a no op instead of
undefined.
ECDSA_METHOD_new could take a ECDSA_METHOD * argument which is an optional
method which is copied into the result. If things like crypto accelerators
start implementing their own default methods then ECDSA_get_default_method
might not be what you expect (it can already change for the FIPS versions of
OpenSSL). Applications could use ECDSA_OpenSSL() to avoid such surprises.
Steve.
OK, here is a new patch, using your suggestions. It is to 1.0.1e
and has been tested with additional mods to the OpenSC libp11 and OpenSC
engine_pkcs11.
Only the ECDSA_METHOD_new, ECDSA_METHOD_set_do_sign and ECDSA_METHOD_set_do_sign
have been tested.
The ECDSA_METHOD structure also has an apps_data that is not used.
--
Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org
__
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager majord...@openssl.org
--
Douglas E. Engert deeng...@anl.gov
Argonne National Laboratory
9700 South Cass Avenue
Argonne, Illinois 60439
(630) 252-5444
--- openssl-1.0.1e/crypto/ecdsa/,ecdsa.h Mon Feb 11 09:26:04 2013
+++ openssl-1.0.1e/crypto/ecdsa/ecdsa.h Mon Sep 16 09:27:08 2013
@@ -229,6 +229,48 @@
void *ECDSA_get_ex_data(EC_KEY *d, int idx);
+/** Allocates and initialize a ECDSA_METHOD structure
+ * \param ecdsa_method pointer to ECDSA_METRHOD to copy. (May be NULL)
+ * \return pointer to a ECDSA_METHOD structure or NULL if an error occurred
+ */
+
+ECDSA_METHOD *ECDSA_METHOD_new(ECDSA_METHOD *ecdsa_method);
+
+/** frees a ECDSA_METHOD structure
+ * \param ecdsa_method pointer to the ECDSA_METHOD structure
+ */
+void ECDSA_METHOD_free(ECDSA_METHOD *ecdsa_method);
+
+/** Set the ECDSA_do_sign function in the ECDSA_METHOD
+ * \param ecdsa_method pointer to existing ECDSA_METHOD
+ * \param ecdsa_do_sign a funtion of type ECDSA_do_sign
+ * \return 1 on success and 0 otherwise
+ */
+
+int ECDSA_METHOD_set_do_sign(ECDSA_METHOD *ecdsa_method,
+ECDSA_SIG *(*ecdsa_do_sign)(const unsigned char *dgst, int dgst_len,
+const BIGNUM *inv, const BIGNUM *rp, EC_KEY *eckey));
+
+/** Set the ECDSA_sign_setup function in the ECDSA_METHOD
+ * \param ecdsa_method pointer to existing ECDSA_METHOD
+ * \param ecdsa_sign_setup a funtion of type ECDSA_sign_setup
+ * \return 1 on success and 0 otherwise
+ */
+
+int ECDSA_METHOD_set_sign_setup(ECDSA_METHOD *ecdsa_method,
+int (*ecdsa_sign_setup)(EC_KEY *eckey, BN_CTX *ctx, BIGNUM **kinv,
+BIGNUM **r));
+
+/** Set the ECDSA_do_verify function in the ECDSA_METHOD
+ * \param ecdsa_method pointer to existing ECDSA_METHOD
+ * \param ecdsa_do_verify a funtion of type ECDSA_do_verify
+ * \return 1 on success and 0 otherwise
+ */
+
+int ECDSA_METHOD_set_verify(ECDSA_METHOD *ecdsa_method,
+int (*ecdsa_do_verify)(const unsigned char *dgst, int dgst_len,
+const ECDSA_SIG *sig, EC_KEY *eckey));
+
/* BEGIN ERROR CODES */
/* The following lines are auto generated by the script mkerr.pl. Any changes
* made after this point may be overwritten when the script is next run.
