<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; line-break: after-white-space;" class="">Instead of using an engine, you should write a provider (assuming you’re using the soon to be released OpenSSL 3.0). It doesn’t need a NID.<div class=""><br class=""></div><div class="">If you are using OpenSSL 1.1.1, try the OBJ_new_nid() function.</div><div class=""><br class=""></div><div class=""><br class=""></div><div class="">Pauli<br class=""><div class="">
<div dir="auto" style="word-wrap: break-word; -webkit-nbsp-mode: space; line-break: after-white-space;" class=""><div style="caret-color: rgb(0, 0, 0); color: rgb(0, 0, 0); font-family: Helvetica; font-size: 12px; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; text-decoration: none;">-- <br class="">Dr Paul Dale | Distinguished Architect | Cryptographic Foundations <br class="">Phone +61 7 3031 7217<br class="">Oracle Australia</div><div style="caret-color: rgb(0, 0, 0); color: rgb(0, 0, 0); font-family: Helvetica; font-size: 12px; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; text-decoration: none;"><br class=""></div><br class="Apple-interchange-newline"></div><br class="Apple-interchange-newline">
</div>
<div><br class=""><blockquote type="cite" class=""><div class="">On 26 Aug 2020, at 6:48 pm, Kris Kwiatkowski <<a href="mailto:kris@amongbytes.com" class="">kris@amongbytes.com</a>> wrote:</div><br class="Apple-interchange-newline"><div class="">
<meta http-equiv="content-type" content="text/html; charset=UTF-8" class="">
<div class="">
<br class="">
<div class="moz-forward-container">
<div class="moz-forward-container">
<meta http-equiv="content-type" content="text/html;
charset=UTF-8" class=""><p class=""><tt class="">Hey,<br class="">
<br class="">
I'm working on development of OpenSSL ENGINE that integrates<br class="">
post-quantum algorithms (new NIDs). During integration I<br class="">
need to modify OpenSSL code to add custom function, but
would<br class="">
prefer not to need add anything to OpenSSL code (so engine<br class="">
can be dynmicaly loaded by any modern OpenSSL).<br class="">
</tt></p><p class=""><tt class="">So, In three cases, namely when the code is in callbacks
for keygen,<br class="">
encryption and ctrl (called by EVP_PKEY_CTX_ctrl,
EVP_PKEY_encrypt <br class="">
and EVP_PKEY_keygen) I need to get NID of the scheme. The
problem<br class="">
is that, those functions are called with EVP_PKEY_CTX object<br class="">
provided as an argument. The NID is stored in the <br class="">
</tt><tt class="">EVP_PKEY_CTX->pmeth->pkey_id. I think (AFAIK)
there is no API<br class="">
which would return that value.<br class="">
<br class="">
I've added a simple function that returns pkey_id from the
ctx, but<br class="">
that means that I need to change OpenSSL code. Is there any
way<br class="">
to get NID without changing OpenSSL?<br class="">
<br class="">
Kind regards,<br class="">
Kris<br class="">
<br class="">
</tt></p><p class=""><br class="">
</p>
</div>
</div>
</div>
</div></blockquote></div><br class=""></div></body></html>