On Thu, Feb 21, 2019 at 04:20:53PM +0000, Matt Caswell wrote: > > 2. Can we do something with a bunch of hard-linked non-extendable lists of > > internal NIDs? > > > For example, providing GOST algorithms always requires a patch to extend 3-5 > > internal lists. > > If it could be done dynamically, it will be great. The simplest solution is to submit a PR to add your OIDs to OpenSSL, so that no furher out of tree patches are required. Dynamic NIDs don't fit very well into the design, because NIDs are expected to be stable compile-time constants. We could perhaps reserve a range for "private-use", and "engines" could allocate new NIDs in the private space at runtime. The key question is whether such NIDs are global or valid only if returned to the same engine (provider, ...). If not global, the allocation might be static within the engine, and not require any locks. -- Viktor.
