<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<style type="text/css" style="display:none;"> P {margin-top:0;margin-bottom:0;} </style>
</head>
<body dir="ltr">
<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">
<span style="font-family:"Segoe UI", "Segoe UI Web (West European)", "Segoe UI", -apple-system, BlinkMacSystemFont, Roboto, "Helvetica Neue", sans-serif;font-size:14.6667px;background-color:rgb(255, 255, 255);display:inline !important">Hi Richard,</span></div>
<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">
<span style="font-family:"Segoe UI", "Segoe UI Web (West European)", "Segoe UI", -apple-system, BlinkMacSystemFont, Roboto, "Helvetica Neue", sans-serif;font-size:14.6667px;background-color:rgb(255, 255, 255);display:inline !important"><br>
</span></div>
<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">
<span style="font-family:"Segoe UI", "Segoe UI Web (West European)", "Segoe UI", -apple-system, BlinkMacSystemFont, Roboto, "Helvetica Neue", sans-serif;font-size:14.6667px;background-color:rgb(255, 255, 255);display:inline !important"> Thanks for the reply.
Maybe you misunderstood my query.</span><br>
</div>
<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">
<span style="font-family:"Segoe UI", "Segoe UI Web (West European)", "Segoe UI", -apple-system, BlinkMacSystemFont, Roboto, "Helvetica Neue", sans-serif;font-size:14.6667px;background-color:rgb(255, 255, 255);display:inline !important"><br>
</span></div>
<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">
<span style="font-family:"Segoe UI", "Segoe UI Web (West European)", "Segoe UI", -apple-system, BlinkMacSystemFont, Roboto, "Helvetica Neue", sans-serif;font-size:14.6667px;background-color:rgb(255, 255, 255);display:inline !important"> As you suggested,
I will use EVP_PKEY_CTX_new to create ctx for using it in </span></div>
<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">
<span style="font-family:"Segoe UI", "Segoe UI Web (West European)", "Segoe UI", -apple-system, BlinkMacSystemFont, Roboto, "Helvetica Neue", sans-serif;font-size:14.6667px;background-color:rgb(255, 255, 255);display:inline !important"> "EVP_PKEY_encrypt"
and "EVP_PKEY_decrypt".</span></div>
<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">
<span style="font-family:"Segoe UI", "Segoe UI Web (West European)", "Segoe UI", -apple-system, BlinkMacSystemFont, Roboto, "Helvetica Neue", sans-serif;font-size:14.6667px;background-color:rgb(255, 255, 255);display:inline !important"><br>
</span></div>
<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">
<span style="font-family:"Segoe UI", "Segoe UI Web (West European)", "Segoe UI", -apple-system, BlinkMacSystemFont, Roboto, "Helvetica Neue", sans-serif;font-size:14.6667px;background-color:rgb(255, 255, 255);display:inline !important"> But to create ctx
, <span style="background-color:rgb(255, 255, 255);display:inline !important">EVP_PKEY_CTX_new takes input </span></span>parameter as EVP_PKEY.</div>
<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">
<br>
</div>
<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">
In our code with 1.0.2 version, "RSA_public_encrypt" and "RSA_public_decrypt" APIs</div>
<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">
were used and input parameter to these APIs was RSA key obtained using APIs "PEM_read_bio_RSAPublicKey"</div>
<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">
and "PEM_read_bio_RSA_PUBKEY" from two different kinds of pem format public keys.</div>
<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">
<br>
</div>
<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">
