Re: error: redefinition of ‘struct rsa_meth_st’

Matt Caswell matt at openssl.org
Mon Apr 12 18:28:18 UTC 2021


On 12/04/2021 18:06, Blumenthal, Uri - 0553 - MITLL wrote:
> Is there an analog of the "dummy async engine" for the OpenSSL-3.0 Provider?

There isn't a simple analog for RSA specifically.

There's the test "tls-provider" which implements a toy KEX and KEM 
algorithm:

https://github.com/openssl/openssl/blob/master/test/tls-provider.c

For a bare bones skeleton do-nothing provider you can look at the null 
provider:

https://github.com/openssl/openssl/blob/master/providers/nullprov.c

You can also have a look at the legacy provider for a (relatively) 
simple example of how to do ciphers and digests:

https://github.com/openssl/openssl/blob/master/providers/legacyprov.c

Of course you should also look at the documentation:

https://www.openssl.org/docs/manmaster/man7/provider.html

If the interest is RSA specifically you may want to look at the provider 
asymmetric cipher documentation:

https://www.openssl.org/docs/manmaster/man7/provider-asym_cipher.html

as well as the provider signatures documentation:

https://www.openssl.org/docs/manmaster/man7/provider-signature.html

and the provider key management documentation:

https://www.openssl.org/docs/manmaster/man7/provider-keymgmt.html


Matt

> 
> TNX
> --
> Regards,
> Uri
>   
> There are two ways to design a system. One is to make is so simple there are obviously no deficiencies.
> The other is to make it so complex there are no obvious deficiencies.
>                                                                                                                                       -  C. A. R. Hoare
>   
> 
> On 4/12/21, 12:43, "openssl-users on behalf of Matt Caswell" <openssl-users-bounces at openssl.org on behalf of matt at openssl.org> wrote:
> 
>      You can look at the dummy async engine which wraps the standard RSA
>      functions inside an engine (as well as various other crypto primitives).
>      You can see it here:
> 
>      https://github.com/openssl/openssl/blob/OpenSSL_1_1_1-stable/engines/e_dasync.c
> 
>      Matt
> 
>      On 12/04/2021 17:32, Shariful Alam wrote:
>      > Dr. Pauli,
>      > Goodmorning. Thank you for replying. I found the documentation a bit
>      > difficult for me to understand. I was wondering if you can direct me to
>      > a sample skeleton code for creating a custom RSA engine.
>      >
>      > Regards,
>      > Shariful Alam
>      >
>      > On Sun, Apr 11, 2021 at 6:00 PM Dr Paul Dale <pauli at openssl.org
>      > <mailto:pauli at openssl.org>> wrote:
>      >
>      >     You shouldn't be accessing the internal of a private structure. That
>      >     structure was made private for a reason and duplicating it in your
>      >     engine will break when we change the structure's contents.
>      >
>      >     Your engine should be using the EVP_PKEY_meth_set_* function to do
>      >     what you want (for 1.1.1).  For 3.0, you should be writing a
>      >     provider instead.
>      >
>      >
>      >     Pauli
>      >
>      >     On 12/4/21 5:04 am, Shariful Alam wrote:
>      >>     Hello,
>      >>     Hope you guys are doing well. I'm trying to develop an RSA engine.
>      >>     My engine was somewhat working until I try to integrate my engine
>      >>     with an apache httpd server. After installing the httpd from the
>      >>     source code, it turns out that, I can't compile my engine anymore.
>      >>     I get the following error while I try to compile (it was compiling
>      >>     before and I did not make any changes to my engine code).
>      >>
>      >>     ==============================
>      >>
>      >>     *$gcc -fPIC -c r_engine.c*
>      >>     *r_engine.c:29:8: error: redefinition of ‘struct rsa_meth_st’
>      >>      struct rsa_meth_st {
>      >>             ^
>      >>     In file included from /usr/include/openssl/crypto.h:131:0,
>      >>                      from r_engine.c:7:
>      >>     /usr/include/openssl/ossl_typ.h:147:16: note: originally defined here
>      >>      typedef struct rsa_meth_st RSA_METHOD;*
>      >>
>      >>     =============================
>      >>
>      >>     and my *struct rsa_meth_st *looks like the following,
>      >>
>      >>     ================================================================================
>      >>
>      >>     *struct rsa_meth_st {
>      >>
>      >>         const char *name;
>      >>         int (*rsa_pub_enc) (int flen, const unsigned char *from,
>      >>     unsigned char *to, RSA *rsa, int padding);
>      >>         int (*rsa_pub_dec) (int flen, const unsigned char *from,
>      >>     unsigned char *to, RSA *rsa, int padding);
>      >>         int (*rsa_priv_enc) (int flen, const unsigned char *from,
>      >>     unsigned char *to, RSA *rsa, int padding);
>      >>         int (*rsa_priv_dec) (int flen, const unsigned char *from,
>      >>     unsigned char *to, RSA *rsa, int padding);
>      >>
>      >>         int (*rsa_mod_exp) (BIGNUM *r0, const BIGNUM *I, RSA *rsa,
>      >>     BN_CTX *ctx);
>      >>
>      >>         int (*bn_mod_exp) (BIGNUM *r, const BIGNUM *a, const BIGNUM
>      >>     *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
>      >>
>      >>         int (*init) (RSA *rsa);
>      >>
>      >>         int (*finish) (RSA *rsa);
>      >>
>      >>         int flags;
>      >>
>      >>         char *app_data;
>      >>
>      >>         int (*rsa_sign) (int type, const unsigned char *m, unsigned
>      >>     int m_length, unsigned char *sigret, unsigned int *siglen, const
>      >>     RSA *rsa);
>      >>
>      >>         int (*rsa_verify) (int dtype, const unsigned char *m, unsigned
>      >>     int m_length, const unsigned char *sigbuf, unsigned int siglen,
>      >>     const RSA *rsa);
>      >>
>      >>         int (*rsa_keygen) (RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb);
>      >>
>      >>     };
>      >>     *
>      >>
>      >>     =================================================================================
>      >>
>      >>     My sample skeleton code is here https://pastebin.com/uNXYknEA
>      >>     <https://pastebin.com/uNXYknEA>
>      >>
>      >>     Can anyone please tell me what I'm I doing wrong?
>      >>
>      >>     Regards,
>      >>     Shariful Alam
>      >
> 


More information about the openssl-users mailing list