[Ocf-linux-users] openssl-0.9.8g.patch codechange
Brought to you by:
david-m
Menu
▾
▴
[Ocf-linux-users] openssl-0.9.8g.patch codechange
|
From: Kennedy, B. <bre...@in...> - 2009-05-20 16:44:06
|
Hi Dave,All,
It was seen that RSA cert gen fails when using cryptodev through openssl-0.9.8g patched with the OCF 20080917 openssl patch:
/usr/local/ssl_0.9.8g/bin/openssl req -new -sha1 -x509 -days 365 -newkey rsa:1024 -nodes -keyout server.key -out server.crt -subj '/CN=Test-Only-Certificate'
Generating a 1024 bit RSA private key
..........++++++
...........++++++
writing new private key to 'server.key'
-----
25900:error:0606B06E:digital envelope routines:EVP_SignFinal:wrong public key type:p_sign.c:103:
25900:error:0D0C3006:asn1 encoding routines:ASN1_item_sign:EVP lib:a_sign.c:276:
However with the attached patch, it works fine. I was wondering if, to your knowledge this impacts any non RSA functionality, or breaks anything (it doesn't seem to, but I haven't been able to test everything and it looks like it has the potential to break some other PKE function since it selects RSA PKE method specifically).
Regards,
Brendan
--- eng_cryptodev.c.orig 2009-05-20 17:12:03.000000000 +0100
+++ eng_cryptodev.c 2009-05-20 17:12:27.000000000 +0100
@@ -852,7 +852,7 @@ const EVP_MD cryptodev_sha1 = {
cryptodev_digest_final,
cryptodev_digest_copy,
cryptodev_digest_cleanup,
- EVP_PKEY_NULL_method,
+ EVP_PKEY_RSA_method,
SHA_CBLOCK,
sizeof(struct dev_crypto_state),
};
------------------------------------------------
Brendan Kennedy
Intel Shannon Ltd.
Ireland.
Email: bre...@in...<mailto:bre...@in...>
------------------------------------------------
---------------------------------------------------------------------
Intel Shannon Limited
Registered in Ireland
Registered Office: One Spencer Dock, North Wall Quay, Dublin 1
Registered Number: 308263
Business address: Dromore House, East Park, Shannon, Co. Clare
This e-mail and any attachments may contain confidential material for
the sole use of the intended recipient(s). Any review or distribution
by others is strictly prohibited. If you are not the intended
recipient, please contact the sender and delete all copies.
|
