[openssl-dev] New crypto algorithms in openSSL engine
Dr. Stephen Henson
steve at openssl.org
Wed Sep 27 15:43:35 UTC 2017
On Wed, Sep 27, 2017, Byrne, Andrew wrote:
> Hi all,
>
> I'm working on testing some lattice based algorithms in openSSL for the establishment of a TLS channel. I've investigated the potential for developing an engine to support this as it would mean I don't need to touch the core openSSL code. However, I've two blind spots which I can't find any answers to...
>
> 1. How can I create a new OID/NID for the new algorithms I propose to include in the engine?
>
OBJ_create() is the easiest way. You pass it the oid, short name and long name
and get back a NID.
> 2. Is it possible to create a ciphersuite within an engine that could be used to create a TLS connection?
>
No. There is no mechanism to dynamically add ciphersuites to OpenSSL at
present.
Steve.
--
Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org
More information about the openssl-dev
mailing list