[openssl-users] sha256 digest support in v102l build missing; present in v110f. missing build flag?
Jakob Bohm
jb-openssl at wisemo.com
Tue May 30 16:01:31 UTC 2017
On 30/05/2017 17:20, PGNet Dev wrote:
> I'm building separate local instances of latest Openssl v1.1.0 & v1.0.2 on linux64, to keep not-yet-v110-compliant apps happy.
>
> The results are both functional, but the v102l build is missing sha{224|256|384|512} digests
>
> v 1.0.2l
> /usr/local/openssl10/bin/openssl version
> OpenSSL 1.0.2l 26 Jan 2017
> /usr/local/openssl10/bin/openssl version -f
> compiler: /usr/bin/gcc-7 -I. -I.. -I../include -fPIC -DOPENSSL_PIC -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -D_GNU_SOURCE -DOPENSSL_NO_BUF_FREELISTS -DOPENSSL_NO_HEARTBEAT -DPURIFY -DSSL_FORBID_ENULL -DTERMIO -Wa,--noexecstack -Wall -fno-common -Wa,--noexecstack -m64 -DL_ENDIAN -O3 -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM -DECP_NISTZ256_ASM
> /usr/local/openssl10/bin/openssl help
> ...
> Message Digest commands (see the `dgst' command for more details)
> md4 md5 rmd160 sha
> sha1
> ...
> ldd /usr/local/openssl10/bin/openssl | egrep 'lib(ssl|crypto)'
> libssl.so.1.0.0 => /usr/local/openssl10/lib64/libssl.so.1.0.0 (0x00007f1619534000)
> libcrypto.so.1.0.0 => /usr/local/openssl10/lib64/libcrypto.so.1.0.0 (0x00007f16190aa000)
Actually, in my testing of earlier 1.0.x releases, sha256 etc. are
only missing from the help message, they are actually there, also as
commands.
> v 1.1.0f
> /usr/local/openssl11/bin/openssl version
> OpenSSL 1.1.0f 25 May 2017
> /usr/local/openssl11/bin/openssl version -f
> /usr/local/openssl11/bin/openssl version -f
> compiler: /usr/bin/gcc-7 -DDSO_DLFCN -DHAVE_DLFCN_H -DNDEBUG -DOPENSSL_THREADS -DOPENSSL_NO_STATIC_ENGINE -DOPENSSL_PIC -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DPADLOCK_ASM -DPOLY1305_ASM -DOPENSSL_API_COMPAT=0x10100000L -D_GNU_SOURCE -DOPENSSL_NO_BUF_FREELISTS -DOPENSSL_NO_HEARTBEAT -DPURIFY -DSSL_FORBID_ENULL -DTERMIO -DOPENSSLDIR="\"/usr/local/openssl11\"" -DENGINESDIR="\"/usr/local/openssl11/lib64/engines-1.1\"" -Wa,--noexecstack -Wall -fno-common -Wa,--noexecstack
> /usr/local/openssl11/bin/openssl help
> ...
> Message Digest commands (see the `dgst' command for more details)
> blake2b512 blake2s256 gost md4
> md5 rmd160 sha1 sha224
> sha256 sha384 sha512
> ...
> ldd /usr/local/openssl11/bin/openssl | egrep 'lib(ssl|crypto)'
> libssl.so.1.1 => /usr/local/openssl11/lib64/libssl.so.1.1 (0x00007fc9c70f4000)
> libcrypto.so.1.1 => /usr/local/openssl11/lib64/libcrypto.so.1.1 (0x00007fc9c6c48000)
>
>
> The "-DSHA256_ASM" flag is present for the 102l build. Is there an additional, specific flag required to enable the higher bit-depth digests for v102l that I've missed.
>
Enjoy
Jakob
--
Jakob Bohm, CIO, Partner, WiseMo A/S. https://www.wisemo.com
Transformervej 29, 2860 Søborg, Denmark. Direct +45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded
More information about the openssl-users
mailing list