@@ -243,6 +285,7 @@
#define ECDSA_F_ECDSA_DO_SIGN 101
#define ECDSA_F_ECDSA_DO_VERIFY 102
#define ECDSA_F_ECDSA_SIGN_SETUP 103
+#define ECDSA_F_ECDSA_METHOD_NEW 105
/* Reason codes. */
#define ECDSA_R_BAD_SIGNATURE 100
--- openssl-1.0.1e/crypto/ecdsa/,ecs_locl.h Mon Feb 11 09:26:04 2013
+++ openssl-1.0.1e/crypto/ecdsa/ecs_locl.h Thu Sep 12 14:19:09 2013
@@ -82,6 +82,11 @@
char *app_data;
};
+/* The ECDSA_METHOD was allocated and can be freed */
+
+#define ECDSA_METHOD_FLAG_ALLOCATED 0x1
+
+
/* If this flag is set the ECDSA method is FIPS compliant and can be used
* in FIPS mode. This is set in the validated module method. If an
* application sets this flag in its own methods it is its responsibility
--- openssl-1.0.1e/crypto/ecdsa/,ecs_ossl.c Mon Feb 11 09:26:04 2013
+++ openssl-1.0.1e/crypto/ecdsa/ecs_ossl.c Mon Sep 16 09:30:53 2013
@@ -481,3 +481,75 @@
EC_POINT_free(point);
return ret;
}
+
+ECDSA_METHOD *ECDSA_METHOD_new(ECDSA_METHOD *ecdsa_meth)
+{
+ ECDSA_METHOD *ret;
+
+ ret=(ECDSA_METHOD *)OPENSSL_malloc(sizeof(ECDSA_METHOD));
+ if (ret == NULL)
+ {
Re: [openssl.org #2459] ecdsa_method declaration prevents use in implementing a dynamic engine
On Thu, Sep 12, 2013, Douglas E. Engert wrote: On 9/11/2013 2:01 PM, Stephen Henson via RT wrote: On Wed Sep 11 17:52:03 2013, deeng...@anl.gov wrote: Attached is a patch to move the definition of ecdsa_method from src/crypto/ecdsa/ecs_locl.h to ecdsa.h and move the definition if ecdh_method from src/crypto/ecdh/ech_locl.h to ecdh.h It's been policy that we should avoiding direct structure access in applications code and use opaque structures where possible. I had to change ecdsa_method for the FIPS builds (add the flags field) and if it had been public would've meant that it would no longer be binary compatible across minor versions (1.0.0 incompatible with 1.0.1 and later) which would be a major headache. The preferred technique would be to create a function to allocate and initialise the structure without exposing it in a public header. See the EVP_PKEY_METHOD structure for example. Is the following something like what you are looking for? It has not been been tested, and it needs some error handling... The 3 _put_ routines could be combined with the _new routine. [snip] Yes similar to that but with a few minor changes. The analogous functions for EVP_PKEY_METHOD are called set and not put. For consistency we could use something like ECDSA_METHOD_set_sign() and so on. I'd suggest a flag to indicate the structure has been malloced so a call to ECDSA_METHOD_free with a static structure ends up a no op instead of undefined. ECDSA_METHOD_new could take a ECDSA_METHOD * argument which is an optional method which is copied into the result. If things like crypto accelerators start implementing their own default methods then ECDSA_get_default_method might not be what you expect (it can already change for the FIPS versions of OpenSSL). Applications could use ECDSA_OpenSSL() to avoid such surprises. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
Re: [openssl.org #2459] ecdsa_method declaration prevents use in implementing a dynamic engine
On 9/11/2013 2:01 PM, Stephen Henson via RT wrote:
On Wed Sep 11 17:52:03 2013, deeng...@anl.gov wrote:
Attached is a patch to move the definition of ecdsa_method
from src/crypto/ecdsa/ecs_locl.h to ecdsa.h
and move the definition if ecdh_method
from src/crypto/ecdh/ech_locl.h to ecdh.h
It's been policy that we should avoiding direct structure access in
applications code and use opaque structures where possible.
I had to change ecdsa_method for the FIPS builds (add the flags field) and if
it had been public would've meant that it would no longer be binary compatible
across minor versions (1.0.0 incompatible with 1.0.1 and later) which would be
a major headache.
The preferred technique would be to create a function to allocate and
initialise the structure without exposing it in a public header. See the
EVP_PKEY_METHOD structure for example.
Is the following something like what you are looking for?
It has not been been tested, and it needs some error handling...
The 3 _put_ routines could be combined with the _new routine.
