Hi You should use them as usual, just adding -engine gost to the commands.
Also, since you'll probably need gost certs, don't forget to generate: openssl req -new -newkey gost2001 -pkeyopt paramset:XA -keyout test.key -nodes -x509 -subj /CN=ServerTest Knowing that, in GOST 2001, paramset A is required for client auth, and paramset XA for server auth. All other parameters are chosen automatically (though this will change a bit in GOST 2012). ----- Mail original ----- De: "Nomad Esst" <noname.e...@yahoo.com> À: openssl-users@openssl.org Envoyé: Dimanche 9 Février 2014 11:51:42 Objet: Re: Adding my own algorithm into openssl Hi Thanks Dmitry. I will do that as soon as I complete writing my engine. But first I want to establish a secure connection between s_server and s_client involving gost engine in order to get more familiar with gost as a written engine. What should I do? How can I run the test? On Sunday, February 9, 2014 11:10 AM, Dmitry Belyavsky <beld...@gmail.com> wrote: Hello! If you are going to use your algorithm to your own SSL ciphersuites, you have to patch the libssl library itself. If you execute the command grep -ri gost ssl/ in your openssl directory, you find all the places than should be patched for it though not all may be necessary to patch for your purpose. On Sun, Feb 9, 2014 at 11:13 AM, Nomad Esst < noname.e...@yahoo.com > wrote: <blockquote> Thanks for your useful reply. It seems that gost is loaded into openssl successfully. I used the command you mentioned and the output was correct. I'm planning to write my own engine but first I want to establish a secure connection between s_server and s_client involving gost engine in order to get more familiar with gost as a written engine. What should I do? On Sunday, February 9, 2014 10:38 AM, Dmitry Belyavsky < beld...@gmail.com > wrote: <blockquote> Hello! You should call, for example, the openssl engine -c gost command. If engine is loaded, you see the list of gost algorithms. gost89 and gost89-cnt are the cipher algorithms. On Sun, Feb 9, 2014 at 10:27 AM, Nomad Esst < noname.e...@yahoo.com > wrote: <blockquote> Thanks. I have some problems using gost as engine. I followed the instructions as mentioned in readme file. But I can't see the ciphers in the list. What else should I do? On Saturday, February 8, 2014 5:06 PM, Dmitry Belyavsky < beld...@gmail.com > wrote: <blockquote> Hello! You can take the ccgost engine as example. On Sat, Feb 8, 2014 at 12:24 PM, Nomad Esst < noname.e...@yahoo.com > wrote: <blockquote> Hi I'm new here and I know what I'm going to ask is some kind of a frequent question and has been asked many times but please help me with that since I don't really get a clean solution on how "add a custom algorithm/engine into openssl". According to some google searches I have added a simple engine but It does not do anything. It's just an engine which can be load into openssl. How can complete this engine and add some encryption algorithm? Thanks in advance. -- SY, Dmitry Belyavsky </blockquote> </blockquote> -- SY, Dmitry Belyavsky </blockquote> </blockquote> -- SY, Dmitry Belyavsky </blockquote> -- Alexandre Aufrere - Keynectis-OpenTrust International PreSales Manager ME, APAC and CIS P. +971 4 433 7608 M. +971 55 716 2423
