I'm not sure about the second question, but we found that the eracom engine submission was much more generic. When one of my co-workers tried to get our PKCS#11 libraries (openCryptoki) used by the Trustway module there were many issues, as well as specific calls directly to PKCs#11 functions rather than through the function list. If I remember correctly the Eracom submission from last year was much more generic and we had to do nothing except point it to our shared library... No requirements for GKPCS11 headers, no direct function calls...
Richard Levitte via RT wrote: > I've just started looking at this, and I've got a couple of > questions: > > 1. could this engine be considered a general PKCS#11 engine, or are > there specific ties to Trustway. I'd prefer to see a general > PKCS#11 engine. > > 2. Those extra functions in the RSA method, are they really needed? > I understand that they provide a lot of automagic things, but then > it should be added in the ENGINE framework as something that would > be potentially available for any hardware (that supports that extra > functionality). Also, when it comes to loading keys, the current > modus operandi is to explicitely use the ENGINE key loading > functions rather than having some implicit functionality going on. > The reason is that we'd prefer not to surprise the users too much. > > -- Steven A. Bade UNIX Network Security Cryptographic Strategy and Development Architecture [EMAIL PROTECTED] T/L 678-4799 (512)-838-4799 -- To convert from Hogsheads to Cubic Feet - Multiply by 8.4219 "Two-way communication is necessary to proactively facilitate acceptance and involvement and to get insights about the journey it takes to get where we want" this mess is so big and so bad and so tall, we cannot clean it up, there is no way at all (Cat in the Hat) ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
