search for: evp_encryptinit

...use of the PKCS11 > engine; something like the following works for bulk ciphers (the process for RSA is similar): > > ENGINE *e; > ENGINE_load_builtin_engines(); > e = ENGINE_by_id("pkcs11"); > ENGINE_set_default_ciphers(e); > EVP_CIPHER_CTX_init (&ctx); > EVP_EncryptInit (&ctx, EVP_des_cbc (), key, iv); > EVP_EncryptUpdate (.....); Since I'm not familiar with SSL programming, I wonder if it's possible to modify the dovecot 1.2.x source code. Maybe someone has already tried this or can give me hint. Regards. Martin -------------- next part ---------...

...there is no difference between decryption and encryption but the EVP API requires this argument. For consistency, I would be for using 1 in all the cases. If you have some wip branch you used for porting to openbsd or something I can test, I guess I can try that. [1] https://man.openbsd.org/man3/EVP_EncryptInit.3 [2] https://www.openssl.org/docs/man1.1.1/man3/EVP_chacha20_poly1305.html Regards, -- Jakub Jelen Senior Software Engineer Security Technologies Red Hat, Inc.

...xargs grep -l EVP_CIPH_CBC_MODE $ find openssl-0.9.6c/ -type f | xargs grep -l EVP_CIPH_CBC_MODE openssl-0.9.6c/crypto/evp/e_rc2.c openssl-0.9.6c/crypto/evp/evp_enc.c openssl-0.9.6c/crypto/evp/evp.h openssl-0.9.6c/crypto/evp/evp_locl.h openssl-0.9.6c/crypto/evp/e_xcbc_d.c openssl-0.9.6c/doc/crypto/EVP_EncryptInit.pod ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.

On some cpu's optimized chacha implementation in openssl (1.1.0+) is notably faster (and on others it is just faster) than generic C implementation in openssh. Sadly, openssl's chacha20-poly1305 (EVP_chacha20_poly1305) uses different scheme (with padding/etc - see rfc8439) and it looks it is not possible to use in openssh. OpenSSL 1.1.1+ also exports "raw" poly1305 primitive,

...eference to `EVP_PKEY_size' /usr/local/ssl/lib/libssl.so: undefined reference to `EVP_add_digest' /usr/local/ssl/lib/libssl.so: undefined reference to `HMAC_cleanup' /usr/local/ssl/lib/libssl.so: undefined reference to `BIO_push' /usr/local/ssl/lib/libssl.so: undefined reference to `EVP_EncryptInit' /usr/local/ssl/lib/libssl.so: undefined reference to `X509_get_issuer_name' /usr/local/ssl/lib/libssl.so: undefined reference to `ASN1_put_object' /usr/local/ssl/lib/libssl.so: undefined reference to `X509_get_ext_count' /usr/local/ssl/lib/libssl.so: undefined reference to `EVP_ide...