Arch Linux

Please read this before reporting a bug:
https://wiki.archlinux.org/title/Bug_reporting_guidelines

Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.

REPEAT: Do NOT report bugs for outdated packages!
Tasklist

FS#35730 - [openssl] can't compile the example in man 3 ecdsa because of missing header files

Attached to Project: Arch Linux
Opened by Doru Georgescu (doru001) - Sunday, 09 June 2013, 06:21 GMT
Last edited by Pierre Schmitz (Pierre) - Monday, 10 June 2013, 12:54 GMT
Task Type Bug Report
Category Packages: Core
Status Closed
Assigned To Pierre Schmitz (Pierre)
Architecture All
Severity Low
Priority Normal
Reported Version
Due in Version Undecided
Due Date Undecided
Percent Complete 100%
Votes 0
Private No

Details

Description:
ec_lcl.h (http://fossies.org/dox/openssl-1.0.1e/ec__lcl_8h_source.html#l00240) missing from package.

I tried to run the example in man 3ssl ecdsa but I could not find the definition of EC_KEY which is ec_key_st and is defined in ec_lcl.h. This definition is required, in my opinion, by the "key->group" line in the example. There have been undocumented changes in the library (see http://fixunix.com/openssl/157537-re-ecc-curve-problem.html), but still ec_lcl.h would be required, even if key would be EC_GROUP.

Additional info:
* package version(s) OpenSSL 1.0.1e 11 Feb 2013
* config and/or log files etc. all defaults (I changed nothing)


Steps to reproduce:
Try to find out the definition of the EC_KEY type which is used in the example in man ecdsa.
This task depends upon

Closed by  Pierre Schmitz (Pierre)
Monday, 10 June 2013, 12:54 GMT
Reason for closing:  Not a bug
Comment by Pierre Schmitz (Pierre) - Sunday, 09 June 2013, 11:41 GMT
I don't think if this was an issue it would be specific to Arch Linux. I would suggest talking to upstream.
Comment by Doru Georgescu (doru001) - Sunday, 09 June 2013, 13:21 GMT
But upstream they have the ec_lcl.h file: http://fossies.org/dox/openssl-1.0.1e/ec__lcl_8h_source.html#l00240, for this very version, this is the point. Why is this file missing from arch openssl package?
Comment by Doru Georgescu (doru001) - Monday, 10 June 2013, 10:46 GMT
The version obviously corresponds - OpenSSL 1.0.1e - so why is ec_lcl.h part of http://fossies.org/dox/openssl-1.0.1e/ec__lcl_8h_source.html#l00240 and not part of the openssl package? I also downloaded http://www.openssl.org/source/openssl-1.0.1e.tar.gz from http://www.openssl.org/source/, and sure enough the ec_lcl.h file is there:

$ tar tvf openssl-1.0.1e.tar.gz | grep ec_lcl
-rw-rw-r-- openssl/openssl 21911 2013-02-11 17:26 openssl-1.0.1e/crypto/ec/ec_lcl.h

Since you are the packager, you should know why is this file not in the archlinux openssl package. What is the reason, justified or not?

Apparently, you have included only the include subdirectory of the openssl-1.0.1e upstream package. What should I do to use the rest of the package without messing up my system? I need to use the rest of the package only for compiling my applications, not as part of the system. Is it fine just to untar it in my home directory and add it to the gcc include directory? Apparently not, I also need to compile the libraries. How should I do that? There are two make files, written for different systems. There is mingw32-openssl 1.0.1e-1 in AUR, maybe I should use it. Nope, it is 1.4K as compared to the original full 4.3M on the openssl.org page, and it does not contain ec_lcl.h, either. How am I supposed to use openssl C API? Since the full openssl-1.0.1e.tar.gz package is much bigger and rather eclectic, and arch linux works just fine with the small include directory of that package, I suppose that this bug should be closed. If you have any tip for me, please post it here or there: https://bbs.archlinux.org/viewtopic.php?id=164831.
Comment by Doru Georgescu (doru001) - Monday, 10 June 2013, 11:32 GMT
It appears that EC_KEY_get0_group() should be used to get access to EC_KEY::group, such that ec_lcl.h is not required for c API programming. (see http://stackoverflow.com/questions/1171207/how-do-i-feed-openssl-random-data-for-use-in-ecdsa-signing)

Loading...