[Ocf-linux-users] Σχετ: How stable is Openssl Configuration Option --with-cryptodev-digests?
Brought to you by:
david-m
Menu
▾
▴
[Ocf-linux-users] Σχετ: How stable is Openssl Configuration Option --with-cryptodev-digests?
|
From: Nikolaos T. <nts...@ya...> - 2012-11-29 13:01:57
|
Hi all,
I have the same issues concerning --with-cryptodev-digests flag, and the reply to the belowmentioned questions will turn out to be very useful for me, too.
Kind Regards/Με ευχές
Nikolaos Tsakalakis
>________________________________
> Απο: nikos karag <kar...@wi...>
>Προς: ocf...@li...
>Στάλθηκε: 5:59 μ.μ. Δευτέρα, 5 Νοεμβρίου 2012
>Θεμα: [Ocf-linux-users] How stable is Openssl Configuration Option --with-cryptodev-digests?
>
>
>
>Hello!
>
>
>I have some questions concerning the openssl configuration option --with-cryptodev-digests.
>
>
>1. Does the option --with-cryptodev-digests is necessary only for MD5/SHA hardware acceleration?
>
>2. In addition by applying the openssl-0.9.8r.patch (in order to use the OCF from openssl) i had some compilation problems with the option --with-cryptodev-digests.
>The reasons have to do with some inactive pieces of code (#if 0) inside of some files of openssl.
>
>
>For example in file
>openssl-0.9.8r\crypto\engine\eng_cryptodev.c at line 146
>#if 0
>static struct {
>intid;
>intnid;
>} digests[] = {
>{ CRYPTO_SHA1_HMAC,NID_hmacWithSHA1,},
>{ CRYPTO_RIPEMD160_HMAC,NID_ripemd160,},
>{ CRYPTO_MD5_KPDK,NID_undef,},
>{ CRYPTO_SHA1_KPDK,NID_undef,},
>{ CRYPTO_MD5,NID_md5,},
>{ CRYPTO_SHA1,NID_undef,},
>{ 0,NID_undef,},
>};
>#endif
>
>
>there is a piece of code inside at #if 0
>In order to compile with --with-cryptodev-digests i replace the #if 0 with #ifdef USE_CRYPTODEV_DIGESTS
>Is this the suitable procedure for compilation with --with-cryptodev-digests? Why openssl has these pieces of code inactive?
>
>
>3. Also with --with-cryptodev-digests there are some reported problems e.g.
>http://sourceforge.net/mailarchive/forum.php?forum_name=ocf-linux-users&max_rows=25&style=nested&viewmonth=200805
>
>
>Some problems i encountered also by myself
>By run the comand
>
>
># openssl x509 -in usercert.pem -signkey userkey.pem -out cert.crt
>i take the error:
>
>
>Getting Private key
>5480:error:0606B06E:digital envelope routines:EVP_SignFinal:wrong public key type:p_sign.c:99:
>5480:error:0D0C3006:asn1 encoding routines:ASN1_item_sign:EVP lib:a_sign.c:281:
>
>
>By removing the option --with-cryptodev-digests this error was disappeared.
>
>
>What is the directives concerning the --with-cryptodev-digests?
>Is it stable? How we can overcome such problems (EVP_SignFinal:wrong public key type)?
>
>
>Thanks a lot!
>------------------------------------------------------------------------------
>LogMeIn Central: Instant, anywhere, Remote PC access and management.
>Stay in control, update software, and manage PCs from one command center
>Diagnose problems and improve visibility into emerging IT issues
>Automate, monitor and manage. Do more in less time with Central
>http://p.sf.net/sfu/logmein12331_d2d
>_______________________________________________
>Ocf-linux-users mailing list
>Ocf...@li...
>https://lists.sourceforge.net/lists/listinfo/ocf-linux-users
>
>
> |
