I think there's some confusion here...
OpenSSL's pkeyutl does indeed call something with out==NULL, but it's
not calling RSA_private_decrypt() or RSA_public_encrypt() directly,
it's calling the EVP_PKEY functions. In *those* functions, there is a
check to see if the output argument is NULL and to
In message <20170926203053.5hlfcbx273lko...@roeckx.be> on Tue, 26 Sep 2017
22:30:53 +0200, Kurt Roeckx said:
kurt> On Tue, Sep 26, 2017 at 07:32:06AM +0200, Richard Levitte wrote:
kurt> >
kurt> > You mean to have nginx use the shared OpenSSL libraries, which also
kurt> > enables dynamic engines
On Tue, Sep 26, 2017 at 07:32:06AM +0200, Richard Levitte wrote:
>
> You mean to have nginx use the shared OpenSSL libraries, which also
> enables dynamic engines? Yes, that's the usual way to go about these
> things.
Do we support dynamic engines with a static build?
Kurt
--
openssl-dev mai
Working on pkcs11 engine, I discovered a bug in crypto/rsa/rsa_pmeth.c in
pkey_rsa_encrypt() and pkey_rsa_decrypt().
They cause a crash when called with out==NULL. Normally it should not happen –
but when an engine is called, and it cannot process the padding – it reverts to
the original Ope
On 26/09/2017, Levitte, Richard via openssl-dev wrote:
>
> chengwenping1> I?m working on accelerating ssl traffic with Intel QAT
> chengwenping1> card, now openssl 1.1.0f is integrated into Nginx, so I
> chengwenping1> need to static compile Intel QAT engine into openssl, and
> chengwenping1> I do
There is some more info.
https://github.com/01org/QAT_Engine/issues/9
-邮件原件-
发件人: 程文平
发送时间: 2017年9月26日 17:43
收件人: openssl-dev@openssl.org
主题: 答复: [openssl-dev] how to static compile ssl engine into openssl
Hi Richard,
Thanks for your response. From your meaning, the QAT engine
Hi Richard,
Thanks for your response. From your meaning, the QAT engine codes is
not applicable for static compile into openssl.
Yes, I should keep to run nginx using shared OpenSSL libraries with
dynamic QAT engines installed, until QAT engine static compiling is support.
