[Opendnssec-user] Enabling GOST algorithm

Rickard Bellgrim rickard at opendnssec.org
Fri Sep 27 05:45:17 UTC 2013


You can have a look on the SoftHSMv2 code:
https://github.com/opendnssec/SoftHSMv2/blob/master/src/lib/crypto/OSSLCryptoFactory.cpp#L77

SoftHSMv2 have support for GOST in both the Botan and the OpenSSL code.
OpenDNSSEC have support for GOST in libhsm, but not yet in the Enforcer.

// Rickard

On Thu, Sep 26, 2013 at 10:06 PM, elsif <jake at elsif.net> wrote:

> This would probably be best for an OpenSSL list, but since the goal here
> is to get GOST working in both ODS and BIND...
>
> Anyone have any tips on what one needs to do to enable GOST in openssl?
>
> I'm hoping to stick with Redhat-supplied RPM's, but if that's not possible
> I'm not entirely against compiling it myself.  Looking into that, though,
> there doesn't seem to be much community agreement on which compile-time
> options to use and/or what needs to go into openssl.cnf to make that happen.
>
> Problem is, most of what I've found via Google is either in Russian
> language or refers to the exploitable GOST in OpenSSL from years past.
>
> Any help would be greatly appreciated here,
>
> -Jake
> ______________________________**_________________
> Opendnssec-user mailing list
> Opendnssec-user at lists.**opendnssec.org<Opendnssec-user at lists.opendnssec.org>
> https://lists.opendnssec.org/**mailman/listinfo/opendnssec-**user<https://lists.opendnssec.org/mailman/listinfo/opendnssec-user>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opendnssec.org/pipermail/opendnssec-user/attachments/20130927/64af4118/attachment.htm>


More information about the Opendnssec-user mailing list