Add to ecdsa.h:
ECDSA_METHOD *ECDSA_METHOD_new();
void ECDSA_METHOD_free(ECDSA_METHOD *ecdsa_method);
int ECDSA_METHOD_put_ECDSA_do_sign(ECDSA_METHOD *ecdsa_method,
ECDSA_SIG *(*ecdsa_do_sign)(const unsigned char *dgst, int dgst_len,
const BIGNUM *inv, const BIGNUM *rp, EC_KEY *eckey);
int ECDSA_METHOD_put_ECDSA_sign_setup(ECDSA_METHOD *ecdsa_method,
int (*ecdsa_sign_setup)(EC_KEY *eckey, BN_CTX *ctx, BIGNUM **kinv,
const ECDSA_SIG *sig, EC_KEY *eckey));
int ECDSA_METHOD_put_ECDSA_do_verify(ECDSA_METHOD *ecdsa_method,
int (*ecdsa_do_verify)(const unsigned char *dgst, int dgst_len,
const ECDSA_SIG *sig, EC_KEY *eckey);
add to ecs_ossl.c or some other file:
ECDSA_METHOD *ECDSA_METHOD_new()
{
ECDSA_METHOD *ret;
ret=(ECDSA_METHOD *)OPENSSL_malloc(sizeof(ECDSA_METHOD));
if (ret == NULL)
{
ECDSAerr(ECDSA_F_ECDSA_METHOD_NEW, ERR_R_MALLOC_FAILURE);
return(NULL);
}
#if do_you_like_this
/* copy the structure */
*ret = *ECDSA_get_default_method();
#else
ret-name = Cloned OpenSSL ECDSA method;
/* set the defaults as the functions in ecs_ossl.c */
ret-ecdsa_do_sign = ecdsa_do_sign;
ret-ecdsa_sign_setup = ecdsa_sign_setup;
ret-ecdsa_do_verify = ecdsa_do_verify;
ret-flags = 0
ret-app_data = NULL;
#endif
return ret;
}
int ECDSA_METHOD_put_ECDSA_do_sign(ECDSA_METHOD *ecdsa_method,
ECDSA_SIG *(*ecdsa_do_sign)(const unsigned char *dgst, int dgst_len,
const BIGNUM *inv, const BIGNUM *rp, EC_KEY *eckey)
{
ecdsa_method-ecdsa_do_sign = ecdsa_do_sign;
}
int ECDSA_METHOD_put_ECDSA_sign_setup(ECDSA_METHOD *ecdsa_method,
int (*ecdsa_sign_setup)(EC_KEY *eckey, BN_CTX *ctx, BIGNUM **kinv,
const ECDSA_SIG *sig, EC_KEY *eckey))
{
ecdsa_method-ecdsa_sign_setup = ecdsa_sign_setup;
}
int ECDSA_METHOD_put_ECDSA_do_verify(ECDSA_METHOD *ecdsa_method,
int (*ecdsa_do_verify)(const unsigned char *dgst, int dgst_len,
const ECDSA_SIG *sig, EC_KEY *eckey)
{
ecdsa_method-ecdsa_do_verify = ecdsa_do_verify;
}
void ECDSA_METHOD_free(ECDSA_METHOD *ecdsa_method)
{
OPENSSL_free(ecdsa_method);
}
Steve.
--
Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org
__
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager majord...@openssl.org
--
Douglas E. Engert deeng...@anl.gov
Argonne National Laboratory
9700 South Cass Avenue
Argonne, Illinois 60439
(630) 252-5444
Add to ecdsa.h:
ECDSA_METHOD *ECDSA_METHOD_new();
void ECDSA_METHOD_free(ECDSA_METHOD *ecdsa_method);
int ECDSA_METHOD_put_ECDSA_do_sign(ECDSA_METHOD *ecdsa_method,
ECDSA_SIG *(*ecdsa_do_sign)(const unsigned char *dgst, int dgst_len,
const BIGNUM *inv, const BIGNUM *rp, EC_KEY *eckey);
int ECDSA_METHOD_put_ECDSA_sign_setup(ECDSA_METHOD *ecdsa_method,
int (*ecdsa_sign_setup)(EC_KEY *eckey, BN_CTX *ctx, BIGNUM **kinv,
const ECDSA_SIG *sig, EC_KEY *eckey));
int ECDSA_METHOD_put_ECDSA_do_verify(ECDSA_METHOD *ecdsa_method,
int (*ecdsa_do_verify)(const unsigned char *dgst, int dgst_len,
const ECDSA_SIG *sig, EC_KEY *eckey);
add to ecs_ossl.c:
ECDSA_METHOD *ECDSA_METHOD_new()
{
ECDSA_METHOD *ret;
ret=(ECDSA_METHOD *)OPENSSL_malloc(sizeof(ECDSA_METHOD));
if (ret == NULL)
{
ECDSAerr(ECDSA_F_ECDSA_METHOD_NEW, ERR_R_MALLOC_FAILURE);
return(NULL);
}
#if do_you_like_this
/* copy the structure */
Re: [openssl.org #2459] ecdsa_method declaration prevents use in implementing a dynamic engine
On 9/11/2013 2:01 PM, Stephen Henson via RT wrote:
On Wed Sep 11 17:52:03 2013, deeng...@anl.gov wrote:
Attached is a patch to move the definition of ecdsa_method
from src/crypto/ecdsa/ecs_locl.h to ecdsa.h
and move the definition if ecdh_method
from src/crypto/ecdh/ech_locl.h to ecdh.h
It's been policy that we should avoiding direct structure access in
applications code and use opaque structures where possible.
