-
Notifications
You must be signed in to change notification settings - Fork 173
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Feature request: For OpenSSL 3.0, modify the gost implementation to become an provider module #167
Comments
I've started to implement the provider, taking the legacy provider as an example. What is a relevant way to set the implementation for the 3rd-party providers? |
It might be better to look at a simpler example: https://github.com/provider-corner/vigenere (because openssl's three providers are quite entangled, they are not a good starting example) |
BTW, I'm working that provider up to be a bit more complete, including individual error reporting, which was more difficult than I had anticipated. |
Done, please have a look and tell me if there's anything that needs clarification (actually, feel free to raise issues there) |
I've converted the digests to a provider form but found some problems. When I try to define micalg as gettable param, I get an error:
So what is the pattern of using the Line 94 in 011e15b
I tried to copy the pattern from fipsprov.c, but did no succeed. |
So parameter will be |
I've tried many variants but none of them made the compiler happy. It means I do not get the point. |
@beldmit, you need to update your openssl 3.0-dev installation, this is an issue that was fixed quite a while ago, for exactly this sort of reason (ever since we started using the OSSL_PARAM array as a descriptor). Here's what that macro looks like right now: https://github.com/openssl/openssl/blob/master/include/openssl/params.h#L56 |
Hmmm. The macro looks exactly as you say, and the copy is up-to-date. Could it be a compiler issue?
|
Are you sure you're looking at the right one? This is very specific:
If you look at the line I pointed at, the |
Sure. The parameter was described as But after I changed it to OSSL_PARAM_utf8_string, I got an error
Casting the string to char * eliminates this error, but it seems wrong for this case:
So it means I do not understand:
|
Oh silly me, I didn't notice that you used the _PTR form. Either way, if we're still talking about a gettable, this is what I would specify: OSSL_PARAM_utf8_string("micalg", NULL, 0), (the 0 can be replaced with any number if you want to specify a maximum size) |
GOST ciphers from
@levitte Is it possible to rewrite checks in |
@yanovich I think this question is worth raising against openssl. Yes, it definitely makes sense. |
With OpenSSL 3.0, there is this new interface for dealing with extension, termed "provider". This is intended to be a more flexible interface, and most importantly, both upward and downward compatible with different OpenSSL versions (starting with 3.0). The ENGINE API will eventually go away, and you might as well start working on the provider module form now.
The text was updated successfully, but these errors were encountered: