Re: [openssl-dev] [openssl-commits] [openssl] master update
Am 09.03.2016 um 22:53 schrieb Richard Levitte: The branch master has been updated via 64b9d84bfd0da0305a1df9b97ffbdc3898f59e62 (commit) from 2b8fa1d56cd3a41d666994a1b2ed9df0f5e5d1ec (commit) - Log - commit 64b9d84bfd0da0305a1df9b97ffbdc3898f59e62 Author: Richard Levitte Date: Wed Mar 9 22:34:27 2016 +0100 When grepping something starting with a dash, remember to use -e Strictly speaking "grep -e" has another meaning. If a leading dash is the only problem to fix, one can use "grep --", so the below would become if echo "$CONFIG_OPTS" | grep -- "--classic" >/dev/null; then Regards, Rainer Reviewed-by: Viktor Dukhovni --- Summary of changes: .travis.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.travis.yml b/.travis.yml index ce7e208..0865817 100644 --- a/.travis.yml +++ b/.travis.yml @@ -60,7 +60,7 @@ matrix: before_script: - sh .travis-create-release.sh $TRAVIS_OS_NAME - tar -xvzf _srcdist.tar.gz -- if echo "$CONFIG_OPTS" | grep "--classic" >/dev/null; then +- if echo "$CONFIG_OPTS" | grep -e "--classic" >/dev/null; then srcdir=.; cd _srcdist; else @@ -83,7 +83,7 @@ before_script: - cd .. script: -- if echo "$CONFIG_OPTS" | grep "--classic" >/dev/null; then +- if echo "$CONFIG_OPTS" | grep -e "--classic" >/dev/null; then cd _srcdist; else cd _build; -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Re: [openssl-dev] [openssl-commits] [openssl] master update
> Please note that the patch in RT4247 also contains a hunk for > crypto/evp/e_camellia.c. This was not committed here, but without it one > gets the same type of compilation error on SPARC. Since the RT is already > closed I thought I better ask. Thanks for catching this. Fixed now. ___ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Re: [openssl-dev] [openssl-commits] [openssl] master update
Oops, my mistake.
--
Senior Architect, Akamai Technologies
IM: richs...@jabber.at Twitter: RichSalz
> -Original Message-
> From: Rainer Jung [mailto:rainer.j...@kippdata.de]
> Sent: Saturday, January 16, 2016 5:12 AM
> To: openssl-dev@openssl.org
> Subject: Re: [openssl-dev] [openssl-commits] [openssl] master update
>
> Please note that the patch in RT4247 also contains a hunk for
> crypto/evp/e_camellia.c. This was not committed here, but without it one
> gets the same type of compilation error on SPARC. Since the RT is already
> closed I thought I better ask.
>
> The missing part is:
>
> Index: crypto/evp/e_camellia.c
> --- crypto/evp/e_camellia.c 2016-01-14 10:51:32.0 +0100
> +++ crypto/evp/e_camellia.c 2016-01-16 04:01:44.443269000 +0100
> @@ -119,10 +119,10 @@
>const unsigned char *iv, int enc)
>{
>int ret, mode, bits;
> -EVP_CAMELLIA_KEY *dat = (EVP_CAMELLIA_KEY *) ctx->cipher_data;
