Hi,
My goal is to implement ECDH in my own engine. The snippet below shows
the struct that needs to be filled and set as the engine's ECDH method:
struct ecdh_method {
const char *name;
int (*compute_key) (void *key, size_t outlen, const EC_POINT *pub_key,
EC_KEY
not
require the whole custom PKEY to be set up. Do you know?
Best regards,
Reinier
On 6/26/15 12:51 PM, Dmitry Belyavsky wrote:
Hello Reinier,
On Fri, Jun 26, 2015 at 7:47 PM, Reinier Torenbeek
reinier.torenb...@gmail.com mailto:reinier.torenb...@gmail.com wrote:
Hi,
The mechanism
Hi,
The mechanism for implementing ECDSA in my own engine is unclear to me.
Unfortunately, none of the example engines implement ECDSA so it is hard
for me to find answers.
Invoking ENGINE_set_ECDSA() does not seem to be sufficient: my setup,
sign and verify methods never get invoked. Stepping
Hello Steve,
Thank you for the response. The ECDSA_set_default_method() indeed sets
up the functionality as you describe below and that seems to be good
enough for me (for now...).
Best regards,
Reinier
On 6/26/15 4:25 PM, Dr. Stephen Henson wrote:
On Fri, Jun 26, 2015, Reinier Torenbeek wrote
and runnable code, but the EVP_PKEY_CTX_ctrl
invocation is essentially ignored at this moment. Therefore the sha256 does
not actually take place.
On Sat, Jun 27, 2015 at 7:55 PM, Reinier Torenbeek
reinier.torenb...@gmail.com wrote:
Hi again,
After digging into the ECDH code a bit more, I (sort
to make it
useful.
Since this functionality looks like it is a kind of half-finished to me,
can anybody give some insight in its status or confirm/correct my
conclusions?
Thanks,
Reinier
On 6/19/15 4:23 PM, Reinier Torenbeek wrote:
Hi,
My goal is to implement ECDH in my own engine. The snippet
, it will be used to generate parameters */
int (*generate_params) (DH *dh, int prime_len, int generator,
BN_GENCB *cb);
};
On 6/30/15 11:48 AM, Jakob Bohm wrote:
On 28/06/2015 04:55, Reinier Torenbeek wrote:
Hi again,
After digging into the ECDH code a bit more, I
I am interested in leveraging the following three functions:
ENGINE_load_private_key()
ENGINE_load_public_key()
ENGINE_load_certificate()
Unfortunately, the latter is missing. This was mentioned in a recent
thread on this list as well (see
Hello Jakob,
Looking at crypt/store/store.h, do you agree that a store implementation
is the place where the functionality that you describe below belongs?
Thanks,
Reinier
On 8/6/15 8:44 PM, Jakob Bohm wrote:
I think what one wants as a first approximation is
functions that can enumerate and
at the moment (and in the future)?
Thanks,
Reinier
On 8/6/15 8:06 PM, Dr. Stephen Henson wrote:
On Thu, Aug 06, 2015, Reinier Torenbeek wrote:
I am interested in leveraging the following three functions:
ENGINE_load_private_key()
ENGINE_load_public_key()
ENGINE_load_certificate()
Unfortunately
m: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf
>> Of Reinier Torenbeek
>> Sent: Wednesday, October 28, 2015 16:55
>>
>> In asn1/asn1.h, the fields sn and ln in ASN1_OBJECT are defined as const
>> char *:
>>
>> 211 typedef struct asn1_object_st
Hi,
While implementing an engine, I run into the following prototype that I
need to implement:
struct evp_pkey_asn1_method_st
{
int (*pub_encode)(X509_PUBKEY *pub, *const* EVP_PKEY *pk);
} /* EVP_PKEY_ASN1_METHOD */;
Inside this function, I want to assign pk to pub->pkey (and do the
Hi,
The following looks wrong and actually resulted in a crash for me before
I decided to do things differently:
In asn1/asn1.h, the fields sn and ln in ASN1_OBJECT are defined as const
char *:
211 typedef struct asn1_object_st
212 {
213 const char *sn,*ln;
214 int nid;
Hello Selva and Matt,
Thanks for the pointers. Following the suggested approach, I have added (in
a branch of a fork) initial support of RSA-PSS for the BCrypt engine and
the few first tests look promising. Next, I will do the same thing for
NCrypt. After that I will probably add support for OAEP
providers is stable
at this point?
Thanks,
Reinier
> On Jul 1, 2021, at 4:41 PM, Matt Caswell wrote:
>
> Nice! Are there any thoughts to support providers? The engine interface is
> deprecated in 3.0.
>
> Matt
>
>
>> On 01/07/2021 18:49, Reinier Torenbe
port, which lacks just due to the
> engine interface.
>
> Cheers,
>
> David
>
>
> On 01.07.21 19:49, Reinier Torenbeek wrote:
>
> Hi,
>
> For anyone interested in leveraging Windows CNG with OpenSSL 1.1.1, you
> may want to check out this new OpenSSL CNG Engine p
Thanks Matt.
>From your response, it seems that this would be a good moment to start
looking into the provider interface. I will check it out (and may get back
with questions after that...)
Reinier
On Fri, Jul 2, 2021 at 4:21 AM Matt Caswell wrote:
>
>
> On 02/07/2021 04:25, Reini
ered the 'cert:' "scheme". That answers quite a lot :-)
>
> Time for me to throw away my skeleton then ;-)
>
> Cheers,
> Richard
>
> On Thu, 01 Jul 2021 19:49:00 +0200,
> Reinier Torenbeek wrote:
> >
> > Hi,
> >
> > For anyone interested in l
Hi Selva,
On Fri, Jul 2, 2021 at 10:49 AM Selva Nair wrote:
> Hi,
>
> On Thu, Jul 1, 2021 at 1:49 PM Reinier Torenbeek <
> reinier.torenb...@gmail.com> wrote:
>
>> Hi,
>>
>> For anyone interested in leveraging Windows CNG with OpenSSL 1.1.1, you
>&g
Hi,
For anyone interested in leveraging Windows CNG with OpenSSL 1.1.1, you may
want to check out this new OpenSSL CNG Engine project on GitHub:
https://github.com/rticommunity/openssl-cng-engine . The associated User's
Manual is on ReadTheDocs:
Hi,
I have a simple application that uses OpenSSL 3.0.0 for AES-GCM encryption
and decryption only. Looking at the size of the binary on disc, I see it's
a few KBs when linking dynamically with libcrypto, and 4.8 MB when linking
statically. Although I know the large footprint of OpenSSL is
Hi,
While checking out the 3.0.0-beta2 release, I noticed that several of the
_METHOD structs are not marked as deprecated. With the introduction of the
provider mechanism, they don't seem relevant anymore. Is there a reason for
this, or is it just an omission?
For example, see DH_METHOD here:
Hi,
This seems to be an oversight so I created issue #16272: Several legacy
structs are not marked as deprecated
<https://github.com/openssl/openssl/issues/16272>.
Reinier
On Sun, Aug 8, 2021 at 10:52 PM Reinier Torenbeek <
reinier.torenb...@gmail.com> wrote:
> Hi,
>
&g
23 matches
Mail list logo