TLS connect failure with an engine (OpenSSL 3.0.8)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi

I am using OpenSSL 3.0.8 with an engine .  
We are using an engine for AES GCM encryption/decryption.
While TLS connection, connection is failing during change cipher state.

int tls1_change_cipher_state(SSL *s, int which) {
   if (EVP_CIPHER_get0_provider(c) != NULL
            && !tls_provider_set_tls_params(s, dd, c, m)) {
        /* SSLfatal already called */
        goto err;
    }
}
int tls_provider_set_tls_params(SSL *s, EVP_CIPHER_CTX *ctx,
                                const EVP_CIPHER *ciph,
                                const EVP_MD *md) {
    if (!EVP_CIPHER_CTX_set_params(ctx, params)) {
        SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
        return 0;
    }
}

int EVP_CIPHER_CTX_set_params(EVP_CIPHER_CTX *ctx, const OSSL_PARAM params[])
{
    if (ctx->cipher != NULL && ctx->cipher->set_ctx_params != NULL) {
        ctx->iv_len = -1;
        return ctx->cipher->set_ctx_params(ctx->algctx, params);
    }
    return 0;
}
I think there is some issue here, as ctx->cipher is created from the engine, set_ctx_param is not set in the ctx->cipher.
This check is leading to a drop in the connection.

If we bypass this check , the TLS connection is passing.
Is there something missing here, please let me know how to avoid this issue.

Regards
Manish
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux