On 2/22/2013 9:16 AM, Rajeswari K wrote:
Hello Team,
We have a requirement to support onboard crypto engine which doesn't
share private keys to openssl. Current openssl code requires private
keys in its possession to succeed with handshake process.
Is there any way to skip updation of private keys in the ssl context and
still proceed with handshake? If so, how we need to configure? Can you
please provide pointers?
Yes, it is called "engines". OpenSSL comes with a collection of engine
plugins for various crypto hardware, plus generic engines for hardware
that makes its crypto operations available via a PKCS#11 or Microsoft
CryptoAPI driver. There is also documentation for writing your own
engine if none of the available engines are good enough.
Enjoy
Jakob
--
Jakob Bohm, CIO, Partner, WiseMo A/S. http://www.wisemo.com
Transformervej 29, 2730 Herlev, Denmark. Direct +45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org