I had to change ecdsa_method for the FIPS builds (add the flags field) and if
it had been public would've meant that it would no longer be binary compatible
across minor versions (1.0.0 incompatible with 1.0.1 and later) which would be
a major headache.
The preferred technique would be to create a function to allocate and
initialise the structure without exposing it in a public header. See the
EVP_PKEY_METHOD structure for example.
Is the following something like what you are looking for?
It has not been been tested, and it needs some error handling...
The 3 _put_ routines could be combined with the _new routine.
Add to ecdsa.h:
ECDSA_METHOD *ECDSA_METHOD_new();
void ECDSA_METHOD_free(ECDSA_METHOD *ecdsa_method);
int ECDSA_METHOD_put_ECDSA_do_sign(ECDSA_METHOD *ecdsa_method,
ECDSA_SIG *(*ecdsa_do_sign)(const unsigned char *dgst, int dgst_len,
const BIGNUM *inv, const BIGNUM *rp, EC_KEY *eckey);
int ECDSA_METHOD_put_ECDSA_sign_setup(ECDSA_METHOD *ecdsa_method,
int (*ecdsa_sign_setup)(EC_KEY *eckey, BN_CTX *ctx, BIGNUM **kinv,
const ECDSA_SIG *sig, EC_KEY *eckey));
int ECDSA_METHOD_put_ECDSA_do_verify(ECDSA_METHOD *ecdsa_method,
int (*ecdsa_do_verify)(const unsigned char *dgst, int dgst_len,
const ECDSA_SIG *sig, EC_KEY *eckey);
add to ecs_ossl.c or some other file:
ECDSA_METHOD *ECDSA_METHOD_new()
{
ECDSA_METHOD *ret;
ret=(ECDSA_METHOD *)OPENSSL_malloc(sizeof(ECDSA_METHOD));
if (ret == NULL)
{
ECDSAerr(ECDSA_F_ECDSA_METHOD_NEW, ERR_R_MALLOC_FAILURE);
return(NULL);
}
#if do_you_like_this
/* copy the structure */
*ret = *ECDSA_get_default_method();
#else
ret-name = Cloned OpenSSL ECDSA method;
/* set the defaults as the functions in ecs_ossl.c */
ret-ecdsa_do_sign = ecdsa_do_sign;
ret-ecdsa_sign_setup = ecdsa_sign_setup;
ret-ecdsa_do_verify = ecdsa_do_verify;
ret-flags = 0
ret-app_data = NULL;
#endif
return ret;
}
int ECDSA_METHOD_put_ECDSA_do_sign(ECDSA_METHOD *ecdsa_method,
ECDSA_SIG *(*ecdsa_do_sign)(const unsigned char *dgst, int dgst_len,
const BIGNUM *inv, const BIGNUM *rp, EC_KEY *eckey)
{
ecdsa_method-ecdsa_do_sign = ecdsa_do_sign;
}
int ECDSA_METHOD_put_ECDSA_sign_setup(ECDSA_METHOD *ecdsa_method,
int (*ecdsa_sign_setup)(EC_KEY *eckey, BN_CTX *ctx, BIGNUM **kinv,
const ECDSA_SIG *sig, EC_KEY *eckey))
{
ecdsa_method-ecdsa_sign_setup = ecdsa_sign_setup;
}
int ECDSA_METHOD_put_ECDSA_do_verify(ECDSA_METHOD *ecdsa_method,
int (*ecdsa_do_verify)(const unsigned char *dgst, int dgst_len,
const ECDSA_SIG *sig, EC_KEY *eckey)
{
ecdsa_method-ecdsa_do_verify = ecdsa_do_verify;
}
void ECDSA_METHOD_free(ECDSA_METHOD *ecdsa_method)
{
OPENSSL_free(ecdsa_method);
}
Steve.
