|
|
Hello,
OPENSSL_CONF=engine.conf openssl pkey -pubout -text -in tmp.pem
works ok for 1.1.0 version and does not work for current master. For the file a.pem both versions provide similar output.
engine.conf is minimal conf to load gost engine: ============= openssl_conf = openssl_def [openssl_def] engines = engine_section
[engine_section] gost = gost_section
[gost_section] engine_id = gost dynamic_path = /path/to/libgost.so default_algorithms = ALL CRYPT_PARAMS = id-Gost28147-89-CryptoPro-A-ParamSet ===============
I've found out that behavior of the function EC_POINT_get_affine_coordinates_GFp has changed between versions 1.1.0 and current master. Also I found that pkey command ignores result of the calls to EVP_PKEY_print_public and EVP_PKEY_print_private.
Could you please clarify whether it's a bug in my engine or something incompatible in openssl code?
Thank you! -- SY, Dmitry Belyavsky
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
|
|
I can't reproduce the issue, using latest master for both gost and openssl: /tmpram/gost > export OPENSSL_ENGINES=/tmpram/gost/engine/bin /tmpram/gost > /tmpram/openssl-111-pre9-dev/bin/openssl pkey -engine gost -pubout -text -in tmp.pem
engine "gost" set. Private key: 28A509558DB1969DB89A4CB517D8A759EAB79A6D09FEECDAE87B03BECA604B36 /tmpram/gost > /tmpram/openssl-111-pre9-dev/bin/openssl pkey -engine gost -pubout -text -in a.pem engine "gost" set. -----BEGIN PUBLIC KEY----- MGMwHAYGKoUDAgITMBIGByqFAwICIwEGByqFAwICHgEDQwAEQORQaJaqv4S10bz4 jw112dGlrtD+DyGR8TqkhmOvlJB46VUIbpBsEHs8nn0pXtzsIfEwgV8Oxo/QA0Ri Qu5j7SU= -----END PUBLIC KEY----- Private key: 46150327559001221F9F1F9A50CD9E6A0CD5F5D0ADEA6439C1DB5E9EBD994BF6 Public key: X:789094AF6386A43AF191210FFED0AEA5D1D9750D8FF8BCD1B584BFAA966850E4 Y:25ED63EE42624403D08FC60E5F8130F121ECDC5E297D9E3C7B106C906E0855E9 Parameter set: id-GostR3410-2001-CryptoPro-A-ParamSet
On Fri, 17 Aug 2018 at 18:15, Dmitry Belyavsky < [hidden email]> wrote: Hello,
OPENSSL_CONF=engine.conf openssl pkey -pubout -text -in tmp.pem
works ok for 1.1.0 version and does not work for current master. For the file a.pem both versions provide similar output.
engine.conf is minimal conf to load gost engine: ============= openssl_conf = openssl_def [openssl_def] engines = engine_section
[engine_section] gost = gost_section
[gost_section] engine_id = gost dynamic_path = /path/to/libgost.so default_algorithms = ALL CRYPT_PARAMS = id-Gost28147-89-CryptoPro-A-ParamSet ===============
I've found out that behavior of the function EC_POINT_get_affine_coordinates_GFp has changed between versions 1.1.0 and current master. Also I found that pkey command ignores result of the calls to EVP_PKEY_print_public and EVP_PKEY_print_private.
Could you please clarify whether it's a bug in my engine or something incompatible in openssl code?
