[openssl-users] Implementing ECDSA in an engine

Reinier Torenbeek reinier.torenbeek at gmail.com
Fri Jun 26 16:47:34 UTC 2015


Hi,

The mechanism for implementing ECDSA in my own engine is unclear to me.
Unfortunately, none of the example engines implement ECDSA so it is hard
for me to find answers.

Invoking ENGINE_set_ECDSA() does not seem to be sufficient: my setup,
sign and verify methods never get invoked. Stepping through the openssl
code, it looks like I also need to register my own EVP_PKEY_EC method.
That looks pretty complicated and I do not understand why that is
required in the first place if I only want to replace the ECDSA signing
and verification methods.

Can someone confirm that registering my own EVP_PKEY_EC method is indeed
the approach I have to take, or is there a shorter path to achieve my goal?

Is this the right list to ask questions about engine implementations? Or
would using openssl-dev be more appropriate?

Thanks,
Reinier



More information about the openssl-users mailing list