On Wed, 31 Aug 2005 22:53:51 +0200 Nils Larsch <[EMAIL PROTECTED]> wrote:
> Steffen Pankratz wrote:
> > On Tue, 30 Aug 2005 23:53:37 +0200
> > Nils Larsch <[EMAIL PROTECTED]> wrote:
> >
> >
> >>Steffen Pankratz wrote:
> >>...
> >>
> >>>>well, if openssl is build without DES support the DES nids are not
> >>>>added to the internal list of OIDs when OPENSSL_add_all_ciphers is
> >>>>called, hence the OBJ_* functions know nothing about DES.
> >>>>
> >>>
> >>>logical
> >>>any chance to make openssl aware of -des-ecb when build without DES cipher
> >>>support using a dynamic Engine module?
> >>
> >>what about adding the necessary ciphers in the engine initialization
> >>function (have a look at crypto/evp/c_allc.c to see which functions
> >>are necessary) ?
> >
> > will try later
> > for this i have to load the Engine module before i can use "openssl enc
> > -engine ...", right?
>
> yep, otherwise apps/enc.c doesn't know "-des-ecb".
still no luck with this
while initalizing the engine i do a EVP_add_cipher call with a reference to my
EVP_CIPHER struct
in the openssl program i use the engine command to load the engine before i use
the enc command
i get a: 'added(des-ecb) DES-ECB engine support'
but enc still doesn't know about -des-ecb, so what did i miss
> >
> >>>>>but loading seems to be ok
> >>>>>
> >>>>>openssl enc -engine des-ecb
> >>>>>engine "des-ecb" set.
> >>>>>
> >>>>>i tried a OSSL build with DES cipher support and got this
> >>>>>
> >>>>>openssl enc -engine des-ecb -e -des-ecb -out testo -in testi
> >>>>>parallel processing
> >>>>>engine "des-ecb" set.
> >>>>>enter des-ecb encryption password:
> >>>>>Verifying - enter des-ecb encryption password:
> >>>>>Error setting cipher DES-ECB
> >>>>>10220:error:0607C085:digital envelope routines:EVP_CIPHER_CTX_ctrl:ctrl
> >>>>>operation not implemented:evp_enc.c:533:
> >>>>>10220:error:0607B086:digital envelope
> >>>>>routines:EVP_CipherInit_ex:initialization error:evp_enc.c:171:
> >>>>
> >>>>is the EVP_CIPH_CTRL_INIT flag set in the EVP_CIPHER structure ?
> >>>
> >>>it is (if you like, code is attached)
> >>
> >>if the flag is set you must provide a support for this flag in
> >>EVP_CIPHER::ctrl otherwise you get the above error (so if you don't
> >>need that functionality don't use it).
> >>
> >
> > even if i set the EVP_CIPH_CTRL_INIT flag to NULL i get this errormessage
> > and on the other hand if the EVP_CIPH_CTRL_INIT is set to des_ctrl
> > there is a implementation for this in my des-ecb.c
> >
> > so it seems to be another problem
>
> no, I've just tested your code (with some necessary modifications) and
> it seems to work. You set the EVP_CIPH_CTRL_INIT (== 64) flag in your
> cipher_des_ecb structure hence you must add support for EVP_CTRL_INIT
> in the switch statement in your des_ctrl function otherwise it can't
> work (or don't set this flag in cipher_des_ecb).
>
i got it, seems to work now
i hope i did all of the 'some necessary modifications' :)
thank you
--
Hypnos powered by LFS SVN-20041206 (Linux 2.6.12.5)
visit http://www.kratz00.org/
http://liflg.org/
Best regards, Steffen Pankratz.
PGP PUBLIC KEY: http://www.kratz00.org/kratz00.at.gmx.de.asc
des-ecb.c
Description: Binary data
