Hi Jan, It definitely helps. I am already looking into this standard.
Thank you, Alex. On Mon, Jul 20, 2015 at 8:21 AM, Jan Just Keijser <janj...@nikhef.nl> wrote: > Hi Alexander, > > > Alexander Gostrer wrote: > >> Hi All, >> >> I am working on an OpenSSL modification for a hardware accelerator who >> generates and uses private keys internally without a way to export/import >> them. The standard OpenSSL approach is to use keys from files. Is there any >> preferred way to point to keys in the hardware? There is more and more >> hardware on the market that people want to use directly from the OpenSSL. >> >> There is a standard for this, PKCS#11, that is fairly well supported by > OpenSSL. Numerous hardware tokens and smartcards exist that can interact > with OpenSSL (via engine_pkcs11). I have personal experience with various > usb hardware tokens from Feitian and Aladdin/SafeNet. The main feature of > such tokens is that indeed the private key cannot be exported from the > device. > > > hope this helps, > > JJK / Jan Just Keijser > > _______________________________________________ > openssl-dev mailing list > To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev >
_______________________________________________ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
