Hi Mary, > In your last mail, u told that current release of OpenXPKI contains > the necessary code to be integrated with HSM. So Kindly provide me > the COMPLETE method of integration of HSM's with OpenXPKI ?
in order to integrate a new HSM in the OpenXPKI crypto backend you need to write a new "Engine" driver in trunk/perl-modules/core/trunk/ OpenXPKI/Crypto/Backend/OpenSSL/Engine/ The driver needs to implement a few commands which set up the engine for OpenSSL properly and provides Engine availability and key online checks. The nCipher HSMs use a wrapper command called "preload" that prefixes all OpenSSL commands accessing the HSM. In addition nCipher provides a dynamic OpenSSL engine which a program must use to access the HSM. Other HSMs may do this differently (e. g. without a wrapper). Cheers, Martin ------------------------------------------------------------------------------ Return on Information: Google Enterprise Search pays you back Get the facts. http://p.sf.net/sfu/google-dev2dev _______________________________________________ OpenXPKI-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openxpki-users
