Richard Levitte - VMS Whacker wrote:
>
> From: [EMAIL PROTECTED]
>
> levitte> Modified: crypto/engine Tag: BRANCH_engine hw_ncipher.c
> levitte> Log:
> levitte> Geoff inspired me to nullify some pointers if initialisation went
> levitte> wrong. Additionally, just give a new value to hndidx once.
>
> Steve, the hndidx hack is actually your code more or less taken
> straight as is. I understand most of it, but feel a little unsure
> about having hndidx being created once and once only. Can you verify
> that this was the intended way of use?
>
I havn't had a chance to look at the ENGINE code in any detail yet
but...
hndidx is to hold a new index for the additional data thats being used
in the RSA structure. As such it should be called once in a single
threaded context. This is what's normally done with this kind of thing.
Check the various EX_DATA manpages for more info on what its does.
Also if I recall hndidx is only used if you access a secure hardware
key, it never gets used for pure acceleration. So unless you plan to
export the nFast_loadRSAkey() function it wont be much use.
Secure key handling is probably best written to use the database stuff:
which I'm currently working on. It should then be more transparent.
Steve.
--
Dr Stephen N. Henson. http://www.drh-consultancy.demon.co.uk/
Personal Email: [EMAIL PROTECTED]
Senior crypto engineer, Celo Communications: http://www.celocom.com/
Core developer of the OpenSSL project: http://www.openssl.org/
Business Email: [EMAIL PROTECTED] PGP key: via homepage.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