> +EVP_CAMELLIA_KEY *dat = (EVP_CAMELLIA_KEY *)
> EVP_CIPHER_CTX_cipher_data(ctx);
>
> -mode = ctx->cipher->flags & EVP_CIPH_MODE;
> -bits = ctx->key_len * 8;
> +mode = EVP_CIPHER_CTX_mode(ctx);
> +bits = EVP_CIPHER_CTX_key_length(ctx) * 8;
>
>cmll_t4_set_key(key, bits, &dat->ks);
>
> Thank a bunch,
>
> Rainer
>
> Am 16.01.2016 um 04:47 schrieb Rich Salz:
> > The branch master has been updated
> > via ecdd0ff733985fb573d687fe85fa533f62f6cfd8 (commit)
> >from 25be7a0feacdbd3326774f0da8aaeb966c1f57f8 (commit)
> >
> >
> > - Log
> > -
> > commit ecdd0ff733985fb573d687fe85fa533f62f6cfd8
> > Author: Rich Salz
> > Date: Fri Jan 15 22:37:11 2016 -0500
> >
> > RT4247: Fix EVP_CIPHER_CTX opaque on sparc
> >
> > Via Rainer Jung
> >
> > Reviewed-by: Dr. Stephen Henson
> >
> > --
> > -
> >
> > Summary of changes:
> > crypto/evp/e_des.c | 2 +-
> > crypto/evp/e_des3.c | 4 ++--
> > 2 files changed, 3 insertions(+), 3 deletions(-)
> >
> > diff --git a/crypto/evp/e_des.c b/crypto/evp/e_des.c index
> > 5536f62..929151c 100644
> > --- a/crypto/evp/e_des.c
> > +++ b/crypto/evp/e_des.c
> > @@ -247,7 +247,7 @@ static int des_init_key(EVP_CIPHER_CTX *ctx, const
> unsigned char *key,
> > dat->stream.cbc = NULL;
> > # if defined(SPARC_DES_CAPABLE)
> > if (SPARC_DES_CAPABLE) {
> > -int mode = ctx->cipher->flags & EVP_CIPH_MODE;
> > +int mode = EVP_CIPHER_CTX_mode(ctx);
> >
> > if (mode == EVP_CIPH_CBC_MODE) {
> > des_t4_key_expand(key, &dat->ks.ks); diff --git
> > a/crypto/evp/e_des3.c b/crypto/evp/e_des3.c index 16407e8..8b6c2b5
> > 100644
> > --- a/crypto/evp/e_des3.c
> > +++ b/crypto/evp/e_des3.c
> > @@ -270,7 +270,7 @@ static int des_ede_init_key(EVP_CIPHER_CTX *ctx,
> const unsigned char *key,
> > dat->stream.cbc = NULL;
> > # if defined(SPARC_DES_CAPABLE)
> > if (SPARC_DES_CAPABLE) {
> > -int mode = ctx->cipher->flags & EVP_CIPH_MODE;
> > +int mode = EVP_CIPHER_CTX_mode(ctx);
> >
> > if (mode == EVP_CIPH_CBC_MODE) {
> > des_t4_key_expand(&deskey[0], &dat->ks1); @@ -297,7
> > +297,7 @@ static int des_ede3_init_key(EVP_CIPHER_CTX *ctx, const
> unsigned char *key,
> > dat->stream.cbc = NULL;
> > # if defined(SPARC_DES_CAPABLE)
> > if (SPARC_DES_CAPABLE) {
> > -int mode = ctx->cipher->flags & EVP_CIPH_MODE;
> > +int mode = EVP_CIPHER_CTX_mode(ctx);
> >
> > if (mode == EVP_CIPH_CBC_MODE) {
> > des_t4_key_expand(&deskey[0], &dat->ks1);
> ___
> openssl-dev mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
___
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Re: [openssl-dev] [openssl-commits] [openssl] master update
Please note that the patch in RT4247 also contains a hunk for
crypto/evp/e_camellia.c. This was not committed here, but without it one
gets the same type of compilation error on SPARC. Since the RT is
already closed I thought I better ask.