<span style="margin:0px;font-size:12pt">Please note that pem format Public key used is different in<span> </span><span style="margin:0px;background-color:rgb(255, 255, 255);display:inline !important"> "PEM_read_bio_RSAPublicKey" and </span><span style="margin:0px">"PEM_read_bio_RSA_PUBKEY"</span><span style="margin:0px">.</span></span>
<div style="margin:0px;font-size:12pt"><span style="margin:0px"> one begins with "-----BEGIN PUBLIC KEY-----" and other begins with "-----BEGIN RSA PUBLIC KEY-----" and seems <span style="margin:0px">to be encoded differently</span></span></div>
</div>
<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">
--------------------------------------------------------------------------------------------------------------------------------------------------</div>
<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">
OLD CODE:</div>
<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">
RSA *rsa = NULL;
<div>BIO *keybio ;</div>
<div><br>
</div>
<div>keybio = BIO_new_mem_buf((void*)pembublickey, -1); // !!!</div>
<div><br>
</div>
<div>if (!keybio)</div>
<div>{</div>
<div> return NULL;</div>
<div>}</div>
<div><br>
</div>
<div>if (isPKCS1 == false)</div>
<div>{</div>
<div> rsa = PEM_read_bio_RSA_PUBKEY(keybio, NULL, NULL, NULL);</div>
<div>}</div>
<div>else</div>
<div>{</div>
<div> rsa = PEM_read_bio_RSAPublicKey(keybio, NULL, NULL, NULL);</div>
}</div>
<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">
--------------------------------------------------------------------------------------------------------------------------------------------------</div>
<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">
</div>
<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">
Now my problem is to create EVP_PKEY to use it as input parameter to <span style="font-family:"Segoe UI", "Segoe UI Web (West European)", "Segoe UI", -apple-system, BlinkMacSystemFont, Roboto, "Helvetica Neue", sans-serif;font-size:14.6667px;background-color:rgb(255, 255, 255);display:inline !important">EVP_PKEY_CTX_new</span> for
different kind of</div>
<div style=""><font color="#000000" face="Calibri, Arial, Helvetica, sans-serif"><span style="font-size: 12pt;"> pem public key I need two different APIs
</span>equivalent<span style="font-size: 12pt;"> to </span></font><span style="color: rgb(0, 0, 0); font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt;">PEM_read_bio_RSA_PUBKEY and PEM_read_bio_RSAPublicKey.</span></div>
<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">
<span style="background-color:rgb(255, 255, 255);display:inline !important"></span></div>
<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">
<span style="background-color:rgb(255, 255, 255);display:inline !important"><span style="background-color:rgb(255, 255, 255);display:inline !important"><br>
</span></span></div>
<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">
<span style="background-color:rgb(255, 255, 255);display:inline !important"><span style="background-color:rgb(255, 255, 255);display:inline !important"> From the Manual page, I found the replacement for "PEM_read_bio_RSA_PUBKEY" as "PEM_read_bio_PUBKEY" to
get EVP_PKEY</span></span></div>
<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">
</div>
<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">
But I am unable to find replacement for <span style="background-color:rgb(255, 255, 255);display:inline !important">PEM_read_bio_RSAPublicKey to get EVP_PKEY from 2nd type of pem public key.</span></div>
<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">
