olgap wrote: > > > > We would like to use the library openSSL 0.9.5 to generate certificates X.509. > We'd like to do this using our own algorythms of symmetric encryption, hashing > and digital signature. > Does this library support usage of third-party algorythms? If not, do you plan > to add this functionality in the future? > It does support the use of additional algorithms but this is unfortunately restricted to symmetric and digest algorithms. Adding new public key algorithms without modifying the core source isn't currently possible. Making this easier is planned for the future but no firm date. > When trying to do this we faced the following difficulties (hence the > question): > Function ASN1_sign (included in the library) internally uses function > EVP_PKEY_size which does not allow to use any other keys but RSA and DSA keys. > Also, there were other problems. > > We may just have used an invalid way of adding algorythms to the library. If > this is the case, what is the adopted way of doing it? > You'll need to modify several different things to get this working. You'll need EVP_PKEY_size() as you suggest. You'll also need to modify the ASN1 code so it supports the public key format for the algorithm you are adding. If you want PKCS#8 encrypted private keys then that will need to be modified too. BTW, I'm curious. What algorithm do you want to add? Steve. -- Dr Stephen N. Henson. http://www.drh-consultancy.demon.co.uk/ Personal Email: [EMAIL PROTECTED] Senior crypto engineer, Celo Communications: http://www.celocom.com/ Core developer of the OpenSSL project: http://www.openssl.org/ Business Email: [EMAIL PROTECTED] PGP key: via homepage. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
