[levitte - Fri Feb 27 00:04:45 2004]: > I noticed the EVP_dss1() hack, and am pondering about something a bit > mkore generic. Could you test if the following line works? > > evp_md = EVP_get_digestbynid(EVP_MD_nid(rkey)); > > [guest - Mon Feb 23 18:13:00 2004]: > > > Attached file extend OCSP responder with: > > - add support for dsa keys; > > - set SO_REUSEADDR when system support it. > > > > What about attached patch ? > > It is against 0.9.7b, but same fixes can be applied for 0.9.7c. >
Its only because both EVP_PKEY and EVP_MD structures both have a field called "type" and that EVP_MD_nid() is a macro that it works. If ever EVP_MD_nid() was changed to a function bad things could happen. What we really need is a macro or funtion that returns the 'type' field for an EVP_PKEY. Unfortunately the obvious name EVP_PKEY_type() is already taken and does something else: EVP_PKEY_nid() perhaps? The applications currently access pkey->type directly for this kind of thing. Another reason why this would work is because the appropriate digest is the default one for the key type. We should also check that this in OpenSSL 0.9.8 when the key is an ECDH key. Steve. ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
