On Thursday 11 December 2008 12:44:24 Madhusudan Bhat wrote: > Hi All, > > I am having a issue when using digest command from openssl. When I > issue digest command md5 from openssl, kernel side it will never > receive IOCTL - CIOCGSESSION with sop->mac getting set, also it wont > receive IOCTL - CIOCCRYPT with mac operation set. Tho, crypto driver > which I have written registered new session, free session, process > functions for CRYPTO_MD5, CRYPTO_MD5_HMAC. > > But when I issue des/3des/aes enc commands from openssl, open crypto > device at the kernel side receives proper IOCTL and calls my crypto > driver with new session and process functions with sop->cipher and > other fields related to cipher get set. > > Is there anything I might be missing in my driver or is there anything > which I have to enable to receive any digest commands? > BTW, I dont have any engine supported, so I dont use engine params > while issueing command from openssl.
My guess is that you're initialising your engine too late - your engine will only become the default for crypto algorithms/modes that it supports and that *haven't been used yet*. When something tries to use md5 for the first time, a default md5 implementation will be chosen and cached. You probably loaded your engine early enough to be there before anyone needed des/3des/aes, but after someone had already started using md5. Specifically, I'm guessing that randomness gathering is your problem. The random code uses hashes extensively, and if that kicks in before you register your engine's md5 implementation, then the default s/w implementation has already become the live default. Try building your openssl libraries with -DENGINE_TABLE_DEBUG and add a big printf() just before you load your engine. If there is engine logging related to md5 that occurs before you load your engine, that's the problem. Another thing to try is to call ENGINE_set_default() on your engine once it's loaded - your MD5 code after that should use your engine, even if the randomness stuff won't. Cheers, Geoff -- Un terrien, c'est un singe avec des clefs de char... ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
