Menu
▾
▴
Re: [Opensc-devel] How to build OpenSC/libp11 ?
|
From: Jana N. <jn...@al...> - 2017-08-25 19:50:52
|
Bernd thanks for pointing out that Opensc only support Aladen Token. With my project, we are currently using the Openssl library for Python to generate/store credentials on a usb stick. Now we need to access Safenet HSM instead of usb but want to continue to leverage Openssl cryptography from Python to access the Safenet HSM I've contacted Safenet, they gave me an Openssl toolkit to configure. On Thu, Aug 24, 2017 at 7:38 PM, Bernd Eckenfels <ec...@zu...> wrote: > BTW, SafeNet offers their own PKCS#11 library, I am not sure why you would > need the opensc version. Look for libCryptoki2_64.so > > I would expect Opensc to only work with Aladin Tokens but not with > (networked) HSMs. > > Gruss > Bernd > -- > http://bernd.eckenfels.net > ------------------------------ > *From:* Jana Nguyen <jn...@al...> > *Sent:* Friday, August 25, 2017 1:54:12 AM > *To:* Ben Cottrell > *Cc:* ope...@li... > *Subject:* Re: [Opensc-devel] How to build OpenSC/libp11 ? > > Hi Ben, > > You're correct, it generated libp11.so but NOT libpkcs11.so under > /usr/local/lib > > drwxr-x--- 2 root root 4096 Aug 24 20:37 pkgconfig > -rwxr-xr-x 1 root root 290953 Aug 24 20:37 libp11.so.2.4.7 > lrwxrwxrwx 1 root root 15 Aug 24 20:37 libp11.so.2 -> libp11.so.2.4.7 > lrwxrwxrwx 1 root root 15 Aug 24 20:37 libp11.so -> libp11.so.2.4.7 > -rwxr-xr-x 1 root root 938 Aug 24 20:37 libp11.la > -rw-r--r-- 1 root root 552282 Aug 24 20:37 libp11.a > > Ok, so my understanding is I should get OpenSSL engine? If so, can you > point me to the rpm or release? > > > > On Thu, Aug 24, 2017 at 4:24 PM, Ben Cottrell <Ben...@no...> > wrote: > >> Hi Jana, >> >> On Thu, 24 Aug 2017 16:11:24 -0700, Jana Nguyen wrote: >> > It seems running ./configure && make && sudo make install >> > >> > Did not generate me the: >> > >> > opensc-pkcs11.so and libpkcs11.so >> >> What *did* it generate? The openssl engine is called "pkcs11.so" when >> I build on Linux. I'm guessing if you don't tell the configure script >> any different, it'll end up in /usr/local/lib. >> >> If you're wanting to use it with openssl, you don't want "libp11.so" or >> "libpkcs11.so" -- those are lower level libraries that are part of the >> OpenSC libp11 project, they're not the OpenSSL dynamically-loadable >> engine. The OpenSSL engine is "pkcs11.so". >> >> ~Ben >> >> ------------------------------------------------------------ >> ------------------ >> Check out the vibrant tech community on one of the world's most >> engaging tech sites, Slashdot.org! http://sdm.link/slashdot >> _______________________________________________ >> Opensc-devel mailing list >> Ope...@li... >> https://lists.sourceforge.net/lists/listinfo/opensc-devel >> > > > ------------------------------------------------------------ > ------------------ > Check out the vibrant tech community on one of the world's most > engaging tech sites, Slashdot.org! http://sdm.link/slashdot > _______________________________________________ > Opensc-devel mailing list > Ope...@li... > https://lists.sourceforge.net/lists/listinfo/opensc-devel > > |
