[openssl.org #1553] mscrypto engine for 0.9.8

Fri, 29 Jun 2007 01:19:23 -0700 

Please find attached file "openssl-mscrypto-20070625.tar.gz" with 
openssl engine that can use keys from windows key-store. The engine can 
work with external keys too.

Source is for openssl version 0.9.8 and  mingw build require openssl 
source with mingw patch for 0.9.8 from request #1552 ( see OpenSSL 
Request Tracer ).

Directory "engines/" contain source code and in "test/" are batch files 
for test cases, environment and sample openssl config files for engine 
(openssl.cnf is for 0.9.7). Engine can be used in 0.9.7 but 
mscrypto_err.* should be recreated with corresponding util/mkerr.pl . 
Engine support only rsa key/certificates. You don't need to mark the 
private key as exportable when import PKCS#12(pfx) file. Engine can use 
certificates/keys stored on smart cards.

Tests require private key, corresponding public key and certificate that 
match private key. Every test case
is operation with engine and opposite  operation without. Character "a" 
in test case is for with->without engine, "b" is for "without->with". 
Test case 1x is for "rsautl" encrypt->decrypt, 2x - "rsautl" 
sign->verify, 3x1 -  dgst sign->verify with keys/certs form files and in 
3x2 (dgst sign->verify) engine will use certificate from key-store. For 
test cases 3{a,b}2  certificate with matching private key should be 
loaded into key-store.
In test cases 2{a,b} rsautl sign->verify should fail. This look like 
problem with implementation in used crypto provider.

File env.bat set paths to openssl program and configuration, engine, key 
files, certificate "canonical name", etc. To run test you should set 
TEST in "do_test.bat" and to run it.

Extension of openssl configuration file is cnf and by default is always 
hidden.


Instruction for mingw build environment:

Build command:
$ make -f Makefile.mscrypto OPENSSLSRC=<path_to_openssl_source>
Make sure that openssl is build and installed.

To install:
$ make -f Makefile.mscrypto install {INSTALLTOP=...} {INSTALL_PREFIX=..}
, where INSTALLTOP and INSTALL_PREFIX are optional.


Roumen

Attachment: openssl-mscrypto-20070625.tar.gz
Description: application/gzip

Reply via email to