Richard Levitte
Richard Levitte
I do understand that the recommended way may be daunting... I have written a small provider error library that may be useful, though, as part of [libprov](https://github.com/provider-corner/libprov). The files of...
In retrospect, maybe you're right. I dunno. I can't quite recall the reasoning we made back then...
Oh, so I guess I must learn Rust, then? 😆 (I've tried to avoid that, knowing full well that I'll have to some day)
Actually, this could be much simpler than I anticipated. `SSL_ERROR_ZERO_RETURN` indicates that the TLS peer closed the connection without a close notify. This has become more "normal" lately, so OpenSSL...
@iyanmv's curl example shows that this happens in the handshake. There is one thing that might, or might not be related to this: the OQS provider uses SIGALG capabilities to...
Unfortunately, PKCS#7 and CMS aren't fully supported for use with providers... yet. I'm currently writing a design for the missing bits. It's too late for them to appear in 3.2,...
Q2-2024 is a good target to start exploring, yeah. Or if you feel adventurous, have a look at what happens on https://github.com/openssl/openssl
The concrete things that's missing is a replacement mechanism for these ctrls: `EVP_PKEY_CTRL_CMS_ENCRYPT`, `EVP_PKEY_CTRL_CMS_DECRYPT` and `EVP_PKEY_CTRL_CMS_SIGN`. Their *intent* is really to pass the AlgorithmIdentifier param to the backend (legacy /...
There are similar ctrls for PKCS7, which I believe is what's hitting @Muzosh
I actually don't know. I would need some test cases that should trigger them, and time.