Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add Crypto patch for EC_GROUP_new_curve_GF2m #65

Merged
merged 1 commit into from Nov 6, 2018
Merged

Add Crypto patch for EC_GROUP_new_curve_GF2m #65

merged 1 commit into from Nov 6, 2018

Conversation

Gsantomaggio
Copy link
Member

@Gsantomaggio Gsantomaggio commented Nov 6, 2018
edited

In openssl 1.0.1e EC_GROUP_new_curve_GF2m function is wrapped by #ifndef OPENSSL_NO_EC2M.
We have to check whether OPENSSL_NO_EC2M is set, and if it is, then we do not have EC_GROUP_new_curve_GF2m function and do not HAVE_EC.

Currently there is this kind of the problem:

Erlang/OTP 21 [erts-10.1.1] [source] [64-bit] [smp:2:2] [ds:2:2:10] [async-threads:1] [hipe]

Eshell V10.1.1  (abort with ^G)
1> l(crypto).
{module,crypto}
2> crypto:generate_key(ecdh, secp112r2).
** exception error: bad argument
     in function  crypto:ec_key_generate/2
        called as crypto:ec_key_generate({{prime_field,<<219,124,42,191,98,227,94,102,128,118,190,173,32,139>>},{<<97,39,194,76,5,243,138,10,170,246,92,14,240,44>>,
                             <<81,222,241,129,93,181,237,116,252,195,76,133,215,9>>,
                    <<0,39,87,161,17,77,105,110,103,104,117,97,81,117,83,22,192,94,11,212>>},<<4,75,163,10,181,232,146,180,225,100,157,208,146,134,67,173,205,70,245,136,46,55,71,222,243,...>>,
                            <<54,223,10,175,216,184,215,89,124,161,5,32,208,75>>,<<4>>},
                                         undefined)
3>

I remember that we met this problem before.

With this patch the result will be:

Eshell V10.1.1  (abort with ^G)
1>  crypto:generate_key(ecdh, secp112r2).
notsup
2>

Notes:
1 - Copied from https://build.opensuse.org/package/view_file/devel:languages:erlang:Factory/erlang/crypto.patch?expand=1&rev=92106653f72b30973f28170277fa4b0e
2 - also in the last release
3- Even if there is a way, to enable Enable Elliptical Curve Diffie-Hellman (ECDHE) in Linux, I think that it shouldn't be done :)

@Gsantomaggio
In openssl 1.0.1e EC_GROUP_new_curve_GF2m function is wrapped by #ifn…
a4ca83d 
…def .

We have to check whether OPENSSL_NO_EC2M is set, and if it is,
then we do not have EC_GROUP_new_curve_GF2m  function and do not HAVE_EC.
@michaelklishin michaelklishin merged commit 55be051 into master Nov 6, 2018
@michaelklishin
Copy link
Member

Thank you!

@michaelklishin michaelklishin deleted the erlang-rpm_crypto_patch branch November 6, 2018 17:31
@michaelklishin
Copy link
Member

Should we backport this to the 20.x and 19.x branches?

@Gsantomaggio
Copy link
Member Author

Yes, but I think that we have to check the diff file https://github.com/rabbitmq/erlang-rpm/blob/master/otp-0008-crypto.patch

Will check/try and will prepare another PR for 20.x and 19.x branches

Gsantomaggio added a commit that referenced this pull request Nov 7, 2018
@Gsantomaggio
Porting #65 for erlang 19.x
4318d50
@Gsantomaggio Gsantomaggio mentioned this pull request Nov 7, 2018
Merged
michaelklishin added a commit that referenced this pull request Nov 7, 2018
@michaelklishin
Merge pull request #66 from rabbitmq/erlang-rpm_crypto_patch_19_x
73d94c9 
Porting #65 for erlang 19.x
Gsantomaggio added a commit that referenced this pull request Nov 7, 2018
@Gsantomaggio
Porting #65 for erlang 20.3.x
86fe758
@Gsantomaggio Gsantomaggio mentioned this pull request Nov 7, 2018
Merged
michaelklishin added a commit that referenced this pull request Nov 7, 2018
@michaelklishin
Merge pull request #67 from rabbitmq/erlang-rpm_crypto_patch_20.3_x
15c2282 
Porting #65 for erlang 20.3.x
@Gsantomaggio
Copy link
Member Author

Do you want also update the https://github.com/rabbitmq/erlang-rpm/tree/erlang-20.1.x branch?
The patch for 20.3 should be compatible.

@michaelklishin
Copy link
Member

Nope, we only maintain the most recent minor for 20.x.

@michaelklishin michaelklishin mentioned this pull request Dec 29, 2018
Closed
Gsantomaggio pushed a commit that referenced this pull request Dec 29, 2018
Remove the Crypto patch
5c3766f 
Fixes #68
The crypto patch added #65 causes some
side effects.
@Gsantomaggio Gsantomaggio mentioned this pull request Dec 29, 2018
Merged
michaelklishin added a commit that referenced this pull request Dec 29, 2018
@michaelklishin
Revert "Porting #65 for erlang 19.x"
b2559b2
michaelklishin added a commit that referenced this pull request Dec 29, 2018
@michaelklishin
Merge pull request #70 from rabbitmq/revert-66-erlang-rpm_crypto_patc…
abe351c 
…h_19_x

Revert "Porting #65 for erlang 19.x"
michaelklishin added a commit that referenced this pull request Dec 29, 2018
@michaelklishin
Revert "Porting #65 for erlang 20.3.x"
1a6e69c
michaelklishin added a commit that referenced this pull request Dec 29, 2018
@michaelklishin
Merge pull request #71 from rabbitmq/revert-67-erlang-rpm_crypto_patc…
8bfadeb 
…h_20.3_x

Revert "Porting #65 for erlang 20.3.x"
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@michaelklishin michaelklishin michaelklishin approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@Gsantomaggio @michaelklishin