The missing part is:
Index: crypto/evp/e_camellia.c
--- crypto/evp/e_camellia.c 2016-01-14 10:51:32.0 +0100
+++ crypto/evp/e_camellia.c 2016-01-16 04:01:44.443269000 +0100
@@ -119,10 +119,10 @@
const unsigned char *iv, int enc)
{
int ret, mode, bits;
-EVP_CAMELLIA_KEY *dat = (EVP_CAMELLIA_KEY *) ctx->cipher_data;
+EVP_CAMELLIA_KEY *dat = (EVP_CAMELLIA_KEY *)
EVP_CIPHER_CTX_cipher_data(ctx);
-mode = ctx->cipher->flags & EVP_CIPH_MODE;
-bits = ctx->key_len * 8;
+mode = EVP_CIPHER_CTX_mode(ctx);
+bits = EVP_CIPHER_CTX_key_length(ctx) * 8;
cmll_t4_set_key(key, bits, &dat->ks);
Thank a bunch,
Rainer
Am 16.01.2016 um 04:47 schrieb Rich Salz:
The branch master has been updated
via ecdd0ff733985fb573d687fe85fa533f62f6cfd8 (commit)
from 25be7a0feacdbd3326774f0da8aaeb966c1f57f8 (commit)
- Log -
commit ecdd0ff733985fb573d687fe85fa533f62f6cfd8
Author: Rich Salz
Date: Fri Jan 15 22:37:11 2016 -0500
RT4247: Fix EVP_CIPHER_CTX opaque on sparc
Via Rainer Jung
Reviewed-by: Dr. Stephen Henson
---
Summary of changes:
crypto/evp/e_des.c | 2 +-
crypto/evp/e_des3.c | 4 ++--
2 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/crypto/evp/e_des.c b/crypto/evp/e_des.c
index 5536f62..929151c 100644
--- a/crypto/evp/e_des.c
+++ b/crypto/evp/e_des.c
@@ -247,7 +247,7 @@ static int des_init_key(EVP_CIPHER_CTX *ctx, const unsigned
char *key,
dat->stream.cbc = NULL;
# if defined(SPARC_DES_CAPABLE)
if (SPARC_DES_CAPABLE) {
-int mode = ctx->cipher->flags & EVP_CIPH_MODE;
+int mode = EVP_CIPHER_CTX_mode(ctx);
if (mode == EVP_CIPH_CBC_MODE) {
des_t4_key_expand(key, &dat->ks.ks);
diff --git a/crypto/evp/e_des3.c b/crypto/evp/e_des3.c
index 16407e8..8b6c2b5 100644
--- a/crypto/evp/e_des3.c
+++ b/crypto/evp/e_des3.c
@@ -270,7 +270,7 @@ static int des_ede_init_key(EVP_CIPHER_CTX *ctx, const
unsigned char *key,
dat->stream.cbc = NULL;
# if defined(SPARC_DES_CAPABLE)
if (SPARC_DES_CAPABLE) {
-int mode = ctx->cipher->flags & EVP_CIPH_MODE;
+int mode = EVP_CIPHER_CTX_mode(ctx);
if (mode == EVP_CIPH_CBC_MODE) {
des_t4_key_expand(&deskey[0], &dat->ks1);
@@ -297,7 +297,7 @@ static int des_ede3_init_key(EVP_CIPHER_CTX *ctx, const
unsigned char *key,
dat->stream.cbc = NULL;
# if defined(SPARC_DES_CAPABLE)
if (SPARC_DES_CAPABLE) {
-int mode = ctx->cipher->flags & EVP_CIPH_MODE;
+int mode = EVP_CIPHER_CTX_mode(ctx);
if (mode == EVP_CIPH_CBC_MODE) {
des_t4_key_expand(&deskey[0], &dat->ks1);
___
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Re: [openssl-dev] [openssl-commits] [openssl] master update
On 8/28/15, 10:34, "Salz, Rich" wrote: >TL;DR -- Don't read the diff, look at the revised code. > >> The comment and code here are a slight mismatch, since qsize is >>dynamically >> computed (but limited to three values, the largest of which is used to >>size the >> local variable). It's not clear that using SHA256_DIGEST_LENGTH for the >> check would actually be better, though. > >If you can think of a more-c lear comment, let me know. But checking >against qsize is the right thing to do. > >> >+int seed_is_random = seed_in == NULL; >> >> This part seems really bogus; seed_is_random is an int, but seed_in is >>const >> unsigned char *; the assignment makes no sense. > >No, it's like "seed_in == NULL ? 1 : 0" Sigh, need more coffee. Sorry for the noise :( -Ben > >> I guess the intent is to declare the variable in the outer loop? > >Nope. > >> and seed_in is never read after this point. > >It was set up before the loop. > >> The grammar here is slightly unusual; "for lengths of at least 2048 >>bits" >> or "for lengths 2048 bits and larger" would feel more natural to me. > >Open a ticket :) > > ___ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Re: [openssl-dev] [openssl-commits] [openssl] master update
