hi friends of xca, i would like to know if it is possible to use openssl engine CHIL in xca to perform criptographics operations with an HSM nCipher nShield F3 PCI like signing certificates. i mean accessing private key stored on HSM via openssl engine CHIL.
could anyone give some hints to do that?
how to use or define openssl engine CHIL?
Actually I'm pretty busy porting xca to QT4.
The next thing I will do is smart-card support.
Maybe in Summer im ready to start working on that topic.
That sounds like a REAL challange:
hardware dependencies, different approaches: pc/sc, PKCS#11, java, different OSs to support like WIN, MAC ,UNIX.
If you want to start coding on this, contact me first to coordinate work. I also think that going with OpenSSL Engine is a good idea, because XCA entirely uses OpenSSL.