|
The OpenSC engine code does not support ECDH. It is on the TODO
list. It took forever to get the ECDSA changes needed into OpenSSL to work with engines, that I never got to doing the ECDH in engine and libp11. On 12/10/2015 10:59 AM, Blumenthal, Uri
- 0553 - MITLL wrote:
I want to add that apparently some openssl commands work OK with this token and pkcs11 engine:$ openssl version OpenSSL 1.0.2e 3 Dec 2015 $ openssl dgst -engine pkcs11 -keyform engine -sign "pkcs11:object=SIGN%20key;object-type=private;pin-value=123456" -sha256 -out t.sig < config.h engine "pkcs11" set. $ ll t.sig -rw-r--r-- 1 ur20980 MITLL\Domain Users 256 Dec 10 11:52 t.sig $ openssl dgst -verify pub.key -keyform PEM -signature t.sig -sha256 < config.h Verified OK $ But I need to also be able to use “encrypt” (well, “decrypt” to be precise :) and “derive” (for ECDH key)… Thanks! -- Douglas E. Engert <deeng...@gmail.com> |
_______________________________________________ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
