Hi Thanks. Do openssl commands differ from Linux to FreeBSD?
On Sunday, February 9, 2014 11:53 AM, Alexandre Aufrere <alexandre.aufr...@opentrust.com> wrote: Hi > > >You should use them as usual, just adding -engine gost to the commands. > > >Also, since you'll probably need gost certs, don't forget to generate: >openssl req -new -newkey gost2001 -pkeyopt paramset:XA -keyout test.key -nodes >-x509 -subj /CN=ServerTest > > >Knowing that, in GOST 2001, paramset A is required for client auth, and >paramset XA for server auth. All other parameters are chosen automatically >(though this will change a bit in GOST 2012). > > > > > > > > > > >________________________________ > >De: "Nomad Esst" <noname.e...@yahoo.com> >À: openssl-users@openssl.org >Envoyé: Dimanche 9 Février 2014 11:51:42 >Objet: Re: Adding my own algorithm into openssl > > > >Hi >Thanks Dmitry. >I will do that as soon as I complete writing my engine. >But first I want to establish a secure connection between s_server and >s_client involving gost engine in order to get more familiar with gost as a >written engine. What should I do? How can I run the test? > > > > > > >On Sunday, February 9, 2014 11:10 AM, Dmitry Belyavsky <beld...@gmail.com> >wrote: > >Hello! >> >> >>If you are going to use your algorithm to your own SSL ciphersuites, you have >>to patch the libssl library itself. >>If you execute the command grep -ri gost ssl/ in your openssl directory, you >>find all the places than should be patched for it though not all may be >>necessary to patch for your purpose. >> >> >> >> >> >> >> >>On Sun, Feb 9, 2014 at 11:13 AM, Nomad Esst <noname.e...@yahoo.com> wrote: >> >>Thanks for your useful reply. >>>It seems that gost is loaded into openssl successfully. I used the command >>>you mentioned and the output was correct. >>>I'm planning to write my own engine but first I want to establish a secure >>>connection between s_server and s_client involving gost engine in order to >>>get more familiar with gost as a written engine. What should I do? >>> >>> >>> >>>On Sunday, February 9, 2014 10:38 AM, Dmitry Belyavsky <beld...@gmail.com> >>>wrote: >>> >>>Hello! >>>> >>>> >>>>You should call, for example, the >>>> >>>> >>>>openssl engine -c gost >>>> >>>> >>>>command. >>>> >>>> >>>>If engine is loaded, you see the list of gost algorithms. >>>>gost89 and gost89-cnt are the cipher algorithms. >>>> >>>> >>>> >>>>On Sun, Feb 9, 2014 at 10:27 AM, Nomad Esst <noname.e...@yahoo.com> wrote: >>>> >>>>Thanks. >>>>>I have some problems using gost as engine. I followed the instructions as >>>>>mentioned in readme file. But I can't see the ciphers in the list. What >>>>>else should I do? >>>>> >>>>> >>>>> >>>>> >>>>>On Saturday, February 8, 2014 5:06 PM, Dmitry Belyavsky >>>>><beld...@gmail.com> wrote: >>>>> >>>>>Hello! >>>>>> >>>>>> >>>>>>You can take the ccgost engine as example. >>>>>> >>>>>> >>>>>> >>>>>>On Sat, Feb 8, 2014 at 12:24 PM, Nomad Esst <noname.e...@yahoo.com> wrote: >>>>>> >>>>>>Hi >>>>>>>I'm new here and I know what I'm going to ask is some kind of a frequent >>>>>>>question and has been asked many times but please help me with that >>>>>>>since I don't really get a clean solution on how "add a custom >>>>>>>algorithm/engine into openssl". >>>>>>>According to some google searches I have added a simple engine but It >>>>>>>does not do anything. It's just an engine which can be load into >>>>>>>openssl. How can complete this engine and add some encryption algorithm? >>>>>>> >>>>>>>Thanks in advance. >>>>>>> >>>>>>> >>>>>>> >>>>>> >>>>>> >>>>>> >>>>>>-- >>>>>>SY, Dmitry Belyavsky >>>>>> >>>>>> >>>> >>>> >>>> >>>>-- >>>>SY, Dmitry Belyavsky >>>> >>>> >> >> >> >>-- >>SY, Dmitry Belyavsky >> >> >> > > > > > >-- > >Alexandre Aufrere - Keynectis-OpenTrust >International PreSales Manager ME, APAC and CIS >P. +971 4 433 7608 >M. +971 55 716 2423 > > >