TL;DR -- Don't read the diff, look at the revised code. > The comment and code here are a slight mismatch, since qsize is dynamically > computed (but limited to three values, the largest of which is used to size > the > local variable). It's not clear that using SHA256_DIGEST_LENGTH for the > check would actually be better, though. If you can think of a more-c lear comment, let me know. But checking against qsize is the right thing to do. > >+int seed_is_random = seed_in == NULL; > > This part seems really bogus; seed_is_random is an int, but seed_in is const > unsigned char *; the assignment makes no sense. No, it's like "seed_in == NULL ? 1 : 0" > I guess the intent is to declare the variable in the outer loop? Nope. > and seed_in is never read after this point. It was set up before the loop. > The grammar here is slightly unusual; "for lengths of at least 2048 bits" > or "for lengths 2048 bits and larger" would feel more natural to me. Open a ticket :) ___ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Re: [openssl-dev] [openssl-commits] [openssl] master update
Hi Rich, Ismo,
I'm surprised this doesn't cause the compiler to warn/error out (inline)
On 8/27/15, 21:57, "Rich Salz" wrote:
>The branch master has been updated
> via f00a10b89734e84fe80f98ad9e2e77b557c701ae (commit)
> from 3c65047d30dacca345d30269b95af4a5c413e8d1 (commit)
>
>
>- Log -
>commit f00a10b89734e84fe80f98ad9e2e77b557c701ae
>Author: Ismo Puustinen
>Date: Fri Aug 7 22:14:47 2015 -0400
>
>GH367: Fix dsa keygen for too-short seed
>
>If the seed value for dsa key generation is too short (< qsize),
>return an error. Also update the documentation.
>
>Signed-off-by: Rich Salz
>Reviewed-by: Emilia Käsper
>
>---
>
>diff --git a/crypto/dsa/dsa_gen.c b/crypto/dsa/dsa_gen.c
>index e030cfa..a4fae17 100644
>--- a/crypto/dsa/dsa_gen.c
>+++ b/crypto/dsa/dsa_gen.c
>@@ -132,18 +132,15 @@ int dsa_builtin_paramgen(DSA *ret, size_t bits,
>size_t qbits,
>
> bits = (bits + 63) / 64 * 64;
>
>-/*
>- * NB: seed_len == 0 is special case: copy generated seed to seed_in
>if
>- * it is not NULL.
>- */
>-if (seed_len && (seed_len < (size_t)qsize))
>-seed_in = NULL; /* seed buffer too small -- ignore */
>-if (seed_len > (size_t)qsize)
>-seed_len = qsize; /* App. 2.2 of FIPS PUB 186 allows larger
>- * SEED, but our internal buffers are
>- * restricted to 160 bits */
>-if (seed_in != NULL)
>+if (seed_in != NULL) {
>+if (seed_len < (size_t)qsize)
>+return 0;
>+if (seed_len > (size_t)qsize) {
>+/* Don't overflow seed local variable. */
The comment and code here are a slight mismatch, since qsize is
dynamically computed (but limited to three values, the largest of which is
used to size the local variable). It's not clear that using
SHA256_DIGEST_LENGTH for the check would actually be better, though.
>+seed_len = qsize;
>+}
> memcpy(seed, seed_in, seed_len);
>+}
>
> if ((ctx = BN_CTX_new()) == NULL)
> goto err;
>@@ -166,20 +163,18 @@ int dsa_builtin_paramgen(DSA *ret, size_t bits,
>size_t qbits,
>
> for (;;) {
> for (;;) { /* find q */
>-int seed_is_random;
>+int seed_is_random = seed_in == NULL;
This part seems really bogus; seed_is_random is an int, but seed_in is
const unsigned char *; the assignment makes no sense.
>
> /* step 1 */
> if (!BN_GENCB_call(cb, 0, m++))
> goto err;
>
>-if (!seed_len) {
>+if (seed_is_random) {
and this chunk can never execute since seed_is_random was just set to 0
(er, NULL).
I guess the intent is to declare the variable in the outer loop?
> if (RAND_bytes(seed, qsize) <= 0)
> goto err;
>-seed_is_random = 1;
> } else {
>-seed_is_random = 0;
>-seed_len = 0; /* use random seed if 'seed_in' turns
>out to
>- * be bad */
>+/* If we come back through, use random seed next time. */
>+seed_in = NULL;
and seed_in is never read after this point.
