Was openssl updated to use ops-provider in some way? #558
-
More of a theoretical question [necessary to understand the implementation of ops-provider for me]I understand the current standard protocols do not provision addition of new cryptographic primitives. However, with openssl3 we are able to add custom providers to add new algorithms and parameters. So I am interested to know or maybe some one can direct me to information/updates page, about what all changes were made in order to allow addition of PQC primitives and parameters to be used alongside the conventional ones? Actually I am trying to understand how ops-provider initiated, was it always possible with openssl3 versions to add new custom providers? Any help to provide some theoretical/historical knowledge would be great! |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment
-
Yes. Small caveat: Not all features were perfectly integrated from the start (but which software could claim that? :) This meant that for example provider-based signature algorithms could only be used in TLS starting with OpenSSL 3.2. KEMs were possible from the start (and that feature was my motivation to create oqsprovider in 2021). |
Beta Was this translation helpful? Give feedback.
Yes.
Small caveat: Not all features were perfectly integrated from the start (but which software could claim that? :) This meant that for example provider-based signature algorithms could only be used in TLS starting with OpenSSL 3.2. KEMs were possible from the start (and that feature was my motivation to create oqsprovider in 2021).