new algorithms

Teja Prabhu 213tej at gmail.com
Mon Apr 8 17:22:57 UTC 2019


1. dasync_aes128_cbc_cipher (search for this in
https://github.com/openssl/openssl/blob/master/engines/e_dasync.c) ||
replace it with your symmetric cipher, and do the same for RSA.
2. setup a server and client and hard-code the symmetric & asymmetric
ciphers to your ciphers
3. your idea is simply not going to work. Like Tobias said, you have to add
them manually. I suggest you simply not use OpenSSL or any TLS library,
unless you have a lot of clout in the International Communication Union.

You can take Mega's approach and use javascript since every browser under
the sun has it (as an additional layer over TLS).

Teja Prabhu


On Mon, Apr 8, 2019 at 7:06 PM Tobias Nießen <tniessen at tnie.de> wrote:

> > creation of x509 certificate with algo1 and algo2, and/or TLS and SSL
> > connection always with algo1 and algo2
> As far as I know, you will need to have an OID assigned for each
> algorithm for x509 certificates. You can add those to OpenSSL manually,
> but you won't be able to communicate with any other software that does
> not implement them. (And as Rich said, there is little reason for people
> to trust and use non-standard algorithms.)
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20190408/381d348f/attachment.html>


More information about the openssl-users mailing list