Greetings,

I am trying to put pkcs11 support into openssl and would like
to use the evp interface throughout the ssl code to make
this and adding new async encryption in the future easier.
Then add pkcs11 support to the evp interface.

Now I have two questions:

a) Would you consider the above a valid way of doing it.
b) What are the meanings of the following defines in crypto/evp/evp.h:

        #define EVP_PK_RSA      0x0001
        #define EVP_PK_DSA      0x0002
        #define EVP_PK_DH       0x0004
        #define EVP_PK_PKCS11   0x0008
        #define EVP_PKT_SIGN    0x0010
        #define EVP_PKT_ENC     0x0020
        #define EVP_PKT_EXCH    0x0040
        #define EVP_PKS_RSA     0x0100
        #define EVP_PKS_DSA     0x0200
        #define EVP_PKT_EXP     0x1000 /* Export: <= 512 bit key */

        #define EVP_PKEY_NONE   NID_undef
        #define EVP_PKEY_RSA    NID_rsaEncryption
        #define EVP_PKEY_RSA2   NID_rsa
        #define EVP_PKEY_DSA    NID_dsa
        #define EVP_PKEY_DSA1   NID_dsa_2
        #define EVP_PKEY_DSA2   NID_dsaWithSHA
        #define EVP_PKEY_DSA3   NID_dsaWithSHA1
        #define EVP_PKEY_DSA4   NID_dsaWithSHA1_2
        #define EVP_PKEY_DH     NID_dhKeyAgreement

PK: ?
PKT: public/private key type (operations allowed)?
PKS: sub-types? I am a bit confused what the difference between PK
     and PKS is.
PKEY: object IDs? Are they used for anything but asn1 en-/decoding?


Any help apreciated, including RTFMs with a filename as param B-)

mfg lutz
-- 
*******************************************************************
Lutz Behnke                             Tel.:   040 / 766 29 1423
TC TrustCenter for Security             Fax.:   040 / 766 29 577
in Data Networks GmbH                   email: [EMAIL PROTECTED]
Am Werder 1    
21073 Hamburg, Germany

S/MIME Cryptographic Signature

Reply via email to