Greetings,
I am trying to put pkcs11 support into openssl and would like
to use the evp interface throughout the ssl code to make
this and adding new async encryption in the future easier.
Then add pkcs11 support to the evp interface.
Now I have two questions:
a) Would you consider the above a valid way of doing it.
b) What are the meanings of the following defines in crypto/evp/evp.h:
#define EVP_PK_RSA 0x0001
#define EVP_PK_DSA 0x0002
#define EVP_PK_DH 0x0004
#define EVP_PK_PKCS11 0x0008
#define EVP_PKT_SIGN 0x0010
#define EVP_PKT_ENC 0x0020
#define EVP_PKT_EXCH 0x0040
#define EVP_PKS_RSA 0x0100
#define EVP_PKS_DSA 0x0200
#define EVP_PKT_EXP 0x1000 /* Export: <= 512 bit key */
#define EVP_PKEY_NONE NID_undef
#define EVP_PKEY_RSA NID_rsaEncryption
#define EVP_PKEY_RSA2 NID_rsa
#define EVP_PKEY_DSA NID_dsa
#define EVP_PKEY_DSA1 NID_dsa_2
#define EVP_PKEY_DSA2 NID_dsaWithSHA
#define EVP_PKEY_DSA3 NID_dsaWithSHA1
#define EVP_PKEY_DSA4 NID_dsaWithSHA1_2
#define EVP_PKEY_DH NID_dhKeyAgreement
PK: ?
PKT: public/private key type (operations allowed)?
PKS: sub-types? I am a bit confused what the difference between PK
and PKS is.
PKEY: object IDs? Are they used for anything but asn1 en-/decoding?
Any help apreciated, including RTFMs with a filename as param B-)
mfg lutz
--
*******************************************************************
Lutz Behnke Tel.: 040 / 766 29 1423
TC TrustCenter for Security Fax.: 040 / 766 29 577
in Data Networks GmbH email: [EMAIL PROTECTED]
Am Werder 1
21073 Hamburg, Germany
S/MIME Cryptographic Signature