<span style="background-color:rgb(255, 255, 255);display:inline !important"><br>
</span></div>
<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">
<span style="background-color:rgb(255, 255, 255);display:inline !important"> Please let me know what to use instead of <span style="background-color:rgb(255, 255, 255);display:inline !important">PEM_read_bio_RSAPublicKey.</span></span></div>
<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">
<span style="background-color:rgb(255, 255, 255);display:inline !important"><span style="background-color:rgb(255, 255, 255);display:inline !important"><br>
</span></span></div>
<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">
<span style="background-color:rgb(255, 255, 255);display:inline !important"><span style="background-color:rgb(255, 255, 255);display:inline !important">-------------------------------------------------------------------------------------------------------------------------------------------------------------</span></span></div>
<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">
NEW CODE:</div>
<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">
<br>
</div>
<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">
EVP_PKEY *evpkey = NULL;
<div>BIO *keybio ;</div>
<div>keybio = BIO_new_mem_buf((void*)key, -1); </div>
<div><br>
</div>
<div>if (!keybio)</div>
<div>{</div>
<div> return NULL;</div>
<div>}</div>
<div><br>
</div>
<div>if ( isPKCS1 == false )</div>
<div>{</div>
<div> evpkey = PEM_read_bio_PUBKEY(keybio, NULL, NULL, NULL);</div>
<div>}</div>
<div>else</div>
<div>{</div>
<div> <b><span style="color: rgb(200, 38, 19);"> // PROBLEM: what is the alternate API to replace </span><span style="background-color: rgb(255, 255, 255); display: inline !important; color: rgb(200, 38, 19);">PEM_read_bio_RSAPublicKey</span></b><span style="background-color:rgb(255, 255, 255);display:inline !important"> </span></div>
<div> </div>
}<br>
</div>
<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">
-------------------------------------------------------------------------------------------------------------------------------------------------------------------------</div>
<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">
<br>
</div>
<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">
<br>
</div>
<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">
<br>
</div>
<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">
Thanks and Regards,</div>
<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">
<span style="font-family:"Segoe UI", "Segoe UI Web (West European)", "Segoe UI", -apple-system, BlinkMacSystemFont, Roboto, "Helvetica Neue", sans-serif;font-size:14.6667px;background-color:rgb(255, 255, 255);display:inline !important">Sunil</span></div>
<div id="appendonsend"></div>
<div style="font-family:Calibri,Arial,Helvetica,sans-serif; font-size:12pt; color:rgb(0,0,0)">
<br>
</div>
<hr tabindex="-1" style="display:inline-block; width:98%">
<div id="divRplyFwdMsg" dir="ltr"><font face="Calibri, sans-serif" color="#000000" style="font-size:11pt"><b>From:</b> openssl-users <openssl-users-bounces@openssl.org> on behalf of openssl-users-request@openssl.org <openssl-users-request@openssl.org><br>
<b>Sent:</b> 12 April 2021 22:12<br>
<b>To:</b> openssl-users@openssl.org <openssl-users@openssl.org><br>
<b>Subject:</b> openssl-users Digest, Vol 77, Issue 20</font>
<div> </div>
</div>
<div class="BodyFragment"><font size="2"><span style="font-size:11pt">
<div class="PlainText">NOTICE: This email was received from an EXTERNAL sender.<br>
<br>
<br>
Send openssl-users mailing list submissions to<br>
