In summary the MS CAPI engine provides: - Support for RSA signing and verification operations that will work w/ non-exportable MS CAPI private keys, should work with any CAPI-compliant HW token (testing it w/ Rainbow iKey's this week) - Full access to any MS CAPI keystore, implemented a certificate lookup library that implements the X509_LOOKUP_METHOD "interface" (thus when verifying the certificate chain the MS CAPI "Root" and "CA" keystores can be used) - Engine interface to MS CAPI random number generator - SSL interface to allow visual selection of client certificate during negotiation phase (IE/Mozilla style, using an SSL (undocumented?) hook)
--- Frédéric_Giudicelli <[EMAIL PROTECTED]> wrote: > I already did this announce, but nobody seemed to care at the time :) > > I developed some BIO support for the MS SSPI, allowing to initiate from > openssl some SSL connection using a MS PCERT_CONTEXT, I would gladely > provide it to the OpenSSL project. > > Does your engine provide access to the certificate, or just the RSA bi-key ? > > > Frédéric Giudicelli > http://www.newpki.org > > > > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > Development Mailing List [EMAIL PROTECTED] > Automated List Manager [EMAIL PROTECTED] __________________________________ Do you Yahoo!? Yahoo! Calendar - Free online calendar with sync to Outlook(TM). http://calendar.yahoo.com ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]