Hello! I am using engine_pkcs11 (trunk in repository) with OpenSSL.
I want to pass PIN for commands of 'rsautl', 'smime' or 's_client', but ONLY 'openssl req' command can use -config option. There is a hint in a ticket "engine_pkcs11 doesn't forward PIN" http://www.opensc-project.org/engine_pkcs11/ticket/5 then I made a patch in attachment. Now I can use '-pass' option in openssl like below: % opensslOpenSSL> engine -t dynamic -pre SO_PATH:/usr/local/lib/engines/engine_pkcs11.so -pre ID:pkcs11 -pre LIST_ADD:1 -pre LOAD -pre MODULE_PATH:/usr/lib/pkcs11/libasepkcs.so -post VERBOSE OpenSSL> s_client -connect example.com:443 -CApath /etc/ssl/certs -verify 5 -engine pkcs11 -key 45 -keyform engine -cert /tmp/example.crt -pass pass:12345678
Also this patch includes a shared function 'free_pin()' for freeing 'pin' variable after whitened. Thanks in advance,
engine_pkcs11.c.diff
Description: Binary data
_______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
