New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Feature openssl #34
Feature openssl #34
Conversation
…eplaces the native HMAC/SHA1 implementation. This commit also fixes some problems with the test apps when OpenSSL support is configured into the library.
… to include --enable-openssl option.
…another int member.
Is OpenSSL (and AES-NI) support only offered with AES-GCM mode? |
No, the legacy AES-CTR mode will utilize AES-NI as well (when the On 10/30/2013 04:11 PM, Kristian Kielhofner wrote:
|
Excellent, thanks for the clarification! |
I checked our code (which uses openssl-based libsrtp) with address-sanitizer from clang, and it reported buffer overrun when calling v128_copy_octet_string() from aes_icm_openssl_context_init(). There are FIXME warnings, are there plans to fix this? |
Which one of the calls to v128_copy_octet_string() is triggering the The 'FIX' comments appear to be stale and should be removed. The On 11/07/2013 07:46 AM, Dmitry Sobinov wrote:
|
The first call. To reproduce, I've just modified Makefile generated by './configure' to use clang with address sanitizer. Then, starting 'make runtest' (or smth like this). Output: ==2726==ERROR: AddressSanitizer: global-buffer-overflow on address 0x00000069a5be at pc 0x47e1cf bp 0x7fffa5ac6b20 sp 0x7fffa5ac6b18 0x00000069a5be is located 34 bytes to the left of global variable 'aes_icm_test_case_0_ciphertext' from 'crypto/cipher/aes_icm_ossl.c' (0x69a5e0) of size 32 |
Thanks for the information, this is helpful. The problem is the legacy counter mode AES self-test uses a single data structure for both the 128-bit and 256-bit self test. The new openssl implementation uses separate data structures for each key size, but the driver code that invokes the self tests is using the wrong data set for the 256 bit key size. This is a bug in the cipher driver code. Sorry, but I don't have any experience with clang. I've installed it and modified the Makefile to use it. It looks like clang doesn't honor the gcc options. Can you provide the details of your Makefile modifications? It would be good if I can recreate the problem using clang to verify the fix before committing. Thanks. |
…AGS for openssl, output enable_openssl status
…her instance was being used for AES-256 when configured for OpenSSL.
add -fPIC to CFLAGS by default, use pkg-config to get LDFLAGS and CFLAGS...
Sorry for late response. I've tested with clang-3.4 from trunk (built manually) and official 3.3 release from http://llvm.org/releases/download.html . The reason for using these builds is that some distributives like Fedora contain clang without sanitizers. Makefile changes:
Then, run
Resulting file will contain warning with description. To get proper call stack with symbols (not just call addresses), get asan symbolize.py from https://llvm.org/svn/llvm-project/compiler-rt/trunk/lib/asan/scripts/asan_symbolize.py and run
Also, crypto/include/sha1.h functions should be fixed not to have 'inline' keyword in their declarations (otherwise linker error). More details here: http://clang.llvm.org/compatibility.html#inline |
Looks like original problem is fixed by your recent commits. However 'make runtest' gives another warning:
|
what's the status of this pull request? is is going to be merged soon? |
We need approval to commit from the other code maintainers. There were some comments from the initial review last May, which I fixed and subsequently submitted a new pull request. If the other maintainers don't object, I can go ahead and do the commit. |
Looks good to me. On Fri, Feb 14, 2014 at 7:44 AM, John Foley notifications@github.comwrote:
|
Thanks. I'll wait another week and commit the code if there are no On 02/18/2014 05:20 PM, tvsriram wrote:
|
Update: as of yesterday this is now included (and supported) in FreeSWITCH: |
Thanks for the update. I saw the email thread on this yesterday. It looks like I goofed on the SDES values in PJSIP. I’ll update these in my PJSIP fork to avoid any further confusion. From: Kristian Kielhofner [mailto:notifications@github.com] Update: as of yesterday this is now included (and supported) in FreeSWITCH: http://jira.freeswitch.org/browse/FS-5937 — |
No problem, those SDES values are a bit wonky. Thanks again for all of your help on this! |
The feature-openssl branch is now feature complete. Support for AES-NI through libcrypto.so is now provided. Support for AES-GCM mode is provided. These features are enabled using the --enable-openssl configuration option. Omitting this option results in the legacy ciphers being compiled into libsrtp with no link dependency on libcrypto.so.