openssl-users@openssl.org<br>
<br>
To subscribe or unsubscribe via the World Wide Web, visit<br>
<a href="https://clicktime.symantec.com/37QJxo4UvenQwPJPNZ1QT2K6H2?u=https%3A%2F%2Fmta.openssl.org%2Fmailman%2Flistinfo%2Fopenssl-users">
https://clicktime.symantec.com/37QJxo4UvenQwPJPNZ1QT2K6H2?u=https%3A%2F%2Fmta.openssl.org%2Fmailman%2Flistinfo%2Fopenssl-users</a><br>
or, via email, send a message with subject or body 'help' to<br>
openssl-users-request@openssl.org<br>
<br>
You can reach the person managing the list at<br>
openssl-users-owner@openssl.org<br>
<br>
When replying, please edit your Subject line so it is more specific<br>
than "Re: Contents of openssl-users digest..."<br>
<br>
<br>
Today's Topics:<br>
<br>
1. Re: EVP_MAC_init() in 3.0 alpha 13 (Hal Murray)<br>
2. Re: EVP_MAC_init() in 3.0 alpha 13 (Tomas Mraz)<br>
3. Re: error: redefinition of ?struct rsa_meth_st? (Shariful Alam)<br>
4. Re: PEM_read_bio_RSAPublicKey equivalent API which returns<br>
EVP_PKEY (Richard Levitte)<br>
5. Re: error: redefinition of ?struct rsa_meth_st? (Matt Caswell)<br>
<br>
<br>
----------------------------------------------------------------------<br>
<br>
Message: 1<br>
Date: Mon, 12 Apr 2021 05:48:57 -0700<br>
From: Hal Murray <hmurray@megapathdsl.net><br>
To: Dr Paul Dale <pauli@openssl.org><br>
Cc: openssl-users@openssl.org<br>
Subject: Re: EVP_MAC_init() in 3.0 alpha 13<br>
Message-ID:<br>
<20210412124857.623AB40605C@ip-64-139-1-69.sjc.megapath.net><br>
Content-Type: text/plain; charset=us-ascii<br>
<br>
<br>
> Did you attempt to pass NULL for the key and zero for it's length to the<br>
> EVP_MAC_init() call?<br>
<br>
Yes.<br>
<br>
We can do better. If we have to use dup/free, we can move the EVP_MAC_init()<br>
to before the dup, out of the timing path.<br>
<br>
My model is that initialization is 2 parts. The first is turning the key into<br>
a big table. The second is initializing a small amount of state that is<br>
whatever is needed/updated by EVP_MAC_update().<br>
<br>
I was hoping that EVP_MAC_init() with NULL key would bypass the first step and<br>
do the second.<br>
<br>
If the second step involves a lot of computation we get into the space/time<br>
tradeoff of computing it during step one and saving it in case EVP_MAC_init is<br>
called with NULL key.<br>
<br>
If there was a copy operation we could use it instead of dup/free.<br>
<br>
Where is the code that does the key setup? I expect it will be obvious after<br>
I see it, but I don't know my way around that linkage yet. I'm using the<br>
default AES-128-CBC.<br>
<br>
---------<br>
<br>
I don't think I've said it explicitly, but thanks for the change to the API<br>
for EVP_MAC_init()<br>
<br>
----------<br>
<br>
Should PKEY be a potentially interesting approach for something like this? I<br>
think it was suggested months ago. One advantage is that the code works with<br>
1.1.1.<br>
<br>
It's horribly slow in 3.0<br>
<br>
alpha14:<br>
0.777 CMAC<br>
7.533 PKEY<br>
3.323 PKEY preload<br>
0.392 EVP_MAC<br>
0.308 EVP_MAC Preload with dup+free<br>
0.102 EVP_MAC Preload (no dup, wrong answer)<br>
<br>
1.1.1k:<br>
0.285 CMAC<br>
0.550 PKEY<br>
0.196 PKEY preload<br>
<br>
<br>
<br>
--<br>
These are my opinions. I hate spam.<br>
<br>
<br>
<br>
<br>
<br>
------------------------------<br>
<br>
Message: 2<br>
Date: Mon, 12 Apr 2021 15:05:37 +0200<br>
From: Tomas Mraz <tomas@openssl.org><br>
To: Hal Murray <hmurray@megapathdsl.net>, Dr Paul Dale<br>
<pauli@openssl.org><br>
Cc: openssl-users@openssl.org<br>
Subject: Re: EVP_MAC_init() in 3.0 alpha 13<br>
Message-ID:<br>
<348b006ceb83fd4301438cbb0c57b473a4f4ef23.camel@openssl.org><br>
