[openssl-dev] About Chinese crypto-algorithms
Salz, Rich
rsalz at akamai.com
Wed Sep 28 12:44:16 UTC 2016
(I subscribed you to openssl-dev; I hope it works.)
ISO standards are “pay to play.” That is, any member organization can get something as an ISO standard with not much effort. :)
>> "I strongly recommend that if anyone works on this, they do it as an externally-provided ENGINE, like GOST. "
> Again, I'm sorry I have not a clear notion about the difference between build-in approach, and certainly we will take this if necessary.
>> "We may also not have the resources to tackle something that would otherwise be of interest (we have a back catalog of nice-to-have cryptography waiting for a rainy day)"
> We certainly respect policy within community and be willing to participate in this if possible in all aspects.
You will have to learn how to write an ENGINE. It is possible; Dmitry did it for GOST (look in the mailing list archives, https://mta.openssl.org, for some details; also maybe the Git log. Also maybe he'll reply to this post :) Richard Levitte has started a blog series on writing an ENGINE, see https://www.openssl.org/blog/blog/categories/engine-corner/
We want to make it easier to add new crypto via ENGINES. Each time someone does it, we learn more about what's needed, the documentation gets (a little) better, and so on.
More information about the openssl-dev
mailing list