Following up with myself: 1. I was using the ENGINE_get_cipher_engine function to tell if a particular cipher was implemented in an engine, but I was not calling ENGINE_finish after each call, which is probably bad.
2. As best as I can tell, it doesn't make sense to call get_cipher_engine for things like ECDH, ECDSA, RSA, etc... since there is only one version of the algorithm but different parameters. In the case of ECC, an engine probably does not implement all the curves. My guess is that this is handled automagically, i.e. if an engine does have curve X but OpenSSL does, it will use OpenSSL. But, it would be nice to know. On Mon, Oct 28, 2013 at 11:30 PM, Joshua Datko <jbda...@gmail.com> wrote: > I'd like to know if the engine I've loaded supports certain algorithms. > I'm using ENGINE_get_cipher_engine(int nid) with various ciphers and that > is working great. > > Now, I'd like to test if the engine supports ECDH and/or ECDSA. But, I'd > like to test for specific curve support. I see the get_defaults_ECDH / > ECDSA, but I don't think that will be specific enough. > > Can I do something like this: > > get_cipher_engine(NID_X9_62_prime_field) > > If not, what is the preferred mechanism? > > Thanks, > > Josh >
