DH parameter reading in OPENSSL 3

Dirk Stöcker openssl at dstoecker.de
Thu Jul 14 09:25:16 UTC 2022


> The work-around is to put the DH parameters first.

That would mean changing external interface of the software which I don't 
like much.

> Otherwise, you'd need to resort to the more general OSSL_STORE API, 
> which loads objects of various types, and you can then ignore the ones 
> you don't care for.
> Another option is to iterate through the PEM file via the generic PEM
> API, and then decode just the desired objects:

I chose to switch to OSSL_DECODER_from_data() and simply pass it the 
buffer where the DH parameter begins. ;-)

Thanks a lot for your help.

Freedom in Peace
https://www.dstoecker.eu/ (PGP key available)

More information about the openssl-users mailing list