--
Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org
__
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager majord...@openssl.org
--
Douglas E. Engert deeng...@anl.gov
Argonne National Laboratory
9700 South Cass Avenue
Argonne, Illinois 60439
(630) 252-5444
Add to ecdsa.h:
ECDSA_METHOD *ECDSA_METHOD_new();
void ECDSA_METHOD_free(ECDSA_METHOD *ecdsa_method);
int ECDSA_METHOD_put_ECDSA_do_sign(ECDSA_METHOD *ecdsa_method,
ECDSA_SIG *(*ecdsa_do_sign)(const unsigned char *dgst, int dgst_len,
const BIGNUM *inv, const BIGNUM *rp, EC_KEY *eckey);
int ECDSA_METHOD_put_ECDSA_sign_setup(ECDSA_METHOD *ecdsa_method,
int (*ecdsa_sign_setup)(EC_KEY *eckey, BN_CTX *ctx, BIGNUM **kinv,
const ECDSA_SIG *sig, EC_KEY *eckey));
int ECDSA_METHOD_put_ECDSA_do_verify(ECDSA_METHOD *ecdsa_method,
int (*ecdsa_do_verify)(const unsigned char *dgst, int dgst_len,
const ECDSA_SIG *sig, EC_KEY *eckey);
add to ecs_ossl.c:
ECDSA_METHOD *ECDSA_METHOD_new()
{
ECDSA_METHOD *ret;
ret=(ECDSA_METHOD *)OPENSSL_malloc(sizeof(ECDSA_METHOD));
if (ret == NULL)
{
ECDSAerr(ECDSA_F_ECDSA_METHOD_NEW, ERR_R_MALLOC_FAILURE);
return(NULL);
}
#if do_you_like_this
Re: [openssl.org #2459] ecdsa_method declaration prevents use in implementing a dynamic engine
On 9/11/2013 2:01 PM, Stephen Henson via RT wrote:
On Wed Sep 11 17:52:03 2013, deeng...@anl.gov wrote:
Attached is a patch to move the definition of ecdsa_method
from src/crypto/ecdsa/ecs_locl.h to ecdsa.h
and move the definition if ecdh_method
from src/crypto/ecdh/ech_locl.h to ecdh.h
It's been policy that we should avoiding direct structure access in
applications code and use opaque structures where possible.
I had to change ecdsa_method for the FIPS builds (add the flags field) and if
it had been public would've meant that it would no longer be binary compatible
across minor versions (1.0.0 incompatible with 1.0.1 and later) which would be
a major headache.
The preferred technique would be to create a function to allocate and
initialise the structure without exposing it in a public header. See the
EVP_PKEY_METHOD structure for example.
Would you accept a modification to do that?
If yes, I will get a modification for ECDSA.
The current code in libp11 needs to change the do_sign and do_sign_setup.
ECDSA_METHOD *PKCS11_get_ecdsa_method(void)
{
static ECDSA_METHOD ops;
if (!ops.ecdsa_do_sign) {
ops = *ECDSA_get_default_method();
ops.ecdsa_do_sign = pkcs11_ecdsa_do_sign;
ops.ecdsa_sign_setup = pkcs11_ecdsa_do_sign_setup;
}
return ops;
}
Copies the existing structure and sets the ecdsa_do_sign and
ecdsa_do_sign_setup.
The RSA_METHOD structure is exposed, and I suspect other engines take advantage
of that. The libp11 does:
RSA_METHOD *PKCS11_get_rsa_method(void)
{
static RSA_METHOD ops;
if (!ops.rsa_priv_enc) {
ops = *RSA_get_default_method();
ops.rsa_priv_enc = pkcs11_rsa_encrypt;
ops.rsa_priv_dec = pkcs11_rsa_decrypt;
ops.rsa_sign = pkcs11_rsa_sign;
ops.rsa_verify = pkcs11_rsa_verify;
}
return ops;
}
Are there any plans to hide the RSA_METHOD?
Steve.
