This should be a relatively trivial change to ssl_pphrase_Handle()... if szCryptoDevice is non-NULL, pass the private key path as the key_id to ENGINE_load_private_key. If that fails, fall back to the normal PEM loading code...
Kent > I've been looking into enabling apache+mod_ssl to use hardware keys > encrypted by a TPM. I have openssl's s_server test working using an > openssl TPM engine [1] and trousers [2]. It looks like the key to > getting this working in apache is support for engine format keys in > mod_ssl. Is there any interest in enabling engine format keys in > mod_ssl, or, is there another path to accomplish what I'm trying to > do? > > Thanks, > Kent > > [1] > http://cvs.sourceforge.net/viewcvs.py/trousers/applications/openssl_tpm_engine/ > [2] http://trousers.sf.net > -- Kent Yoder IBM LTC Security Dev. ______________________________________________________________________ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List modssl-users@modssl.org Automated List Manager [EMAIL PROTECTED]
