openssl: genpkey not working properly with (external) provider signature algorithm

This issue pertains to master and can be reproduced (using oqsprovider) running the following:

LD_LIBRARY_PATH=.local/lib .local/bin/openssl genpkey -provider-path _build/oqsprov  -provider oqsprovider -algorithm dilithium2

never returns but has the CPU spinning at 100%.

With parameters arranged differently, an equally unexpected error is reported:

>LD_LIBRARY_PATH=.local/lib .local/bin/openssl genpkey -algorithm dilithium2 -provider-path _build/oqsprov  -provider oqsprovider -algorithm dilithium2 
Error initializing dilithium2 context
C091DB79F37F0000:error:0308010C:digital envelope routines:inner_evp_generic_fetch:unsupported:crypto/evp/evp_fetch.c:331:Global default library context, Algorithm (dilithium2 : 0), Properties (<null>)

About this issue

  • Original URL
  • State: closed
  • Created 3 years ago
  • Comments: 28 (28 by maintainers)

Most upvoted comments

@baentsch I think I’ve fixed the issues in #14135, please take a look if you can.

+2
richsalz on Feb 8, 2021

I would be willing to do the “hold algorithm until providers are loaded” work if you think it’s necessary for 3.0

+2
richsalz on Feb 4, 2021

I can recreate this. Investigating…

+2
mattcaswell on Feb 4, 2021

@romen your comment is important; can you open it as a separate issue for the project to look at?

+1
richsalz on Feb 9, 2021
Read more comments on GitHub
← openssl: Generated X.509 certs should be RFC 5280 compliant by default
openssl: Handshake fails with 3.0.2 & 1.1.1n, but succeeds with 1.1.1 →