--
Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org
__
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager majord...@openssl.org
--
Douglas E. Engert deeng...@anl.gov
Argonne National Laboratory
9700 South Cass Avenue
Argonne, Illinois 60439
(630) 252-5444
__
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager majord...@openssl.org
[openssl.org #2459] ecdsa_method declaration prevents use in implementing a dynamic engine
Attached is a patch to move the definition of ecdsa_method
from src/crypto/ecdsa/ecs_locl.h to ecdsa.h
and move the definition if ecdh_method
from src/crypto/ecdh/ech_locl.h to ecdh.h
These mods expose the EC method definitions similar to how the
RSA method (rsa_meth_st) is defined in rsa.h.
This will assist in building dynamic engines that support EDCDA and ECDH
without having to compile against the OpenSSL source.
We have working an OpenSC engine_pkcs11 and libp11 to support ECDSA
that has been tested using libsofthsm.so and opensc-pkcs11.so PKCS#11 modules.
The opensc-pkcs11 is using smart cards that support ECC.
The libp11 has being built by including the ecs_locl.h.
(It was also tested using these patches.)
This bug is now 2.5 years old.
ECC is becoming more important, and engine support of ECC is required.
The patch is against OpenSSL-1.0.1e.
I do see in the commit 8a99cb29d1f0013243a532bccc1dc70ed678eebe modifed the
ecdsa_method structure, but commit 190c615d4398cc6c8b61eb7881d7409314529a75
reverted the changes.
190c615d... says:
It also reverts the changes to (EC)DSA_METHOD structure.
--
Douglas E. Engert deeng...@anl.gov
Argonne National Laboratory
9700 South Cass Avenue
Argonne, Illinois 60439
(630) 252-5444
--- openssl-1.0.1e/crypto/ecdh/,ech_locl.h Mon Feb 11 09:26:04 2013
+++ openssl-1.0.1e/crypto/ecdh/ech_locl.h Tue Sep 10 13:24:20 2013
@@ -62,19 +62,6 @@
extern C {
#endif
-struct ecdh_method
- {
- const char *name;
- int (*compute_key)(void *key, size_t outlen, const EC_POINT *pub_key, EC_KEY *ecdh,
- void *(*KDF)(const void *in, size_t inlen, void *out, size_t *outlen));
-#if 0
- int (*init)(EC_KEY *eckey);
- int (*finish)(EC_KEY *eckey);
-#endif
- int flags;
- char *app_data;
- };
-
/* If this flag is set the ECDH method is FIPS compliant and can be used
* in FIPS mode. This is set in the validated module method. If an
* application sets this flag in its own methods it is its responsibility
--- openssl-1.0.1e/crypto/ecdh/,ecdh.h Mon Feb 11 09:26:04 2013
+++ openssl-1.0.1e/crypto/ecdh/ecdh.h Tue Sep 10 13:24:24 2013
@@ -85,6 +85,19 @@
extern C {
#endif
+struct ecdh_method
+ {
+ const char *name;
+ int (*compute_key)(void *key, size_t outlen, const EC_POINT *pub_key, EC_KEY *ecdh,
+ void *(*KDF)(const void *in, size_t inlen, void *out, size_t *outlen));
+#if 0
+ int (*init)(EC_KEY *eckey);
+ int (*finish)(EC_KEY *eckey);
+#endif
+ int flags;
+ char *app_data;
+ };
+
const ECDH_METHOD *ECDH_OpenSSL(void);
void ECDH_set_default_method(const ECDH_METHOD *);
--- openssl-1.0.1e/crypto/ecdsa/,ecdsa.h Mon Feb 11 09:26:04 2013
+++ openssl-1.0.1e/crypto/ecdsa/ecdsa.h Tue Sep 10 14:22:35 2013
@@ -81,6 +81,23 @@
BIGNUM *s;
} ECDSA_SIG;
+struct ecdsa_method
+ {
+ const char *name;
+ ECDSA_SIG *(*ecdsa_do_sign)(const unsigned char *dgst, int dgst_len,
