Hi, currently openssl in CMS supports only RSA based certificates but EC based certificates are supported in openssl TLS... so I assume that there is already a code that can sing/verify and perform key agreement (ECKA-EG ECKA-DH) using eliptic curves.
Can someone please tell me if this will be a lot of work to use that code in CMS in a way that CMS could work with EC based certificates? Backgroud: My company needs to support BSI requirements (more info can be found here chapter 8 https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Publikationen/TechnischeRichtlinien/TR03116/BSI-TR-03116-3.html ) and EC certificate is a must. We are now at the point where a decision will be made if we will implement everything by ourselves (which I would like to avoid) or we improve some existing open source crypto lib to support BSI requirements.
_______________________________________________ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
