Menu
▾
▴
Re: [Opensc-devel] How to build OpenSC/libp11 ?
|
From: Sanaullah <san...@gm...> - 2017-08-25 02:53:50
|
> >BTW, SafeNet offers their own PKCS#11 library, I am not sure why you would >> need the opensc version. Look for libCryptoki2_64.so > >I would expect Opensc to only work with Aladin Tokens but not with >> (networked) HSMs. >>I think I'm in largely the same situation as Jana is -- my team >needed something to be able to make openssl be able to do crypto >operations against keys stored in a networked HSM. >Specifically the openssl engine that is part of opensc, is the >piece of opensc that we're using. It works in conjunction with (not >instead of) the vendor's pkcs11 library. >I assume the libCryptoki2_64.so you mention, is what Jana is going >to have to put in as the MODULE_PATH parameter for the opensc >openssl engine. There is patch from safenet which you should request to safenet in order to work with openssl or use the safenet provided tools to work on safenet networked HSM like CloudHSM Regards, Sanaullah ------------------------------------------------------------ ------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot On Fri, Aug 25, 2017 at 7:47 AM, Ben Cottrell <Ben...@no...> wrote: > Bernd, > > On Fri, 25 Aug 2017 02:38:23 +0000, Bernd Eckenfels wrote: > > BTW, SafeNet offers their own PKCS#11 library, I am not sure why you > would > > need the opensc version. Look for libCryptoki2_64.so > > > > I would expect Opensc to only work with Aladin Tokens but not with > > (networked) HSMs. > > I think I'm in largely the same situation as Jana is -- my team > needed something to be able to make openssl be able to do crypto > operations against keys stored in a networked HSM. > > Specifically the openssl engine that is part of opensc, is the > piece of opensc that we're using. It works in conjunction with (not > instead of) the vendor's pkcs11 library. > > I assume the libCryptoki2_64.so you mention, is what Jana is going > to have to put in as the MODULE_PATH parameter for the opensc > openssl engine. > > ~Ben > > ------------------------------------------------------------ > ------------------ > Check out the vibrant tech community on one of the world's most > engaging tech sites, Slashdot.org! http://sdm.link/slashdot > _______________________________________________ > Opensc-devel mailing list > Ope...@li... > https://lists.sourceforge.net/lists/listinfo/opensc-devel > |