+ const BIGNUM *inv, const BIGNUM *rp, EC_KEY *eckey);
+ int (*ecdsa_sign_setup)(EC_KEY *eckey, BN_CTX *ctx, BIGNUM **kinv,
+ BIGNUM **r);
+ int (*ecdsa_do_verify)(const unsigned char *dgst, int dgst_len,
+ const ECDSA_SIG *sig, EC_KEY *eckey);
+#if 0
+ int (*init)(EC_KEY *eckey);
+ int (*finish)(EC_KEY *eckey);
+#endif
+ int flags;
+ char *app_data;
+ };
+
/** Allocates and initialize a ECDSA_SIG structure
* \return pointer to a ECDSA_SIG structure or NULL if an error occurred
*/
--- openssl-1.0.1e/crypto/ecdsa/,ecs_locl.h Mon Feb 11 09:26:04 2013
+++ openssl-1.0.1e/crypto/ecdsa/ecs_locl.h Tue Sep 10 13:20:55 2013
@@ -65,23 +65,6 @@
extern C {
#endif
-struct ecdsa_method
- {
- const char *name;
- ECDSA_SIG *(*ecdsa_do_sign)(const unsigned char *dgst, int dgst_len,
- const BIGNUM *inv, const BIGNUM *rp, EC_KEY *eckey);
- int (*ecdsa_sign_setup)(EC_KEY *eckey, BN_CTX *ctx, BIGNUM **kinv,
- BIGNUM **r);
- int (*ecdsa_do_verify)(const unsigned char *dgst, int dgst_len,
- const ECDSA_SIG *sig, EC_KEY *eckey);
-#if 0
- int (*init)(EC_KEY *eckey);
- int (*finish)(EC_KEY *eckey);
-#endif
- int flags;
- char *app_data;
- };
-
/* If this flag is set the ECDSA method is FIPS compliant and can be used
* in FIPS mode. This is set in the validated module method. If an
* application sets this flag in its own methods it is its responsibility
Re: [openssl.org #2459] ecdsa_method declaration prevents use in implementing a dynamic engine
On 9/11/2013 2:01 PM, Stephen Henson via RT wrote:
On Wed Sep 11 17:52:03 2013, deeng...@anl.gov wrote:
Attached is a patch to move the definition of ecdsa_method
from src/crypto/ecdsa/ecs_locl.h to ecdsa.h
and move the definition if ecdh_method
from src/crypto/ecdh/ech_locl.h to ecdh.h
It's been policy that we should avoiding direct structure access in
applications code and use opaque structures where possible.
I had to change ecdsa_method for the FIPS builds (add the flags field) and if
it had been public would've meant that it would no longer be binary compatible
across minor versions (1.0.0 incompatible with 1.0.1 and later) which would be
a major headache.
The preferred technique would be to create a function to allocate and
initialise the structure without exposing it in a public header. See the
EVP_PKEY_METHOD structure for example.
Would you accept a modification to do that?
If yes, I will get a modification for ECDSA.
The current code in libp11 needs to change the do_sign and do_sign_setup.
ECDSA_METHOD *PKCS11_get_ecdsa_method(void)
{
static ECDSA_METHOD ops;
if (!ops.ecdsa_do_sign) {
ops = *ECDSA_get_default_method();
ops.ecdsa_do_sign = pkcs11_ecdsa_do_sign;
ops.ecdsa_sign_setup = pkcs11_ecdsa_do_sign_setup;
}
return ops;
}
Copies the existing structure and sets the ecdsa_do_sign and
ecdsa_do_sign_setup.
The RSA_METHOD structure is exposed, and I suspect other engines take advantage
of that. The libp11 does:
RSA_METHOD *PKCS11_get_rsa_method(void)
{
static RSA_METHOD ops;
if (!ops.rsa_priv_enc) {
ops = *RSA_get_default_method();
ops.rsa_priv_enc = pkcs11_rsa_encrypt;
ops.rsa_priv_dec = pkcs11_rsa_decrypt;
ops.rsa_sign = pkcs11_rsa_sign;
ops.rsa_verify = pkcs11_rsa_verify;
}
return ops;
}
Are there any plans to hide the RSA_METHOD?
Steve.
