Hello, On 12/6/11 6:02 , Peter Ordonez wrote: >>> engine_pkcs does not currently provide a way to get a certificate from >>> a PKCS#11 hard token when accessed from OpenSSL. I'd like to enhance >>> the engine to support the OpenSSL ENGINE_load_ssl_client_cert() >>> function, which returns among other things a x509 certificate. Since >>> the function provides no way that I can see to specify which >>> certificate to "load", I would do this by adding a method to the >>> engine to set the certificate name before actually getting the >>> certificate. The way the function would be used when interfacing with >>> OpenSSL would be roughly as follows: Would it allow to return a list of certificates instead? If there were multiple certificates, the application would be the best to decide which one to use (the search should also be over all available slots...)
I think that using a certificate should also indicate the private key to use, so that the only input from calling application would be the certificate and associated PIN code. Best, Martin -- @MartinPaljak +3725156495 _______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