Thank you! -- SY, Dmitry Belyavsky
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
|
|
Dear Nicola,
You just reproduced it :)
Output for the file a.pem contains Private key, Public key and Parameter set; the one for tmp.pem does not. I can't reproduce the issue, using latest master for both gost and openssl: /tmpram/gost > export OPENSSL_ENGINES=/tmpram/gost/engine/bin /tmpram/gost > /tmpram/openssl-111-pre9-dev/bin/openssl pkey -engine gost -pubout -text -in tmp.pem
engine "gost" set. Private key: 28A509558DB1969DB89A4CB517D8A759EAB79A6D09FEECDAE87B03BECA604B36 /tmpram/gost > /tmpram/openssl-111-pre9-dev/bin/openssl pkey -engine gost -pubout -text -in a.pem engine "gost" set. -----BEGIN PUBLIC KEY----- MGMwHAYGKoUDAgITMBIGByqFAwICIwEGByqFAwICHgEDQwAEQORQaJaqv4S10bz4 jw112dGlrtD+DyGR8TqkhmOvlJB46VUIbpBsEHs8nn0pXtzsIfEwgV8Oxo/QA0Ri Qu5j7SU= -----END PUBLIC KEY----- Private key: 46150327559001221F9F1F9A50CD9E6A0CD5F5D0ADEA6439C1DB5E9EBD994BF6 Public key: X:789094AF6386A43AF191210FFED0AEA5D1D9750D8FF8BCD1B584BFAA966850E4 Y:25ED63EE42624403D08FC60E5F8130F121ECDC5E297D9E3C7B106C906E0855E9 Parameter set: id-GostR3410-2001-CryptoPro-A-ParamSet
On Fri, 17 Aug 2018 at 18:15, Dmitry Belyavsky < [hidden email]> wrote: Hello,
OPENSSL_CONF=engine.conf openssl pkey -pubout -text -in tmp.pem
works ok for 1.1.0 version and does not work for current master. For the file a.pem both versions provide similar output.
engine.conf is minimal conf to load gost engine: ============= openssl_conf = openssl_def [openssl_def] engines = engine_section
[engine_section] gost = gost_section
[gost_section] engine_id = gost dynamic_path = /path/to/libgost.so default_algorithms = ALL CRYPT_PARAMS = id-Gost28147-89-CryptoPro-A-ParamSet ===============
I've found out that behavior of the function EC_POINT_get_affine_coordinates_GFp has changed between versions 1.1.0 and current master. Also I found that pkey command ignores result of the calls to EVP_PKEY_print_public and EVP_PKEY_print_private.
Could you please clarify whether it's a bug in my engine or something incompatible in openssl code?
Thank you! -- SY, Dmitry Belyavsky
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
-- SY, Dmitry Belyavsky
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
|
|
You just reproduced it :)
Output for the file a.pem contains Private key, Public key and Parameter set; the one for tmp.pem does not.
You are right, I was expecting some kind of error, and realized that there was something strange just after hitting the Send button, as usual!
Anyway, I think I found the problem, with the invaluable help of Billy Brumley in the backstage!
It's a bug in the current GFp_simple_ladder implementation that was not catched by existing regression testing.
I'll open a proper PR to fix this as soon as we finish to test the alternative implementation.
In the meantime you might open a proper issue in Github for this problem so that the bug will be properly tracked!
Thanks for reporting this,
Nicola Tuveri
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
|
|
Dear Nicola, You just reproduced it :)
Output for the file a.pem contains Private key, Public key and Parameter set; the one for tmp.pem does not.
You are right, I was expecting some kind of error, and realized that there was something strange just after hitting the Send button, as usual!
Anyway, I think I found the problem, with the invaluable help of Billy Brumley in the backstage!
It's a bug in the current GFp_simple_ladder implementation that was not catched by existing regression testing.
I'll open a proper PR to fix this as soon as we finish to test the alternative implementation.
Thank you very much! In the meantime you might open a proper issue in Github for this problem so that the bug will be properly tracked!
-- SY, Dmitry Belyavsky
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
|
|
On Sat, 18 Aug 2018 at 00:15, Dmitry Belyavsky < [hidden email]> wrote: Dear Nicola, You just reproduced it :)
Output for the file a.pem contains Private key, Public key and Parameter set; the one for tmp.pem does not.
You are right, I was expecting some kind of error, and realized that there was something strange just after hitting the Send button, as usual!
Anyway, I think I found the problem, with the invaluable help of Billy Brumley in the backstage!
It's a bug in the current GFp_simple_ladder implementation that was not catched by existing regression testing.
I'll open a proper PR to fix this as soon as we finish to test the alternative implementation.
Thank you very much! In the meantime you might open a proper issue in Github for this problem so that the bug will be properly tracked!
-- SY, Dmitry Belyavsky
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
|
|