Set custom bn_mod_exp functions in openssl 1.1.1
prudvi raj
rajprudvi98 at gmail.com
Mon Dec 21 21:12:31 UTC 2020
Thanks for the Reply!!.
I have a doubt , is it necessary to create a duplicate method ?? , Actually
in my case this custom "set" function would be called only once during
system initialization & we need to use those hardware accelerator
functions for all the crypto operations to be done later. So here's what i
did :
--
new code :
static DH_METHOD *Intoto_DH_Method;
static RSA_METHOD *Intoto_RSA_Method;
static DSA_METHOD *Intoto_DSA_Method;
void updatePublicKeyMethods()
{
Intoto_DH_Method = (DH_METHOD *)DH_get_default_method();
DH_meth_set_bn_mod_exp(Intoto_DH_Method, Intoto_DH_mod_exp);
DH_set_default_method(Intoto_DH_Method); << I guess,
there's no need to set the same as default again ??
Intoto_RSA_Method = (RSA_METHOD *)RSA_get_default_method();
RSA_meth_set_bn_mod_exp(Intoto_RSA_Method, Intoto_RSA_mod_exp);
RSA_set_default_method(Intoto_RSA_Method);
Intoto_DSA_Method = (DSA_METHOD *)DSA_get_default_method();
DSA_meth_set_bn_mod_exp(Intoto_DSA_Method, Intoto_DSA_mod_exp);
DSA_set_default_method(Intoto_DSA_Method);
return;
}
--
old code :
static DH_METHOD Intoto_DH_Method;
static RSA_METHOD Intoto_RSA_Method;
static DSA_METHOD Intoto_DSA_Method;
void updatePublicKeyMethods()
{
Intoto_DH_Method = *(DH_get_default_method());
Intoto_DH_Method.bn_mod_exp = Intoto_DH_mod_exp;
DH_set_default_method(&Intoto_DH_Method);
Intoto_RSA_Method = *(RSA_get_default_method());
Intoto_RSA_Method.bn_mod_exp = Intoto_RSA_mod_exp;
RSA_set_default_method(&Intoto_RSA_Method);
Intoto_DSA_Method = *(DSA_get_default_method());
Intoto_DSA_Method.bn_mod_exp = Intoto_DSA_mod_exp;
DSA_set_default_method(&Intoto_DSA_Method);
return;
}
--
Do you suggest any modifications, If any ??
Thanks,
Prudvi.
On Thu, Dec 17, 2020 at 4:07 PM Tomas Mraz <tmraz at redhat.com> wrote:
> On Thu, 2020-12-17 at 15:16 +0530, prudvi raj wrote:
> > Hi,
> >
> > I need to set custom accelerated functions for bn_mod_exp methods in
> > openssl 1.1.1, while upgrading for openssl 1.0.2. Here's the code
> > snippet () :
> > --
> > static DH_METHOD Intoto_DH_Method;
> > static RSA_METHOD Intoto_RSA_Method;
> > static DSA_METHOD Intoto_DSA_Method;
> >
> > void updatePublicKeyMethods()
> > {
> > Intoto_DH_Method = *(DH_get_default_method());
> > Intoto_DH_Method.bn_mod_exp = Intoto_DH_mod_exp;
> > DH_set_default_method(&Intoto_DH_Method);
> >
> > Intoto_RSA_Method = *(RSA_get_default_method());
> > Intoto_RSA_Method.bn_mod_exp = Intoto_RSA_mod_exp;
> > RSA_set_default_method(&Intoto_RSA_Method);
> >
> > Intoto_DSA_Method = *(DSA_get_default_method());
> > Intoto_DSA_Method.bn_mod_exp = Intoto_DSA_mod_exp;
> > DSA_set_default_method(&Intoto_DSA_Method);
> >
> > return;
> > }
> > --
> > As RSA_METHOD,DSA_METHOD & DH_METHOD objects are Opaque now , Can
> > anyone help me with what would be the replacement for above code ??
>
> There is RSA_meth_set_bn_mod_exp() function and the respective
> equivalents for DH and DSA. Of course you'll also have to use
> RSA_meth_dup() to duplicate the default method before you can
> manipulate it. And you'll need to free it once you stop using the
> OpenSSL functions.
>
> --
> Tomáš Mráz
> No matter how far down the wrong road you've gone, turn back.
> Turkish proverb
> [You'll know whether the road is wrong if you carefully listen to your
> conscience.]
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-users/attachments/20201222/a4e91fb4/attachment.html>
More information about the openssl-users
mailing list