Content-Type: text/plain; charset="UTF-8"<br>
<br>
On Mon, 2021-04-12 at 05:48 -0700, Hal Murray wrote:<br>
> > Did you attempt to pass NULL for the key and zero for it's length<br>
> > to the<br>
> > EVP_MAC_init() call?<br>
><br>
> Yes.<br>
><br>
> We can do better. If we have to use dup/free, we can move the<br>
> EVP_MAC_init()<br>
> to before the dup, out of the timing path.<br>
><br>
> My model is that initialization is 2 parts. The first is turning the<br>
> key into<br>
> a big table. The second is initializing a small amount of state that<br>
> is<br>
> whatever is needed/updated by EVP_MAC_update().<br>
><br>
> I was hoping that EVP_MAC_init() with NULL key would bypass the first<br>
> step and<br>
> do the second.<br>
<br>
We would have to introduce the special semantics similar to<br>
EVP_CipherInit() with EVP_MAC_init(). I.e., that the EVP_CipherInit()<br>
with NULL key keeps the key schedule from the previous initialization.<br>
<br>
> If the second step involves a lot of computation we get into the<br>
> space/time<br>
> tradeoff of computing it during step one and saving it in case<br>
> EVP_MAC_init is<br>
> called with NULL key.<br>
><br>
> If there was a copy operation we could use it instead of dup/free.<br>
<br>
I do not think we want to introduce the copy operation. We are trying<br>
to get out of the copy() pattern as it is much harder to handle<br>
correctly than the dup().<br>
<br>
> Where is the code that does the key setup? I expect it will be<br>
> obvious after<br>
> I see it, but I don't know my way around that linkage yet. I'm using<br>
> the<br>
> default AES-128-CBC.<br>
><br>
> ---------<br>
><br>
> I don't think I've said it explicitly, but thanks for the change to<br>
> the API<br>
> for EVP_MAC_init()<br>
><br>
> ----------<br>
><br>
> Should PKEY be a potentially interesting approach for something like<br>
> this? I<br>
> think it was suggested months ago. One advantage is that the code<br>
> works with<br>
> 1.1.1.<br>
><br>
> It's horribly slow in 3.0<br>
><br>
> alpha14:<br>
> 0.777 CMAC<br>
> 7.533 PKEY<br>
> 3.323 PKEY preload<br>
> 0.392 EVP_MAC<br>
> 0.308 EVP_MAC Preload with dup+free<br>
> 0.102 EVP_MAC Preload (no dup, wrong answer)<br>
><br>
> 1.1.1k:<br>
> 0.285 CMAC<br>
> 0.550 PKEY<br>
> 0.196 PKEY preload<br>
><br>
><br>
><br>
--<br>
Tom?? Mr?z<br>
No matter how far down the wrong road you've gone, turn back.<br>
Turkish proverb<br>
[You'll know whether the road is wrong if you carefully listen to your<br>
conscience.]<br>
<br>
<br>
<br>
<br>
------------------------------<br>
<br>
Message: 3<br>
Date: Mon, 12 Apr 2021 10:32:32 -0600<br>
From: Shariful Alam <dipto181@gmail.com><br>
To: Dr Paul Dale <pauli@openssl.org><br>
Cc: openssl-users@openssl.org<br>
Subject: Re: error: redefinition of ?struct rsa_meth_st?<br>
Message-ID:<br>
<CAA0KgGo3P96yHk8JZGT=c1oxqqHiqkntDPF406VFqecdj_HdEg@mail.gmail.com><br>
Content-Type: text/plain; charset="utf-8"<br>
<br>
Dr. Pauli,<br>
Goodmorning. Thank you for replying. I found the documentation a bit<br>
difficult for me to understand. I was wondering if you can direct me to a<br>
sample skeleton code for creating a custom RSA engine.<br>
<br>
Regards,<br>
Shariful Alam<br>
<br>
On Sun, Apr 11, 2021 at 6:00 PM Dr Paul Dale <pauli@openssl.org> wrote:<br>
<br>
> You shouldn't be accessing the internal of a private structure. That<br>
> structure was made private for a reason and duplicating it in your engine<br>
> will break when we change the structure's contents.<br>
><br>
> Your engine should be using the EVP_PKEY_meth_set_* function to do what<br>
