<html><head><meta http-equiv="Content-Type" content="text/html; charset=us-ascii"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; line-break: after-white-space;" class="">Kris,<div class=""><br class=""></div><div class="">Dynamically allocate yourself a block of NIDs, one for each algorithm, using OBJ_new_nid().</div><div class=""><br class=""></div><div class="">Note also, that there is a preferable option if you are working against the upcoming 3.0. Instead of developing an engine, create a provider. This avoids NIDs completely and was designed from the ground up to support what you want.</div><div class=""><br class=""></div><div class=""><br class=""><div class="">
<div dir="auto" style="caret-color: rgb(0, 0, 0); color: rgb(0, 0, 0); letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; text-decoration: none; word-wrap: break-word; -webkit-nbsp-mode: space; line-break: after-white-space;" class=""><div>Pauli<br class="">-- <br class="">Dr Paul Dale | Distinguished Architect | Cryptographic Foundations <br class="">Phone +61 7 3031 7217<br class="">Oracle Australia</div><div><br class=""></div></div><br class="Apple-interchange-newline"><br class="Apple-interchange-newline">
</div>
<div><br class=""><blockquote type="cite" class=""><div class="">On 27 Aug 2020, at 2:21 am, Kris Kwiatkowski <<a href="mailto:kris@amongbytes.com" class="">kris@amongbytes.com</a>> wrote:</div><br class="Apple-interchange-newline"><div class="">
<meta http-equiv="content-type" content="text/html; charset=UTF-8" class="">
<div class="">
<tt class="">Hello,</tt><br class="">
<div class="moz-forward-container">
<div class="moz-forward-container">
<div class="moz-forward-container"><p class=""><tt class=""> <br class="">
I'm working on development of OpenSSL ENGINE that
integrates<br class="">
post-quantum algorithms (new NIDs). During integration I<br class="">
need to modify OpenSSL code to add custom function, but
would<br class="">
prefer not to need add anything to OpenSSL code (so engine<br class="">
can be dynmicaly loaded by any modern OpenSSL).<br class="">
</tt></p><p class=""><tt class="">So, In three cases, namely when the code is in
callbacks for keygen,<br class="">
encryption and ctrl (called by EVP_PKEY_CTX_ctrl,
EVP_PKEY_encrypt <br class="">
and EVP_PKEY_keygen) I need to get NID of the scheme. The
problem<br class="">
is that, those functions are called with EVP_PKEY_CTX
object<br class="">
provided as an argument. The NID is stored in the <br class="">
</tt><tt class="">EVP_PKEY_CTX->pmeth->pkey_id. I think (AFAIK)
there is no API<br class="">
which would return that value.<br class="">
<br class="">
I've added a simple function that returns pkey_id from the
ctx, but<br class="">
that means that I need to change OpenSSL code. Is there
any way<br class="">
to get NID without changing OpenSSL?<br class="">
<br class="">
Kind regards,<br class="">
Kris<br class="">
<br class="">
</tt></p><p class=""><br class="">
</p>
</div>
</div>
</div>
</div>
</div></blockquote></div><br class=""></div></body></html>