> }
> memcpy(buf, seed, qsize);
> memcpy(buf2, seed, qsize);
>diff --git a/doc/crypto/DSA_generate_parameters.pod
>b/doc/crypto/DSA_generate_parameters.pod
>index d2a0418..92c89a0 100644
>--- a/doc/crypto/DSA_generate_parameters.pod
>+++ b/doc/crypto/DSA_generate_parameters.pod
>@@ -23,13 +23,12 @@ Deprecated:
> DSA_generate_parameters_ex() generates primes p and q and a generator g
> for use in the DSA and stores the result in B.
>
>-B is the length of the prime to be generated; the DSS allows a
>-maximum of 1024 bits.
>+B is the length of the prime p to be generated.
>+For lengths under 2048 bits, the length of q is 160 bits; for lengths
>+at least 2048, it is set to 256 bits.
The grammar here is slightly unusual; "for lengths of at least 2048 bits"
or "for lengths 2048 bits and larger" would feel more natural to me.
-Ben
>
>-If B is B or B E 20, the primes will be
>-generated at random. Otherwise, the seed is used to generate
>-them. If the given seed does not yield a prime q, a new random
>-seed is chosen and placed at B.
>+If B is NULL, the primes will be generated at random.
>+If B is less than the length of q, an error is returned.
>
> DSA_generate_parameters_ex() places the iteration count in
> *B and a counter used for finding a generator in
>_
>openssl-commits mailing list
>To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
>
___
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Re: [openssl-dev] [openssl-commits] [openssl] master update
Rats. Looked at the wrong build output ;( thanks. Will fix shortly. ___ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Re: [openssl-dev] [openssl-commits] [openssl] master update
Am 22.06.2015 um 21:49 schrieb Rich Salz:
The branch master has been updated
via 75ba5c58c6b3b3326a6c3198100830afa120e7c3 (commit)
from 389ebcecae2575188a4ff9566389ce694352be43 (commit)
- Log -
commit 75ba5c58c6b3b3326a6c3198100830afa120e7c3
Author: Rich Salz
Date: Sat Jun 13 17:18:47 2015 -0400
RT3907: avoid "local" in testssl script
Reviewed-by: Richard Levitte
---
Summary of changes:
test/testssl | 5 ++---
1 file changed, 2 insertions(+), 3 deletions(-)
diff --git a/test/testssl b/test/testssl
index 7e834a7..cb8e56a 100644
--- a/test/testssl
+++ b/test/testssl
@@ -118,11 +118,10 @@ echo test sslv2/sslv3 with both client and server
authentication via BIO pair an
$ssltest -bio_pair -server_auth -client_auth -app_verify $CA $extra || exit 1
test_cipher() {
- local cipher=$1
- local protocol=$2
+_cipher=$1
It seems "_cipher" is never used and instead the function still uses
"cipher" (which is the variable which is set elsewhere before calling
the function "test_cipher").
echo "Testing $cipher"
prot=""
-if [ $protocol = "SSLv3" ] ; then
+if [ $2 = "SSLv3" ] ; then
prot="-ssl3"
fi
$ssltest -cipher $cipher $prot
Regards,
Rainer
___
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Re: [openssl-dev] [openssl-commits] [openssl] master update
Am 10.04.2015 um 18:28 schrieb Viktor Dukhovni: The branch master has been updated via 34b0a927ab5c9232bcf864d524a9bf2558411700 (commit) from e71cecd551f1d8beca20681184d94f7000a5e333 (commit) - Log - commit 34b0a927ab5c9232bcf864d524a9bf2558411700 Author: Viktor Dukhovni Date: Fri Apr 10 12:25:30 2015 -0400 Polish shell script to avoid needless complexity. No need for here documents, just use "yes" or Reviewed-by: Richard Levitte --- Summary of changes: test/testca | 32 +--- 1 file changed, 9 insertions(+), 23 deletions(-) diff --git a/test/testca b/test/testca index d4d0159..4bcb1fd 100644 --- a/test/testca +++ b/test/testca @@ -1,5 +1,7 @@ #!