> you want (for 1.1.1). For 3.0, you should be writing a provider instead.<br>
><br>
><br>
> Pauli<br>
><br>
> On 12/4/21 5:04 am, Shariful Alam wrote:<br>
><br>
> Hello,<br>
> Hope you guys are doing well. I'm trying to develop an RSA engine. My<br>
> engine was somewhat working until I try to integrate my engine with an<br>
> apache httpd server. After installing the httpd from the source code, it<br>
> turns out that, I can't compile my engine anymore. I get the<br>
> following error while I try to compile (it was compiling before and I did<br>
> not make any changes to my engine code).<br>
><br>
> ==============================<br>
><br>
> *$gcc -fPIC -c r_engine.c*<br>
><br>
><br>
><br>
><br>
><br>
><br>
> *r_engine.c:29:8: error: redefinition of ?struct rsa_meth_st? struct<br>
> rsa_meth_st { ^ In file included from<br>
> /usr/include/openssl/crypto.h:131:0, from r_engine.c:7:<br>
> /usr/include/openssl/ossl_typ.h:147:16: note: originally defined here<br>
> typedef struct rsa_meth_st RSA_METHOD;*<br>
><br>
> =============================<br>
><br>
> and my *struct rsa_meth_st *looks like the following,<br>
><br>
><br>
> ================================================================================<br>
><br>
><br>
><br>
><br>
><br>
><br>
><br>
><br>
><br>
><br>
><br>
><br>
><br>
><br>
><br>
><br>
><br>
><br>
><br>
><br>
><br>
><br>
><br>
><br>
><br>
><br>
><br>
><br>
> *struct rsa_meth_st { const char *name; int (*rsa_pub_enc) (int<br>
> flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding);<br>
> int (*rsa_pub_dec) (int flen, const unsigned char *from, unsigned char<br>
> *to, RSA *rsa, int padding); int (*rsa_priv_enc) (int flen, const<br>
> unsigned char *from, unsigned char *to, RSA *rsa, int padding); int<br>
> (*rsa_priv_dec) (int flen, const unsigned char *from, unsigned char *to,<br>
> RSA *rsa, int padding); int (*rsa_mod_exp) (BIGNUM *r0, const BIGNUM<br>
> *I, RSA *rsa, BN_CTX *ctx); int (*bn_mod_exp) (BIGNUM *r, const BIGNUM<br>
> *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);<br>
> int (*init) (RSA *rsa); int (*finish) (RSA *rsa); int flags;<br>
> char *app_data; int (*rsa_sign) (int type, const unsigned char *m,<br>
> unsigned int m_length, unsigned char *sigret, unsigned int *siglen, const<br>
> RSA *rsa); int (*rsa_verify) (int dtype, const unsigned char *m,<br>
> unsigned int m_length, const unsigned char *sigbuf, unsigned int siglen,<br>
> const RSA *rsa); int (*rsa_keygen) (RSA *rsa, int bits, BIGNUM *e,<br>
> BN_GENCB *cb); }; *<br>
><br>
><br>
> =================================================================================<br>
><br>
> My sample skeleton code is here <a href="https://clicktime.symantec.com/33X17gA39DAZvzaTx4AG8ej6H2?u=https%3A%2F%2Fpastebin.com%2FuNXYknEA">
https://clicktime.symantec.com/33X17gA39DAZvzaTx4AG8ej6H2?u=https%3A%2F%2Fpastebin.com%2FuNXYknEA</a><br>
><br>
> Can anyone please tell me what I'm I doing wrong?<br>
><br>
> Regards,<br>
> Shariful Alam<br>
><br>
><br>
><br>
-------------- next part --------------<br>
An HTML attachment was scrubbed...<br>
URL: <<a href="https://clicktime.symantec.com/3swRYpsU9KK78WoSiSrAfr6H2?u=https%3A%2F%2Fmta.openssl.org%2Fpipermail%2Fopenssl-users%2Fattachments%2F20210412%2F3eab5997%2Fattachment-0001.html">https://clicktime.symantec.com/3swRYpsU9KK78WoSiSrAfr6H2?u=https%3A%2F%2Fmta.openssl.org%2Fpipermail%2Fopenssl-users%2Fattachments%2F20210412%2F3eab5997%2Fattachment-0001.html</a>><br>
<br>
------------------------------<br>
<br>
Message: 4<br>
Date: Mon, 12 Apr 2021 18:34:51 +0200<br>
From: Richard Levitte <levitte@openssl.org><br>
