Hello,
What is the best way to test whether a given OpenSSL build supports explicit
ECDSA curves?
Specifically, I’d like to know whether the OpenSSL in question will fail the
test at line 106 of providers/common/securitycheck.c:
if (nid == NID_undef) {
Hello experts
I used to load a self-signed cert using a program like below:
X509_STORE_set_verify_cb_func(lCertCtx, UserCert_cb_check_cert);
lLookup = X509_STORE_add_lookup(lCertCtx, X509_LOOKUP_file());
error = X509_LOOKUP_load_file(lLookup, NULL, X509_FILETYPE_DEFAULT);
It was all working
Hi,
there is no way to do that with OpenSSL 1.1.0 and newer. The thing is
that with recent versions of OpenSSL the later operations with the
EVP_MD_CTX can fail for other reasons than memory allocation failure
such as algorithm unavailability from a provider. So you would need to
check anyway.
looks like https://linux.die.net/man/3/evp_md_ctx_init initializes a
structure that's allocated already. Yes it could be on the stack, or
static...
(instead of _new)
On Wed, Jul 27, 2022 at 1:42 AM Philip Prindeville <
philipp_s...@redfish-solutions.com> wrote:
> Hi,
>
> I suspect I already