search for: ecdsa_method

Hi list, I have no idea if Damien Miller had the time to work on that. I have an initial patch to authenticate using PKCS#11 and ECDSA keys. This requires OpenSSL 1.0.2, prior OpenSSL versions do not expose the required interfaces to override the signature function pointer for ECDSA. The only limitation is that the OpenSSL API misses some cleanup function (finish, for instance), hence I have yet

...HOD structures are exposed and the existing ssh-pkcs11 code uses that to create an RSA_METHOD object for each key. Because of APIs (in addition to ECDSA support) needed by the patch this currently works with: - LibreSSL >= 2.2.2: until LibreSSL 2.1.2 (which is the what I am testing for), the ECDSA_METHOD structure was defined in a private header. But the LIBRESSL_VERSION_NUMBER constant was not updated until 2.2.2. - OpenSSL >= 1.0.2: creating your own ECDSA_METHOD is not possible before because the ECDSA_METHOD structure if opacified. In OpenSSL 1.0.2, they added the option to create n...

...HOD structures are exposed and the existing ssh-pkcs11 code uses that to create an RSA_METHOD object for each key. Because of APIs (in addition to ECDSA support) needed by the patch this currently works with: - LibreSSL >= 2.2.2: until LibreSSL 2.1.2 (which is the what I am testing for), the ECDSA_METHOD structure was defined in a private header. But the LIBRESSL_VERSION_NUMBER constant was not updated until 2.2.2. - OpenSSL >= 1.0.2: creating your own ECDSA_METHOD is not possible before because the ECDSA_METHOD structure if opacified. In OpenSSL 1.0.2, they added the option to create n...