Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

update.sh script update #10

Merged
merged 0 commits into from
Aug 13, 2014
Merged

update.sh script update #10

merged 0 commits into from
Aug 13, 2014

Conversation

lumag
Copy link
Contributor

@lumag lumag commented Jul 14, 2014

Copy Camellia and RC5 files (to be enabled in OpenSSL repo, patch at http://pastebin.de/128470).

@lumag
Copy link
Contributor Author

lumag commented Jul 14, 2014

@bob-beck as you have stated, Camellia (and probably RC5) can not be enabled ATM in the main OpenBSD code. Would you accept a patch for libressl-portable making those (and maybe other) algorithms available through enable-something configure options?

@bob-beck
Copy link
Contributor

Right now we're working to solve the Camiella issue, so the time is not
right for that right now.

I noticed the name of your github repo. we got rid of GOST because it was
an engine (and didn't work in
the codebase). We are interested in finding an appropriately licensesd GOST
implementaiton as a regular
cipher (not an OpenSSL Engine) that we could include in libcrypto.

On Mon, Jul 14, 2014 at 1:01 PM, Dmitry Eremin-Solenikov <
notifications@github.com> wrote:

@bob-beck https://github.com/bob-beck as you have stated, Camellia (and
probably RC5) can not be enabled ATM in the main OpenBSD code. Would you
accept a patch for libressl-portable making those (and maybe other)
algorithms available through enable-something configure options?


Reply to this email directly or view it on GitHub
#10 (comment)
.

@lumag
Copy link
Contributor Author

lumag commented Jul 14, 2014

I started looking at converting old GOST engine into the proper part of
LibreSSL, but that might take some time.
In the past I have provided (partial) GOST implementation to the libgcrypt.

There are several problems with GOST:

  1. There are 3 (or 5 if you count in a different way) kinds of algorithms
    all usually named as GOST.
  2. GOST symmetric cipher (as it is used in wild) requires additional level
    between block cipher and block mode code (called key meshing)
    From my point of view, this is the most troublesome part (at least from
    the design POV). Maybe OpenSSL will allow me to handle this better.
    BouncyCastle ended up with 'gost' versions of ECB, CBC, etc.
  3. Most of the development happens behind closed doors of standard
    committee.

Features:

  1. There are two different versions of hash functions (GOST R 34.11-1994
    and new one GOST R 34.11-2012, called Streebog)
  2. There are also two and a half different version of signature schemes
    (and they sometimes differ in endianness of the arguments).
  3. OpenSSL only supported old versions of algorithms (up to -1997)

@lumag lumag changed the title Manpage fix and script update update.sh script update Jul 16, 2014
@busterb busterb merged commit d6a485d into libressl:master Aug 13, 2014
@sergey-safarov sergey-safarov mentioned this pull request Jul 27, 2017
Closed
@mr-V-I-k-t-O-r mr-V-I-k-t-O-r mentioned this pull request Dec 27, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@lumag @bob-beck @busterb