Open Quantum Safe
Self signed certificate with OQS from C #1698
-
|
I would like to know how to create a self signed X509 certificate (without using the CLI), with OpenSSL 3.0, liboqs and the provider. In my specific case I can't use the provider from the CLI nor use the 1.1.1 branch. In addition, is it possible to call the provider programmatically from C code for dealing with the certificate? Any guidance would be greatly appreciated. |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment 1 reply
-
|
There's nothing special here: Simply use the usual OpenSSL APIs as you would for doing this with classic crypto sig algs. The only thing that changes is that you specify use of any of the supported PQC sigalgs instead of say "rsa2048" (and of course, ensure by any of the usual ways that |
Beta Was this translation helpful? Give feedback.
-
|
Thanks a lot, its working now. The problem was that I misunderstood how OpenSSL loaded and used providers. |
Beta Was this translation helpful? Give feedback.
There's nothing special here: Simply use the usual OpenSSL APIs as you would for doing this with classic crypto sig algs. The only thing that changes is that you specify use of any of the supported PQC sigalgs instead of say "rsa2048" (and of course, ensure by any of the usual ways that
oqsprovideris loaded -- alongside thedefaultprovider). Please also note thatoqsprovideris only used byopenssllogic, never directly by an app.