Hi All, We are writing an ECDH engine. All private keys are in the hardware (including ephemeral keys). I found that the DH_METHOD has both (*generate_key) and (*compute_key) methods while the ECDH_METHOD has just the (*compute_key) method.
We would like (once the engine is completed) to use standard SSL_accept() etc calls. But the compute_key() returns shared secret based on previously generated public/private key pair and the public key is already sent to a peer). Is there a hook to replace the public key before it is sent out? Thank you, Alex Gostrer.
_______________________________________________ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev