> I want to create an engine for ECDSA, and implement my own signing > operation in hardware. > But I want to use the default verify operation to be used. > Is there currently a way to do that?
Yosh.
I think you can declare a new ECDSA_METHOD structure and keep the
references to the openssl ecdsa_do_verify function while changing the
ecdsa_do_sign to your own function (it's what I do):
static ECDSA_METHOD my_own_openssl_ecdsa_meth = {
"OpenSSL ECDSA method",
my_own_ecdsa_do_sign_function,
ecdsa_sign_setup_no_digest,
ecdsa_do_verify,
ECDSA_FLAG_FIPS_METHOD, /* flags */
NULL /* app_data */
};
Then, in your engine, use something like ENGINE_set_ECDSA(e,
&my_own_openssl_ecdsa_meth).
Is that what you are searching for ?
You'll have to include some headers like ./crypto/ec/ec_lcl.h, I think.
--
Rémy Grünblatt
ENS Lyon
pgpnu6ZRdAilG.pgp
Description: OpenPGP digital signature
_______________________________________________ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