--
Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org
__
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager majord...@openssl.org
--
Douglas E. Engert deeng...@anl.gov
Argonne National Laboratory
9700 South Cass Avenue
Argonne, Illinois 60439
(630) 252-5444
__
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager majord...@openssl.org
[openssl.org #2459] ecdsa_method declaration prevents use in implementing a dynamic engine
On Wed Sep 11 17:52:03 2013, deeng...@anl.gov wrote: Attached is a patch to move the definition of ecdsa_method from src/crypto/ecdsa/ecs_locl.h to ecdsa.h and move the definition if ecdh_method from src/crypto/ecdh/ech_locl.h to ecdh.h It's been policy that we should avoiding direct structure access in applications code and use opaque structures where possible. I had to change ecdsa_method for the FIPS builds (add the flags field) and if it had been public would've meant that it would no longer be binary compatible across minor versions (1.0.0 incompatible with 1.0.1 and later) which would be a major headache. The preferred technique would be to create a function to allocate and initialise the structure without exposing it in a public header. See the EVP_PKEY_METHOD structure for example. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
[openssl.org #2459] ecdsa_method declaration prevents use in implementing a dynamic engine
Hi, It appears that the way ECDSA_METHOD was defined prevents it from being used unless the internal header ecs_locl.h is included. This prevents it from being used for example to implement a stand-alone dynamic engine for ECDSA, since the internal header is not available. If possible i would like to see a fix applied to openssl stable, due to the fact that no ECDSA engines can be implemented without the fix. Thanks, Kent On Wed, Feb 23, 2011 at 10:03 AM, Mounir IDRASSI mounir.idra...@idrix.net wrote: Yes, you should open a ticket on the issue tracker. However, I'm not sure if Dr. Stephen Henson will agree to add this change to the current stable versions (0.9.8x and 1.0.0x) as he usually delays header changes till the 1.1.0 release. -- Mounir IDRASSI IDRIX http://www.idrix.fr On 2/23/2011 4:44 PM, Kent Yoder wrote: Thanks Mounir, I'd like to use ECDSA_METHOD to implement a dynamic engine for ecdsa. I want to avoid copying the header files from the upstream source so that my engine package can compile stand-alone. This should be in line with the way dynamic engines have worked for other algorithms since 0.9.8, if I understand correctly. Should I open an item in the issue tracker for this? Thanks, Kent On Tue, Feb 22, 2011 at 8:04 PM, Mounir IDRASSI mounir.idra...@idrix.net wrote: Hi, In the case of RSA_METHOD, it is working because the underlying type rsa_meth_st is defined in rsa.h, whereas for ECDSA_METHOD, the underlying type ecdsa_method is not exported by the public headers: it is defined in the internal OpenSSL header ecs_locl.h found in the source distribution __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
Re: [openssl.org #2459] ecdsa_method declaration prevents use in implementing a dynamic engine
On 2/23/2011 12:31 PM, Kent Yoder via RT wrote: Hi, It appears that the way ECDSA_METHOD was defined prevents it from being used unless the internal header ecs_locl.h is included. This prevents it from being used for example to implement a stand-alone dynamic engine for ECDSA, since the internal header is not available. If possible i would like to see a fix applied to openssl stable, due to the fact that no ECDSA engines can be implemented without the fix. I second this motion! I have modifications to the OpenSC engine_pkcs11 and libp11 packages to implement EDCSA signatures via the engine that require ecs_locl.h to get the ECDSA_METHOD. Thanks, Kent On Wed, Feb 23, 2011 at 10:03 AM, Mounir IDRASSI mounir.idra...@idrix.net wrote: Yes, you should open a ticket on the issue tracker. However, I'm not sure if Dr. Stephen Henson will agree to add this change to the current stable versions (0.9.8x and 1.0.0x) as he usually delays header changes till the 1.1.0 release. -- Mounir IDRASSI IDRIX http://www.idrix.fr On 2/23/2011 4:44 PM, Kent Yoder wrote: Thanks Mounir, I'd like to use ECDSA_METHOD to implement a dynamic engine for ecdsa. I want to avoid copying the header files from the upstream source so that my engine package can compile stand-alone. This should be in line with the way dynamic engines have worked for other algorithms since 0.9.8, if I understand correctly. Should I open an item in the issue tracker for this? Thanks, Kent On Tue, Feb 22, 2011 at 8:04 PM, Mounir IDRASSI mounir.idra...@idrix.netwrote: Hi, In the case of RSA_METHOD, it is working because the underlying type rsa_meth_st is defined in rsa.h, whereas for ECDSA_METHOD, the underlying type ecdsa_method is not exported by the public headers: it is defined in the internal OpenSSL header ecs_locl.h found in the source distribution __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org -- Douglas E. Engert deeng...@anl.gov Argonne National Laboratory 9700 South Cass Avenue Argonne, Illinois 60439 (630) 252-5444 __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