To: "openssl-users@openssl.org" <openssl-users@openssl.org><br>
Subject: Re: PEM_read_bio_RSAPublicKey equivalent API which returns<br>
EVP_PKEY<br>
Message-ID: <87h7kba2c4.wl-levitte@openssl.org><br>
Content-Type: text/plain; charset=US-ASCII<br>
<br>
On Mon, 12 Apr 2021 06:24:32 +0200,<br>
Paramashivaiah, Sunil wrote:<br>
><br>
> But, I couldn't find equivallent API to replace "PEM_read_bio_RSAPublicKey" to get EVP_PKEY for<br>
> creating EVP ctx(EVP_PKEY_CTX_new) to use in "EVP_PKEY_encrypt" and "EVP_PKEY_decrypt".<br>
<br>
I believe that one of these functions would help you:<br>
<br>
EVP_PKEY_CTX *EVP_PKEY_CTX_new(EVP_PKEY *pkey, ENGINE *e);<br>
<br>
EVP_PKEY_CTX *EVP_PKEY_CTX_new_from_pkey(OSSL_LIB_CTX *libctx,<br>
EVP_PKEY *pkey, const char *propquery);<br>
<br>
Cheers,<br>
Richard<br>
<br>
--<br>
Richard Levitte levitte@openssl.org<br>
OpenSSL Project <a href="https://clicktime.symantec.com/3Mg1WCF9H66r4CYkJ5HJcfU6H2?u=http%3A%2F%2Fwww.openssl.org%2F~levitte%2F">
https://clicktime.symantec.com/3Mg1WCF9H66r4CYkJ5HJcfU6H2?u=http%3A%2F%2Fwww.openssl.org%2F~levitte%2F</a><br>
<br>
<br>
------------------------------<br>
<br>
Message: 5<br>
Date: Mon, 12 Apr 2021 17:42:20 +0100<br>
From: Matt Caswell <matt@openssl.org><br>
To: openssl-users@openssl.org<br>
Subject: Re: error: redefinition of ?struct rsa_meth_st?<br>
Message-ID: <f1a6c492-58f3-b35e-4f8b-186df020e080@openssl.org><br>
Content-Type: text/plain; charset=utf-8; format=flowed<br>
<br>
You can look at the dummy async engine which wraps the standard RSA<br>
functions inside an engine (as well as various other crypto primitives).<br>
You can see it here:<br>
<br>
<a href="https://clicktime.symantec.com/36mWBLRZPoyFNTFYDsD2yZ26H2?u=https%3A%2F%2Fgithub.com%2Fopenssl%2Fopenssl%2Fblob%2FOpenSSL_1_1_1-stable%2Fengines%2Fe_dasync.c">https://clicktime.symantec.com/36mWBLRZPoyFNTFYDsD2yZ26H2?u=https%3A%2F%2Fgithub.com%2Fopenssl%2Fopenssl%2Fblob%2FOpenSSL_1_1_1-stable%2Fengines%2Fe_dasync.c</a><br>
<br>
Matt<br>
<br>
On 12/04/2021 17:32, Shariful Alam wrote:<br>
> Dr. Pauli,<br>
> Goodmorning. Thank you for replying. I found the documentation a bit<br>
> difficult for me to understand. I was wondering if you can direct me to<br>
> a sample skeleton code for creating a custom RSA engine.<br>
><br>
> Regards,<br>
> Shariful Alam<br>
><br>
> On Sun, Apr 11, 2021 at 6:00 PM Dr Paul Dale <pauli@openssl.org<br>
> <<a href="mailto:pauli@openssl.org">mailto:pauli@openssl.org</a>>> wrote:<br>
><br>
> You shouldn't be accessing the internal of a private structure. That<br>
> structure was made private for a reason and duplicating it in your<br>
> engine will break when we change the structure's contents.<br>
><br>
> Your engine should be using the EVP_PKEY_meth_set_* function to do<br>
> what you want (for 1.1.1).? For 3.0, you should be writing a<br>
> provider instead.<br>
><br>
><br>
> Pauli<br>
><br>
> On 12/4/21 5:04 am, Shariful Alam wrote:<br>
>> Hello,<br>
>> Hope you guys are doing well. I'm trying to develop an RSA engine.<br>
>> My engine was somewhat working until?I try to integrate my engine<br>
>> with an apache httpd server. After installing the httpd from the<br>
>> source code, it turns out that, I can't compile my engine anymore.<br>
>> I get the following?error while I try to compile (it was compiling<br>
>> before and I did not make any changes to my engine code).<br>
>><br>
>> ==============================<br>
>><br>
>> *$gcc -fPIC -c r_engine.c*<br>
>> *r_engine.c:29:8: error: redefinition of ?struct rsa_meth_st?<br>
>> ?struct rsa_meth_st {<br>
>> ? ? ? ? ^<br>
>> In file included from /usr/include/openssl/crypto.h:131:0,<br>
