Menu
▾
▴
Re: [Opensc-devel] [WIP PATCH] Add support for standard PKCS#11 URIs to ENGINE_PKCS11
|
From: Nikos M. <n.m...@gm...> - 2014-12-10 15:19:26
|
On Wed, Dec 10, 2014 at 3:55 PM, Douglas E Engert <dee...@gm...> wrote: >>> The issue with OpenSSL and engines that use keys other then RSA is still a show stopper >>> for future engine development. I was looking for someone outside OpenSC to push >>> OpenSSL to put some effort into the issue: >>> >>> http://rt.openssl.org/Ticket/Display.html?id=2568 >> >> I still think that the easier option is to get the PKCS#11 engine merged >> *into* OpenSSL, and then we don't have to care about visibility of >> private headers. OpenSSL is the last major crypto library that doesn't >> have PKCS#11 support. > Easier? > Have you every dealt with the OpenSSL developers? There was a recent message in the openssl mailing list because of an old ticket, and based on the last comment it seems they will be quite receptive on pkcs11 support: http://rt.openssl.org/Ticket/Display.html?id=11&user=guest&pass=guest regards, Nikos |
