> Are you suggesting that I should modify openssl myself to expose that > functionality or are suggesting that there is a way to do that given the already > exposed functionality? If it is the latter could you point me in the right > direction? OpenSSL code does not do what you want. You'll have to write it