Greetings!
On Sun, Sep 8, 2013 at 9:53 PM, Dr. Stephen Henson <[email protected]>wrote: > On Wed, Aug 28, 2013, Dmitry Belyavsky wrote: > > > Greetings! > > > > The cipher algorithm GOST has a set of substitution blocks as parameters > of > > encryption/decryption. When we use the gost engine, we can specify the > > preferred paramset via environment variable or using the default from > > config file section. > > > > In 2013 Russian official body has changed the default value of the > blocks. > > So we need to use old default value for the old systems and new - for new > > ones. But the functions CMS_encrypt/PKCS7_encrypt now do not allow to > > configure the used cipher. Using the environment variable for the > > parameters management makes more difficult the writing and using > > multi-threading applications. > > > > Is it possible to modify the code of the OpenSSL for support of different > > parameters? For example, to provide functions like > > CMS_encrypt_ex/PKCS7_encrypt_ex with extra arguments. Or may be there is > a > > more simple way to get the result necessary for our purposes. > > > > There is a mechanism which exists for parameter setting and public key > algorithms (only in master branch at present). Could you please show me the appropriate code in the master branch? > The idea is that the > appropriate context can be extracted from the structure and parameters set. > This might need a new flag and a new function something like: > CMS_EnvelopedData_get0_cipher_ctx(). > Yes, the CMS structure contains all the necessary data. Do you mean the extra flag in the ctrl-function of an EVP_PKEY_METHOD struct? Thank you! -- SY, Dmitry Belyavsky
