FS#29118 - [openssl] can not load padlock engine on x86_64
Attached to Project:
Arch Linux
Opened by Andreas (poison) - Monday, 26 March 2012, 10:10 GMT
Last edited by Andrea Scarpino (BaSh) - Monday, 15 October 2012, 10:12 GMT
Opened by Andreas (poison) - Monday, 26 March 2012, 10:10 GMT
Last edited by Andrea Scarpino (BaSh) - Monday, 15 October 2012, 10:12 GMT
|
Details
Description:
openssl on x86_64 refuses to load the padlock engine (or any engine at all I believe): # openssl speed -evp aes-256-cbc -engine padlock invalid engine "padlock" 139898868168360:error:260B606D:engine routines:DYNAMIC_LOAD:init failed:eng_dyn.c:521: 139898868168360:error:2606A074:engine routines:ENGINE_by_id:no such engine:eng_list.c:417:id=padlock 139898868168360:error:25066067:DSO support routines:DLFCN_LOAD:could not load the shared library:dso_dlfcn.c:187:filename(libpadlock.so): libpadlock.so: cannot open shared object file: No such file or directory 139898868168360:error:25070067:DSO support routines:DSO_load:could not load the shared library:dso_lib.c:244: 139898868168360:error:260B6084:engine routines:DYNAMIC_LOAD:dso not found:eng_dyn.c:450: Doing aes-256-cbc for 3s on 16 size blocks: 6312426 aes-256-cbc's in 2.96s Doing aes-256-cbc for 3s on 64 size blocks: 1668092 aes-256-cbc's in 2.99s Doing aes-256-cbc for 3s on 256 size blocks: 429423 aes-256-cbc's in 2.98s Doing aes-256-cbc for 3s on 1024 size blocks: 108399 aes-256-cbc's in 2.99s Doing aes-256-cbc for 3s on 8192 size blocks: 13582 aes-256-cbc's in 2.99s OpenSSL 1.0.1 14 Mar 2012 built on: Wed Mar 14 17:33:01 UTC 2012 options:bn(64,64) md2(int) rc4(8x,int) des(idx,cisc,16,int) aes(partial) idea(int) blowfish(idx) compiler: gcc -fPIC -DOPENSSL_PIC -DZLIB -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -Wa,--noexecstack -march=x86-64 -mtune=generic -O2 -pipe -fstack-protector --param=ssp-buffer-size=4 -D_FORTIFY_SOURCE=2 -m64 -DL_ENDIAN -DTERMIO -O3 -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM The 'numbers' are in 1000s of bytes per second processed. type 16 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes aes-256-cbc 34121.22k 35704.98k 36890.03k 37123.94k 37211.95k --- it works in a 32bit chroot on the same system: # openssl speed -evp aes-256-cbc -engine padlock engine "padlock" set. Doing aes-256-cbc for 3s on 16 size blocks: 8612711 aes-256-cbc's in 3.00s Doing aes-256-cbc for 3s on 64 size blocks: 6184350 aes-256-cbc's in 3.00s Doing aes-256-cbc for 3s on 256 size blocks: 2251976 aes-256-cbc's in 2.99s Doing aes-256-cbc for 3s on 1024 size blocks: 697897 aes-256-cbc's in 2.98s Doing aes-256-cbc for 3s on 8192 size blocks: 98333 aes-256-cbc's in 2.99s OpenSSL 1.0.1 14 Mar 2012 built on: Wed Mar 14 17:29:12 UTC 2012 options:bn(64,32) md2(int) rc4(8x,mmx) des(ptr,risc1,16,long) aes(partial) idea(int) blowfish(idx) compiler: gcc -fPIC -DOPENSSL_PIC -DZLIB -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -Wa,--noexecstack -march=i686 -mtune=generic -O2 -pipe -fstack-protector --param=ssp-buffer-size=4 -D_FORTIFY_SOURCE=2 -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM The 'numbers' are in 1000s of bytes per second processed. type 16 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes aes-256-cbc 45934.46k 131932.80k 192811.32k 239814.27k 269412.69k Additional info: openssl-1.0.1-1 |
This task depends upon
Closed by Andrea Scarpino (BaSh)
Monday, 15 October 2012, 10:12 GMT
Reason for closing: None
Additional comments about closing: see the last comment
Monday, 15 October 2012, 10:12 GMT
Reason for closing: None
Additional comments about closing: see the last comment
It's working for 64bit in CVS HEAD, I'm trying to create a patch ATM (can't believe someone still uses CVS >:( )
But just in case anybody needs this also, remeber it's your fault if you apply this and stuff suddently is double-rot13 encrypted instead of AES.
As for contacting upstream, I'll try.
# openssl speed -evp aes-256-cbc -engine padlock
engine "padlock" set.
Doing aes-256-cbc for 3s on 16 size blocks: 11320657 aes-256-cbc's in 3.00s
Doing aes-256-cbc for 3s on 64 size blocks: 9326227 aes-256-cbc's in 2.99s
Doing aes-256-cbc for 3s on 256 size blocks: 4431737 aes-256-cbc's in 2.99s
Doing aes-256-cbc for 3s on 1024 size blocks: 1436963 aes-256-cbc's in 3.00s
Doing aes-256-cbc for 3s on 8192 size blocks: 195480 aes-256-cbc's in 2.99s
OpenSSL 1.0.1 14 Mar 2012
built on: Mon Mar 26 16:05:57 CEST 2012
options:bn(64,64) md2(int) rc4(8x,int) des(idx,cisc,16,int) aes(partial) idea(int) blowfish(idx)
compiler: gcc -fPIC -DOPENSSL_PIC -DZLIB -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -Wa,--noexecstack -march=x86-64 -mtune=generic -O2 -pipe -m64 -DL_ENDIAN -DTERMIO -O3 -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
The 'numbers' are in 1000s of bytes per second processed.
type 16 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes
aes-256-cbc 60376.84k 199624.93k 379439.69k 490483.37k 535575.97k
--- without padlock ---
[13:05][poison@kassandra:~]$ dd if=/dev/zero bs=1024 count=102400 | ssh -c aes128-cbc -m umac-64@openssh.com -o Compression=no localhost 'cat > /dev/null'
Enter passphrase for key '/home/poison/.ssh/id_rsa':
102400+0 records in
102400+0 records out
104857600 bytes (105 MB) copied, 9.8189 s, 10.7 MB/s
--- with padlock ---
[16:13][poison@kassandra:~]$ dd if=/dev/zero bs=1024 count=102400 | ssh -c aes128-cbc -m umac-64@openssh.com -o Compression=no localhost 'cat > /dev/null'
Enter passphrase for key '/home/poison/.ssh/id_rsa':
102400+0 records in
102400+0 records out
104857600 bytes (105 MB) copied, 4.91063 s, 21.4 MB/s
^^^ forget that ssh measurement, that was a benchmark of how fast I could type my password :P It's more like:
104857600 bytes (105 MB) copied, 1.54308 s, 68.0 MB/s
with padlock enabled
If so, this openssl version (1.0.1) seems to be affecting the above padlock issue, curl, ssh, PuTTY, and the ability to connect to certain WPA2 wireless configurations (in my case). Perhaps the encryption protocol used is the common connection? https://bbs.archlinux.org/viewtopic.php?id=138103
Since I don't think many people use or care for this anyway you can just close the ticket and I'll maintain the patch for myself ^^
Ty ^^