Menu
▾
▴
Re: [Opensc-devel] Relation between engine_pkcs11 and openssl
|
From: Petr P. <pet...@at...> - 2015-01-01 13:43:12
|
On Thu, Jan 01, 2015 at 05:16:55PM +0530, sarat wrote: > From Github(https://github.com/OpenSC/engine_pkcs11) I cloned the project > into my desktop, but I couldn't find any Readme file to start with. > Can you please help me in letting know > 1)How to compile engine_pkcs11 It uses autotools-based build script. Run "autoreconf --install" to create a configure script (or there is ./bootstrap which does almost the same), then run the script (probably as "./configure --disable-static --enable-shared --disable-doc --prefix=/usr") and then run the "make". The resulting file is src/.libs/engine_pkcs11.so. You can run "make install" as root to install it into your system. Don't forget to install OpenSSL and libp11 librariaries and header files before. If your desktop is a sane Linux distribution, I'm pretty sure you can read instruction which dependencies are needed and how to build the code in your distribution's engine_pkcs11 source package. > and how can I link this to #pkcs11? > To configure OpenSSL to know about the engine and to use OpenSC PKCS#11 module by the engine_pkcs11, you add something like this into your global OpenSSL configuration file (/etc/ssl/openssl.cnf probably): [engine_section] pkcs11 = pkcs11_section [pkcs11_section] engine_id = pkcs11 dynamic_path = /usr/lib/engines/engine_pkcs11.so MODULE_PATH = /usr/lib/opensc-pkcs11.so init = 0 The dynamic_path value is the engine_pkcs11 plug-in, the MODULE_PATH value is the OpenSC PKCS#11 plug-in. The engine_id value is an arbitrary identifier for OpenSSL applications to select the engine by the identifier. -- Petr |
