From 84458b79a78ea7e26820bf09a3b916acf59a62f3 Mon Sep 17 00:00:00 2001 From: Nick Mathewson Date: Mon, 18 Nov 2013 11:12:24 -0500 Subject: [PATCH] Log more OpenSSL engine statuses at startup. Fixes ticket 10043; patch from Joshua Datko. --- changes/ticket10043 | 4 ++++ src/common/crypto.c | 14 ++++++++++++-- 2 files changed, 16 insertions(+), 2 deletions(-) create mode 100644 changes/ticket10043 diff --git a/changes/ticket10043 b/changes/ticket10043 new file mode 100644 index 0000000000..21541bedbb --- /dev/null +++ b/changes/ticket10043 @@ -0,0 +1,4 @@ + o Minor features: + - When logging OpenSSL engine status at startup, log the status of + more engines. Fixes ticket 10043; patch from Joshua Datko. + diff --git a/src/common/crypto.c b/src/common/crypto.c index c1a2f33935..cbe992ef4e 100644 --- a/src/common/crypto.c +++ b/src/common/crypto.c @@ -307,12 +307,22 @@ crypto_global_init(int useAccel, const char *accelName, const char *accelDir) " setting default ciphers."); ENGINE_set_default(e, ENGINE_METHOD_ALL); } + /* Log, if available, the intersection of the set of algorithms + used by Tor and the set of algorithms available in the engine */ log_engine("RSA", ENGINE_get_default_RSA()); log_engine("DH", ENGINE_get_default_DH()); + log_engine("ECDH", ENGINE_get_default_ECDH()); + log_engine("ECDSA", ENGINE_get_default_ECDSA()); log_engine("RAND", ENGINE_get_default_RAND()); log_engine("SHA1", ENGINE_get_digest_engine(NID_sha1)); - log_engine("3DES", ENGINE_get_cipher_engine(NID_des_ede3_ecb)); - log_engine("AES", ENGINE_get_cipher_engine(NID_aes_128_ecb)); + log_engine("3DES-CBC", ENGINE_get_cipher_engine(NID_des_ede3_cbc)); + log_engine("AES-128-ECB", ENGINE_get_cipher_engine(NID_aes_128_ecb)); + log_engine("AES-128-CBC", ENGINE_get_cipher_engine(NID_aes_128_cbc)); + log_engine("AES-128-CTR", ENGINE_get_cipher_engine(NID_aes_128_ctr)); + log_engine("AES-128-GCM", ENGINE_get_cipher_engine(NID_aes_128_gcm)); + log_engine("AES-256-CBC", ENGINE_get_cipher_engine(NID_aes_256_cbc)); + log_engine("AES-256-GCM", ENGINE_get_cipher_engine(NID_aes_256_gcm)); + #endif } else { log_info(LD_CRYPTO, "NOT using OpenSSL engine support.");