Hi! First, it's worth implementing a provider instead of an engine if you want to use OpenSSL 3.0+ because engines are deprecated. But if you still insist on the engine implementation, you'd have to implement EVP_PKEY_METHOD and EVP_ASN1_METHOD in your engine.
Hope this helps. On Thu, Dec 9, 2021 at 9:36 AM Bengt Warnemyr <bengt.warne...@gmail.com> wrote: > Hi OpenSSL team. > > I did subscribe to openssl-users on December 2 or 3 but haven't got > any response. > Sending my question again to this address. > > I'm developing an engine using an hsm for key storage and the > cryptographic operations when setting up a tls session with libssl. > I have it working for RSA and EC keys by implementing > ENGINE_set_load_pubkey_function(e, my_load_pub_key_function) > ENGINE_set_load_privkey_function(e, my_load_priv_key_function) > ENGINE_set_pkey_meths(e, my_pmeths_function) > > When my engine instantiates a EVP_PKEY the public part of RSA/EC_KEY > is set with data from the hsm > and gives it my RSA_METHOD/EC_KEY_METHOD. > Then I use RSA_set_ex_data/EC_KEY_set_ex_data to store information > about the hsm key to use. > > However ECX_KEY isn't public nor does it have any METHOD or ex data. > > My question is how to support ed25519/ed448 keys? > > /Bengt > -- SY, Dmitry Belyavsky