>> ? ? ? ? ? ? ? ? ?from r_engine.c:7:<br>
>> /usr/include/openssl/ossl_typ.h:147:16: note: originally defined here<br>
>> ?typedef struct rsa_meth_st RSA_METHOD;*<br>
>><br>
>> =============================<br>
>><br>
>> and my *struct rsa_meth_st *looks like the following,<br>
>><br>
>> ================================================================================<br>
>><br>
>> *struct rsa_meth_st {<br>
>><br>
>> ? ? const char *name;<br>
>> ? ? int (*rsa_pub_enc) (int flen, const unsigned char *from,<br>
>> unsigned char *to, RSA *rsa, int padding);<br>
>> ? ? int (*rsa_pub_dec) (int flen, const unsigned char *from,<br>
>> unsigned char *to, RSA *rsa, int padding);<br>
>> ? ? int (*rsa_priv_enc) (int flen, const unsigned char *from,<br>
>> unsigned char *to, RSA *rsa, int padding);<br>
>> ? ? int (*rsa_priv_dec) (int flen, const unsigned char *from,<br>
>> unsigned char *to, RSA *rsa, int padding);<br>
>><br>
>> ? ? int (*rsa_mod_exp) (BIGNUM *r0, const BIGNUM *I, RSA *rsa,<br>
>> BN_CTX *ctx);<br>
>><br>
>> ? ? int (*bn_mod_exp) (BIGNUM *r, const BIGNUM *a, const BIGNUM<br>
>> *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);<br>
>><br>
>> ? ? int (*init) (RSA *rsa);<br>
>><br>
>> ? ? int (*finish) (RSA *rsa);<br>
>><br>
>> ? ? int flags;<br>
>><br>
>> ? ? char *app_data;<br>
>><br>
>> ? ? int (*rsa_sign) (int type, const unsigned char *m, unsigned<br>
>> int m_length, unsigned char *sigret, unsigned int *siglen, const<br>
>> RSA *rsa);<br>
>><br>
>> ? ? int (*rsa_verify) (int dtype, const unsigned char *m, unsigned<br>
>> int m_length, const unsigned char *sigbuf, unsigned int siglen,<br>
>> const RSA *rsa);<br>
>><br>
>> ? ? int (*rsa_keygen) (RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb);<br>
>><br>
>> };<br>
>> *<br>
>><br>
>> =================================================================================<br>
>><br>
>> My sample skeleton code is here <a href="https://clicktime.symantec.com/33X17gA39DAZvzaTx4AG8ej6H2?u=https%3A%2F%2Fpastebin.com%2FuNXYknEA">
https://clicktime.symantec.com/33X17gA39DAZvzaTx4AG8ej6H2?u=https%3A%2F%2Fpastebin.com%2FuNXYknEA</a><br>
>> <<a href="https://clicktime.symantec.com/33X17gA39DAZvzaTx4AG8ej6H2?u=https%3A%2F%2Fpastebin.com%2FuNXYknEA">https://clicktime.symantec.com/33X17gA39DAZvzaTx4AG8ej6H2?u=https%3A%2F%2Fpastebin.com%2FuNXYknEA</a>><br>
>><br>
>> Can anyone please tell me what I'm I doing wrong?<br>
>><br>
>> Regards,<br>
>> Shariful Alam<br>
><br>
<br>
<br>
------------------------------<br>
<br>
Subject: Digest Footer<br>
<br>
_______________________________________________<br>
openssl-users mailing list<br>
openssl-users@openssl.org<br>
<a href="https://clicktime.symantec.com/37QJxo4UvenQwPJPNZ1QT2K6H2?u=https%3A%2F%2Fmta.openssl.org%2Fmailman%2Flistinfo%2Fopenssl-users">https://clicktime.symantec.com/37QJxo4UvenQwPJPNZ1QT2K6H2?u=https%3A%2F%2Fmta.openssl.org%2Fmailman%2Flistinfo%2Fopenssl-users</a><br>
<br>
<br>
------------------------------<br>
<br>
End of openssl-users Digest, Vol 77, Issue 20<br>
*********************************************<br>
</div>
</span></font></div>
<br clear="both">
Notice: This e-mail together with any attachments may contain information of Ribbon Communications Inc. and its Affiliates that is confidential and/or proprietary for the sole use of the intended recipient. Any review, disclosure, reliance or distribution by others or forwarding without express permission is strictly prohibited. If you are not the intended recipient, please notify the sender immediately and then delete all copies, including any attachments.<BR>
</body>
</html>