/bin/sh So this is a /bin/sh script, not necessarily bash or ksh, and thus ... @@ -9,35 +11,19 @@ else fi export PATH -SSLEAY_CONFIG="-config CAss.cnf" -export SSLEAY_CONFIG - -OPENSSL="`pwd`/../util/opensslwrap.sh" -export OPENSSL +export SSLEAY_CONFIG="-config CAss.cnf" +export OPENSSL="`pwd`/../util/opensslwrap.sh" ... -SSLEAY_CONFIG="-config Uss.cnf" -export SSLEAY_CONFIG -$PERL ../apps/CA.pl -newreq || exit 1 +export SSLEAY_CONFIG="-config Uss.cnf" +$PERL ../apps/CA.pl -newreq SSLEAY_CONFIG="-config ../apps/openssl.cnf" -export SSLEAY_CONFIG - Combining X=Y export X into export X=Y does not work for all plain Shells. E.g. /bin/sh on Solaris is a Bourne Shell, which does not support this shortcut: $ export X=Y X=Y: is not an identifier Regards, Rainer ___ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Re: [openssl-dev] [openssl-commits] [openssl] master update ("Add Camellia CTR mode", dda8199922f9d52087d2c41b22a61eb4f9671385)
On 02/12/15 12:49, Rainer Jung wrote: > Am 12.02.2015 um 12:00 schrieb Andy Polyakov: diff --git a/crypto/evp/c_allc.c b/crypto/evp/c_allc.c index 174a419..7ae36d7 100644 --- a/crypto/evp/c_allc.c +++ b/crypto/evp/c_allc.c @@ -245,5 +245,8 @@ void OpenSSL_add_all_ciphers(void) EVP_add_cipher(EVP_camellia_256_ofb()); EVP_add_cipher_alias(SN_camellia_256_cbc, "CAMELLIA256"); EVP_add_cipher_alias(SN_camellia_256_cbc, "camellia256"); +EVP_add_cipher(EVP_camellia_128_ctr()); +EVP_add_cipher(EVP_camellia_192_ctr()); +EVP_add_cipher(EVP_camellia_256_ctr()); #endif } >>> >>> We get build warnings and crashes during run in EVP_add_cipher(). >> >> Thanks. I'm on it. Out of curiosity, with which config do you get >> crashes? I don't mean that this doesn't need fixing, I only want to have >> a reference. > > Thanks to you. > > The crash occurred while using it during a CI build for Tomcat plus > Tomcat native connector (tcnative) which in turn uses OpenSSL. Question was rather about OS. The question I seek answer to is how did it evade the usual test and/or what is so special about your environment. > OpenSSL was build with "config --prefix=... shared enable-deprecated". > > I don't have a full stack available. The Java HS-Error file says: > > [junit] # > [junit] # A fatal error has been detected by the Java Runtime > Environment: > [junit] # > [junit] # SIGSEGV (0xb) at pc=0x7fb882f66ef9, pid=32437, > tid=140431064893184 Ah! Keyword is likely to be that it was shared build. I mean implicit cast can slip through in non-shared case, because in such case code is loaded in lower 2GB, while shared libraries tend to be mapped far above 4GB. Thanks. ___ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Re: [openssl-dev] [openssl-commits] [openssl] master update ("Add Camellia CTR mode", dda8199922f9d52087d2c41b22a61eb4f9671385)
Am 12.02.2015 um 12:00 schrieb Andy Polyakov: diff --git a/crypto/evp/c_allc.c b/crypto/evp/c_allc.c index 174a419..7ae36d7 100644 --- a/crypto/evp/c_allc.c +++ b/crypto/evp/c_allc.c @@ -245,5 +245,8 @@ void OpenSSL_add_all_ciphers(void) EVP_add_cipher(EVP_camellia_256_ofb()); EVP_add_cipher_alias(SN_camellia_256_cbc, "CAMELLIA256"); EVP_add_cipher_alias(SN_camellia_256_cbc, "camellia256"); +EVP_add_cipher(EVP_camellia_128_ctr()); +EVP_add_cipher(EVP_camellia_192_ctr()); +EVP_add_cipher(EVP_camellia_256_ctr()); #endif } We get build warnings and crashes during run in EVP_add_cipher(). Thanks. I'm on it. Out of curiosity, with which config do you get crashes? I don't mean that this doesn't