[openssl-users] sha256 digest support in v102l build missing; present in v110f. missing build flag?

PGNet Dev pgnet.dev at gmail.com
Tue May 30 15:20:21 UTC 2017 

I'm building separate local instances of latest Openssl v1.1.0 & v1.0.2 on linux64, to keep not-yet-v110-compliant apps happy.

The results are both functional, but the v102l build is missing sha{224|256|384|512} digests

v 1.0.2l
	/usr/local/openssl10/bin/openssl version
		OpenSSL 1.0.2l  26 Jan 2017
	/usr/local/openssl10/bin/openssl version -f
		compiler: /usr/bin/gcc-7 -I. -I.. -I../include  -fPIC -DOPENSSL_PIC -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -D_GNU_SOURCE -DOPENSSL_NO_BUF_FREELISTS -DOPENSSL_NO_HEARTBEAT -DPURIFY -DSSL_FORBID_ENULL -DTERMIO -Wa,--noexecstack -Wall -fno-common -Wa,--noexecstack -m64 -DL_ENDIAN -O3 -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM -DECP_NISTZ256_ASM
	/usr/local/openssl10/bin/openssl help
		...
		Message Digest commands (see the `dgst' command for more details)
		md4               md5               rmd160            sha
		sha1
		...
	ldd /usr/local/openssl10/bin/openssl | egrep 'lib(ssl|crypto)'
	        libssl.so.1.0.0 => /usr/local/openssl10/lib64/libssl.so.1.0.0 (0x00007f1619534000)
	        libcrypto.so.1.0.0 => /usr/local/openssl10/lib64/libcrypto.so.1.0.0 (0x00007f16190aa000)

v 1.1.0f
	/usr/local/openssl11/bin/openssl version
		OpenSSL 1.1.0f  25 May 2017
	/usr/local/openssl11/bin/openssl version -f
	/usr/local/openssl11/bin/openssl version -f
		compiler: /usr/bin/gcc-7 -DDSO_DLFCN -DHAVE_DLFCN_H -DNDEBUG -DOPENSSL_THREADS -DOPENSSL_NO_STATIC_ENGINE -DOPENSSL_PIC -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DPADLOCK_ASM -DPOLY1305_ASM -DOPENSSL_API_COMPAT=0x10100000L -D_GNU_SOURCE -DOPENSSL_NO_BUF_FREELISTS -DOPENSSL_NO_HEARTBEAT -DPURIFY -DSSL_FORBID_ENULL -DTERMIO -DOPENSSLDIR="\"/usr/local/openssl11\"" -DENGINESDIR="\"/usr/local/openssl11/lib64/engines-1.1\""  -Wa,--noexecstack -Wall -fno-common -Wa,--noexecstack
	/usr/local/openssl11/bin/openssl help
		...
		Message Digest commands (see the `dgst' command for more details)
		blake2b512        blake2s256        gost              md4
		md5               rmd160            sha1              sha224
		sha256            sha384            sha512
		...
	ldd /usr/local/openssl11/bin/openssl | egrep 'lib(ssl|crypto)'
	        libssl.so.1.1 => /usr/local/openssl11/lib64/libssl.so.1.1 (0x00007fc9c70f4000)
	        libcrypto.so.1.1 => /usr/local/openssl11/lib64/libcrypto.so.1.1 (0x00007fc9c6c48000)


The "-DSHA256_ASM" flag is present for the 102l build.  Is there an additional, specific flag required to enable the higher bit-depth digests for v102l that I've missed.

More information about the openssl-users mailing list