Bug 1440 - OpenSSL engine support should be enabled by default
Summary: OpenSSL engine support should be enabled by default
Status: CLOSED WONTFIX
Alias: None
Product: Portable OpenSSH
Classification: Unclassified
Component: Build system (show other bugs)
Version: 4.7p1
Hardware: All All
: P3 enhancement
Assignee: Assigned to nobody
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2008-02-11 16:50 AEDT by Ian Lister
Modified: 2009-10-06 15:03 AEDT (History)
1 user (show)

See Also:

Attachments
Patch to enable engine support by default (1.16 KB, patch)
2008-02-11 16:59 AEDT, Ian Lister 		no flags Details | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Ian Lister 2008-02-11 16:50:19 AEDT 
OpenSSH provides a --with-ssl-engine configure option to enable OpenSSL's hardware crypto support. The default is not to enable it. I don't see any reason not to enable it; it has no effect if no hardware crypto devices are available. I believe the default should be to enable it, and I even don't think it would be any loss to remove the configure option altogether (i.e. to always enable it).

Ian
Comment 1 Ian Lister 2008-02-11 16:59:49 AEDT 
Created attachment 1454 [details]
Patch to enable engine support by default

This patch changes the behaviour of the configure script to enable OpenSSL support by default, and to disable it only if explicitly requested or if it is unavailable.

Ian
Comment 2 Darren Tucker 2008-06-15 04:01:52 AEST 
I think the danger here is if you end up using contexts on your crypto hardware for (low-bandwidth) ssh sessions, rather that whatever you bought the hardware for (eg handling SSL).

I would be interested in hearing from folks who have such hardware, though.
Comment 3 Darren Tucker 2009-07-31 10:46:55 AEST 
We have decided not to do this at this time due to the potential impact to some classes of hardware engines.
Comment 4 Ian Lister 2009-07-31 12:16:22 AEST 
The motivating case for me is on machines with VIA CPUs with Padlock support (hardware implementations of a range of crypto functions including AES, SHA-1, SHA-256, random number generation and Montgomery multiplication).  These are implemented on the CPU core and use the CPU's ordinary registers and memory for context.  There's no advantage in doing things the slow way by using the CPU's regular instructions rather than these special-purpose ones.

Given what you've pointed out about other classes of hardware engine, I guess I should file a new bug requesting some means of distinguishing classes of hardware engine?
Comment 5 Darren Tucker 2009-07-31 15:21:10 AEST 
(In reply to comment #4)
> Given what you've pointed out about other classes of hardware engine, I
> guess I should file a new bug requesting some means of distinguishing
> classes of hardware engine?

IMO the most sensible way to handle this is for libcrypto to automatically use the processor feature if appropriate (OpenBSD does this).  Some Linux vendors ship different openssl packages for different processors (i386 vs i686, the latter making use of instructions not available on previous generations of processors).  Anyway, I think it doesn't make sense to have every crypto-using application have to deal with this.

Doing a bit of reading (http://marc.info/?l=openssl-dev&m=108903127031777&w=2) it looks like another option is to use openssl.cnf via its [engine_section] (see http://www.daemon-systems.org/man/openssl.cnf.5.html)

Based on http://www.openssl.org/docs/crypto/OPENSSL_config.html, it looks like all we'd have to do is add a call of OPENSSL_config(NULL) to ssh, which I think would be reasonable (assuming it does what I think it does).
Comment 6 Damien Miller 2009-10-06 15:03:16 AEDT 
Mass move of RESOLVED bugs to CLOSED now that 5.3 is out.