Hi,
David Mattes wrote: > This is a request for information. Does anyone have any experience > using OpenSSL with smartcards in Linux? Are you using the Trustway > PKCS11 OpenSSL patch? I'm investigating the use of a smartcard to > negotiate an stunnel. Stunnel uses the OpenSSL libraries, and it seems > that OpenSSL crypto engine support is slowly getting more mature with > 0.9.7a. I tried openssl + trustway patch + opensc. It seems to work, but the pkcs11 engine in openssl doesn't ask for pins, does not login, and thus does not find my key. It is written for a pci hardware crypto board, and I guess they don't need login/pin/puk/so pin/ so puk and stuff like that. Also to use a private key you need to have the public key as file on your hard disk. Thats strange, I guess keys have an id in pkcs#11 so the code could lookup the key by ID? result: nice patch, but not written for smartcards. however improving it for smartcards shouldn't be too hard, openssl has already some infrastructure (e.g. for asking a pin before loading the key / use of a pin passed somehow). Regards, Andreas _______________________________________________ Muscle mailing list [EMAIL PROTECTED] http://lists.musclecard.com/mailman/listinfo/muscle
