On Fri, Jul 24, 2020 at 11:01:41PM +1000, Darren Tucker wrote: > On Fri, 24 Jul 2020 at 22:46, The Doctor <doctor@xxxxxxxxxxxxxxxxx> wrote: > > Anyone trying openssl 3 against openssh? > > I used to test OpenSSH head against OpenSSL head but it was broken > enough that I didn't have time to keep up and I ended up giving up. > Here's what I found as of a few months ago in case it provides any > clues, I have not attempted since then: > > Several months ago a commit to OpenSSL head broke OpenSSH Portable's > AES-GCM ciphers. I didn't have time to look at this for a while, and > by the time I did there were at least 2 other unrelated breakages that > muddied the waters sufficiently that I never got to the bottom of it. > > I tried retesting at the hackathon and didn't get the results I > expected: now the GCM ones worked and the NON-GCM ones didn't > > After some clues from tb and a lot of time bisecting I have identified > commits #1 and #3 below as the likely culprits. I don't know if they > or we are doing the wrong thing. Can anyone tell me? > > Thanks. > > Setup to reproduce these tests at the bottom. > > Commit #1: This broke OpenSSH AES GCM ciphers: > a672a02a6443a29aa368c0d8abeebc809c1a9f28 is the first bad commit > commit a672a02a6443a29aa368c0d8abeebc809c1a9f28 > Author: Shane Lontis <shane.lontis@xxxxxxxxxx> > Date: Wed Jul 31 21:55:16 2019 +1000 > > Add gcm ciphers (aes and aria) to providers. > > The code has been modularized so that it can be shared by algorithms. > > A fixed size IV is now used instead of being allocated. > The IV is not set into the low level struct now until the update (it uses an > iv_state for this purpose). > > Hardware specific methods have been added to a PROV_GCM_HW object. > > The S390 code has been changed to just contain methods that can be > accessed in > a modular way. There are equivalent generic methods also for the other > platforms. > > Reviewed-by: Matt Caswell <matt@xxxxxxxxxxx> > Reviewed-by: Patrick Steuer <patrick.steuer@xxxxxxxxxx> > (Merged from https://github.com/openssl/openssl/pull/9231) > > result: > $ sh ../run.sh > run test dhgex.sh ... > dhgex bits 3072 diffie-hellman-group-exchange-sha1 3des-cbc > dhgex bits 3072 diffie-hellman-group-exchange-sha256 3des-cbc > dhgex bits 3072 diffie-hellman-group-exchange-sha1 aes128-gcm@xxxxxxxxxxx > ssh failed () > dhgex bits 3072 diffie-hellman-group-exchange-sha256 aes128-gcm@xxxxxxxxxxx > ssh failed () > dhgex bits 8192 diffie-hellman-group-exchange-sha1 aes256-gcm@xxxxxxxxxxx > ssh failed () > dhgex bits 8192 diffie-hellman-group-exchange-sha256 aes256-gcm@xxxxxxxxxxx > ssh failed () > dhgex bits 8192 diffie-hellman-group-exchange-sha1 rijndael-cbc@xxxxxxxxxxxxxx > dhgex bits 8192 diffie-hellman-group-exchange-sha256 rijndael-cbc@xxxxxxxxxxxxxx > dhgex bits 8192 diffie-hellman-group-exchange-sha1 chacha20-poly1305@xxxxxxxxxxx > dhgex bits 8192 diffie-hellman-group-exchange-sha256 > chacha20-poly1305@xxxxxxxxxxx > failed dhgex > > Commit #2: The Red Herring. This broke building without engine. > commit 2f17cc493cfaa5c77a77d4f174dd2403188c41da > Author: Pauli <paul.dale@xxxxxxxxxx> > Date: Thu Sep 5 13:53:20 2019 +1000 > > Unify the digest getting code inside providers. > > Reviewed-by: Richard Levitte <levitte@xxxxxxxxxxx> > (Merged from https://github.com/openssl/openssl/pull/9770) > > Commit #3: This commit broke the non-GCM ciphers. > > commit 089cb623be76b88a1eea6fcd135101037661bbc3 > Author: Shane Lontis <shane.lontis@xxxxxxxxxx> > Date: Tue Oct 8 09:19:10 2019 +1000 > > Move cipher ctx 'original iv' parameter into the provider > > Reviewed-by: Richard Levitte <levitte@xxxxxxxxxxx> > (Merged from https://github.com/openssl/openssl/pull/10026) > > run test dhgex.sh ... > dhgex bits 3072 diffie-hellman-group-exchange-sha1 3des-cbc > ssh failed () > dhgex bits 3072 diffie-hellman-group-exchange-sha256 3des-cbc > ssh failed () > dhgex bits 3072 diffie-hellman-group-exchange-sha1 aes128-gcm@xxxxxxxxxxx > ssh failed () > dhgex bits 3072 diffie-hellman-group-exchange-sha256 aes128-gcm@xxxxxxxxxxx > ssh failed () > dhgex bits 8192 diffie-hellman-group-exchange-sha1 aes256-gcm@xxxxxxxxxxx > ssh failed () > dhgex bits 8192 diffie-hellman-group-exchange-sha256 aes256-gcm@xxxxxxxxxxx > ssh failed () > dhgex bits 8192 diffie-hellman-group-exchange-sha1 rijndael-cbc@xxxxxxxxxxxxxx > ssh failed () > dhgex bits 8192 diffie-hellman-group-exchange-sha256 rijndael-cbc@xxxxxxxxxxxxxx > ssh failed () > dhgex bits 8192 diffie-hellman-group-exchange-sha1 chacha20-poly1305@xxxxxxxxxxx > dhgex bits 8192 diffie-hellman-group-exchange-sha256 > chacha20-poly1305@xxxxxxxxxxx > failed dhgex > > Environment setup on OpenBSD: > git clone https://github.com/openssh/openssh-portable.git openssh > git clone https://github.com/openssl/openssl.git openssl > (cd openssh && AUTOCONF_VERSION=2.69 autoreconf) > cat >run.sh <<EOD > #!/bin/sh > set -e > > rm -rf ~/tmp/openssl-install > LDLIBS=-lc ./config no-threads no-fips no-engine --prefix=~/tmp/openssl-install > make clean > make > make install_sw > > (cd ../openssh && > ./configure --with-ssl-dir=~/tmp/openssl-install --with-rpath=-Wl,-rpath, && > make clean && > make -j4 && > make t-exec LTESTS="dhgex") > EOD > > -- > Darren Tucker (dtucker at dtucker.net) > GPG key 11EAA6FA / A86E 3E07 5B19 5880 E860 37F4 9357 ECEF 11EA A6FA (new) > Good judgement comes with experience. Unfortunately, the experience > usually comes from bad judgement. > _______________________________________________ > openssh-unix-dev mailing list > openssh-unix-dev@xxxxxxxxxxx > https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev Well even simple tests are broken. Hopefully this can be copied to openssl-dev@xxxxxxxxxxx . -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca Yahweh, Queen & country!Never Satan President Republic!Beware AntiChrist rising! https://www.empire.kred/ROOTNK?t=94a1f39b Put more trust in nobility of character than in an oath. -Solon _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
