On Wed, 2019-06-26 at 17:42 +0300, Dmitry Kasatkin wrote: > On Tue, Jun 25, 2019 at 5:56 AM Mimi Zohar <zohar@xxxxxxxxxxxxx> wrote: > > > > On Mon, 2019-06-24 at 23:11 +0300, Vitaly Chikunov wrote: > > > Mimi, > > > > > > On Mon, Jun 24, 2019 at 03:47:27PM -0400, Mimi Zohar wrote: > > > > On Mon, 2019-06-24 at 22:23 +0300, Vitaly Chikunov wrote: > > > > > > > > > > > > With and without this change, the sha family is working properly, but > > > > > > > with this patch set, I'm now seeing "sign_hash_v2: signing failed: > > > > > > > (invalid digest)" for gost/streebog. Previously it worked. > > > > > > > > > > If it worked before this is strange. It should not. What patchset > > > > > version it was? > > > > > > > > No, I'm saying that I built both openssl and the gost engine a while > > > > ago. There's been some gost engine updates since then, which are > > > > dependent on a newer version of openssl. So I'll need to rebuild both > > > > openssl and the gost engine in order to re-test. > > > > > > Hm. I don't see a difference in signing code. > > > > > > Only the difference is there was no `log_err("sign_hash_v2: signing > > > failed: (%s)\n", ...)` about singing failure, because, I thought, the > > > caller would report it anyway, because of `return -1`. > > > > Thanks, Vitaly, for all your help. It's now working properly. > > > > Mimi > > > > I tested various generation and verification options and also backward > and forward compatibility. > Everything was fine for me.... Thanks! Did you review the code as well? Can I take this as a Reviewed-by or an Acked? Mimi