Hello All,
Could someone please let me know what is the right way to enable
null-ciphers in openssl. I want to do some performance evaluations with
openssl and as a part of the exercise, want to tabulate performance with
null encryption ciphers too.
Want to get this working with openssl s_server
Kris,
Dynamically allocate yourself a block of NIDs, one for each algorithm, using
OBJ_new_nid().
Note also, that there is a preferable option if you are working against the
upcoming 3.0. Instead of developing an engine, create a provider. This avoids
NIDs completely and was designed from
Hello,
I'm working on development of OpenSSL ENGINE that integrates
post-quantum algorithms (new NIDs). During integration I
need to modify OpenSSL code to add custom function, but would
prefer not to need add anything to OpenSSL code (so engine
can be dynmicaly loaded by any modern OpenSSL).
This would require a line in crypto/objects/objects.txt and a "make update”.
A pull request would be the way to get this in.
Pauli
--
Dr Paul Dale | Distinguished Architect | Cryptographic Foundations
Phone +61 7 3031 7217
Oracle Australia
> On 26 Aug 2020, at 11:41 pm, Angus Robertson -
Is it possible for a new NID and object to be added to support creating
and checking the Let's Encrypt ACME TLS-ALPN-01 challenge in which a
temporary X509 certificate is created with a specific X509v3 extension
containing shared information.
Currently, I get a new NID with:
On 19/08/2020 02:01, Norm Green wrote:
> In 3.0 I see this new function in evp.h :
>
> int EVP_PKEY_can_sign(const EVP_PKEY *pkey);
>
> Is there an equivalent way to check if a key can verify? I'm not seeing
> an obvious way to do that. Previously I used
> EVP_PKEY_meth_get_verifyctx() but