need fixing, I only want to have a reference. Thanks to you. The crash occurred while using it during a CI build for Tomcat plus Tomcat native connector (tcnative) which in turn uses OpenSSL. OpenSSL was build with "config --prefix=... shared enable-deprecated". I don't have a full stack available. The Java HS-Error file says: [junit] # [junit] # A fatal error has been detected by the Java Runtime Environment: [junit] # [junit] # SIGSEGV (0xb) at pc=0x7fb882f66ef9, pid=32437, tid=140431064893184 [junit] # [junit] # JRE version: Java(TM) SE Runtime Environment (8.0_25-b17) (build 1.8.0_25-b17) [junit] # Java VM: Java HotSpot(TM) 64-Bit Server VM (25.25-b02 mixed mode linux-amd64 compressed oops) [junit] # Problematic frame: [junit] # C [libcrypto.so.1.1.0+0x14fef9] EVP_add_cipher+0x9 [junit] # Regards, Rainer ___ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Re: [openssl-dev] [openssl-commits] [openssl] master update ("Add Camellia CTR mode", dda8199922f9d52087d2c41b22a61eb4f9671385)
>> diff --git a/crypto/evp/c_allc.c b/crypto/evp/c_allc.c >> index 174a419..7ae36d7 100644 >> --- a/crypto/evp/c_allc.c >> +++ b/crypto/evp/c_allc.c >> @@ -245,5 +245,8 @@ void OpenSSL_add_all_ciphers(void) >> EVP_add_cipher(EVP_camellia_256_ofb()); >> EVP_add_cipher_alias(SN_camellia_256_cbc, "CAMELLIA256"); >> EVP_add_cipher_alias(SN_camellia_256_cbc, "camellia256"); >> +EVP_add_cipher(EVP_camellia_128_ctr()); >> +EVP_add_cipher(EVP_camellia_192_ctr()); >> +EVP_add_cipher(EVP_camellia_256_ctr()); >> #endif >> } > > We get build warnings and crashes during run in EVP_add_cipher(). Thanks. I'm on it. Out of curiosity, with which config do you get crashes? I don't mean that this doesn't need fixing, I only want to have a reference. ___ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Re: [openssl-dev] [openssl-commits] [openssl] master update ("Add Camellia CTR mode", dda8199922f9d52087d2c41b22a61eb4f9671385)
Am 11.02.2015 um 20:30 schrieb Andy Polyakov: The branch master has been updated via dda8199922f9d52087d2c41b22a61eb4f9671385 (commit) via c79e17731f462d6d42b917027a7085c0f59a2214 (commit) from b7c9187b32a14b5b4a850161aed5c044d2130d5a (commit) - Log - commit dda8199922f9d52087d2c41b22a61eb4f9671385 Author: Andy Polyakov Date: Wed Feb 11 20:30:13 2015 +0100 Add Camellia CTR mode. Reviewed-by: Rich Salz ... --- Summary of changes: crypto/evp/c_allc.c|3 ++ crypto/evp/e_camellia.c|9 ++--- crypto/evp/evptests.txt| 64 ++ crypto/objects/obj_dat.h | 82 +--- crypto/objects/obj_mac.h | 60 crypto/objects/obj_mac.num | 12 +++ crypto/objects/objects.txt | 12 +++ 7 files changed, 231 insertions(+), 11 deletions(-) diff --git a/crypto/evp/c_allc.c b/crypto/evp/c_allc.c index 174a419..7ae36d7 100644 --- a/crypto/evp/c_allc.c +++ b/crypto/evp/c_allc.c @@ -245,5 +245,8 @@ void OpenSSL_add_all_ciphers(void) EVP_add_cipher(EVP_camellia_256_ofb()); EVP_add_cipher_alias(SN_camellia_256_cbc, "CAMELLIA256"); EVP_add_cipher_alias(SN_camellia_256_cbc, "camellia256"); +EVP_add_cipher(EVP_camellia_128_ctr()); +EVP_add_cipher(EVP_camellia_192_ctr()); +EVP_add_cipher(EVP_camellia_256_ctr()); #endif } We get build warnings and crashes during run in EVP_add_cipher(). It seems EVP_camellia_128_ctr(), EVP_camellia_192_ctr() and EVP_camellia_256_ctr() are missing from crypto/evp/evp.h: c_allc.c:248:5: warning: implicit declaration of function "EVP_camellia_128_ctr" [-Wimplicit-function-declaration] EVP_add_cipher(EVP_camellia_128_ctr()); etc. Thanks, Rainer ___ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
