On Sat, May 08, 2021 at 01:50:24PM -0000, Stuart Henderson wrote:
> On 2021-05-08, Theodore Wynnychenko <[email protected]> wrote:
> >
> > Hello again:
> >
> > I am re-posting this message with additional information..
> > While I have no expectation that there will be any reply, I am hopeful there
> > may be.
>
> Confirmed, and it also fails with OpenSSL 1.0.2u, but succeeds with
> 1.1.1k. I think perhaps this is just something that has been added
> to newer OpenSSL but not added to LibreSSL yet.
Hi,
I had investigated this and found some missing bits.
I believe this diff would solve your issue.
Can you check this if your problem has gone ?
Index: obj_xref.txt
===================================================================
RCS file: /cvs/src/lib/libcrypto/objects/obj_xref.txt,v
retrieving revision 1.2
diff -u -p -u -p -r1.2 obj_xref.txt
--- obj_xref.txt 9 Nov 2014 19:17:13 -0000 1.2
+++ obj_xref.txt 8 May 2021 13:26:38 -0000
@@ -46,3 +46,16 @@ id_GostR3411_94_with_GostR3410_94_cc id_
id_GostR3411_94_with_GostR3410_2001_cc id_GostR3411_94 id_GostR3410_2001_cc
id_tc26_signwithdigest_gost3410_2012_256 id_tc26_gost3411_2012_256
id_tc26_gost3410_2012_256
id_tc26_signwithdigest_gost3410_2012_512 id_tc26_gost3411_2012_512
id_tc26_gost3410_2012_512
+
+# ECDH KDFs and their corresponding message digests and schemes
+dhSinglePass_stdDH_sha1kdf_scheme sha1 dh_std_kdf
+dhSinglePass_stdDH_sha224kdf_scheme sha224 dh_std_kdf
+dhSinglePass_stdDH_sha256kdf_scheme sha256 dh_std_kdf
+dhSinglePass_stdDH_sha384kdf_scheme sha384 dh_std_kdf
+dhSinglePass_stdDH_sha512kdf_scheme sha512 dh_std_kdf
+
+dhSinglePass_cofactorDH_sha1kdf_scheme sha1 dh_cofactor_kdf
+dhSinglePass_cofactorDH_sha224kdf_scheme sha224 dh_cofactor_kdf
+dhSinglePass_cofactorDH_sha256kdf_scheme sha256 dh_cofactor_kdf
+dhSinglePass_cofactorDH_sha384kdf_scheme sha384 dh_cofactor_kdf
+dhSinglePass_cofactorDH_sha512kdf_scheme sha512 dh_cofactor_kdf
Index: obj_xref.h
===================================================================
RCS file: /cvs/src/lib/libcrypto/objects/obj_xref.h,v
retrieving revision 1.4
diff -u -p -u -p -r1.4 obj_xref.h
--- obj_xref.h 21 Dec 2016 15:49:29 -0000 1.4
+++ obj_xref.h 8 May 2021 13:26:38 -0000
@@ -44,6 +44,16 @@ static const nid_triple sigoid_srt[] =
{NID_rsassaPss, NID_undef, NID_rsaEncryption},
{NID_id_tc26_signwithdigest_gost3410_2012_256,
NID_id_tc26_gost3411_2012_256, NID_id_GostR3410_2001},
{NID_id_tc26_signwithdigest_gost3410_2012_512,
NID_id_tc26_gost3411_2012_512, NID_id_GostR3410_2001},
+ {NID_dhSinglePass_stdDH_sha1kdf_scheme, NID_sha1, NID_dh_std_kdf},
+ {NID_dhSinglePass_stdDH_sha224kdf_scheme, NID_sha224, NID_dh_std_kdf},
+ {NID_dhSinglePass_stdDH_sha256kdf_scheme, NID_sha256, NID_dh_std_kdf},
+ {NID_dhSinglePass_stdDH_sha384kdf_scheme, NID_sha384, NID_dh_std_kdf},
+ {NID_dhSinglePass_stdDH_sha512kdf_scheme, NID_sha512, NID_dh_std_kdf},
+ {NID_dhSinglePass_cofactorDH_sha1kdf_scheme, NID_sha1,
NID_dh_cofactor_kdf},
+ {NID_dhSinglePass_cofactorDH_sha224kdf_scheme, NID_sha224,
NID_dh_cofactor_kdf},
+ {NID_dhSinglePass_cofactorDH_sha256kdf_scheme, NID_sha256,
NID_dh_cofactor_kdf},
+ {NID_dhSinglePass_cofactorDH_sha384kdf_scheme, NID_sha384,
NID_dh_cofactor_kdf},
+ {NID_dhSinglePass_cofactorDH_sha512kdf_scheme, NID_sha512,
NID_dh_cofactor_kdf},
};
static const nid_triple * const sigoid_srt_xref[] =
@@ -61,19 +71,29 @@ static const nid_triple * const sigoid_s
&sigoid_srt[5],
&sigoid_srt[8],
&sigoid_srt[12],
+ &sigoid_srt[32],
+ &sigoid_srt[37],
&sigoid_srt[6],
&sigoid_srt[10],
&sigoid_srt[11],
&sigoid_srt[13],
&sigoid_srt[24],
&sigoid_srt[20],
+ &sigoid_srt[34],
+ &sigoid_srt[39],
&sigoid_srt[14],
&sigoid_srt[21],
+ &sigoid_srt[35],
+ &sigoid_srt[40],
&sigoid_srt[15],
&sigoid_srt[22],
+ &sigoid_srt[36],
+ &sigoid_srt[41],
&sigoid_srt[16],
&sigoid_srt[23],
&sigoid_srt[19],
+ &sigoid_srt[33],
+ &sigoid_srt[38],
&sigoid_srt[25],
&sigoid_srt[26],
&sigoid_srt[27],
