Hello,
Martin Paljak wrote:
> Hello,
>
> On Apr 22, 2010, at 23:08 , Aleksey Samsonov wrote:
>
>> What are you think about solution in attachment? (openssl.cnf isn't needed
>> in this case)
>> Thanks
>> Index: src/pkcs11/openssl.c
>>
>
>> +#ifndef OPENSSL_NO_ENGINE
>> + ENGINE *e;
>> +
>> +#if !defined(OPENSSL_NO_STATIC_ENGINE) && !defined(OPENSSL_NO_GOST)
>> + ENGINE_load_gost();
>> +#else
>> + /* TODO: try to load dynamic gost engine */
> Does this mean that the gost engine (and thus software gost verification)
> only works if the gost engine is built in and not a dynamic engine?
No. This mean that I'm going to do it if concept is true.
>> +#endif /* !OPENSSL_NO_STATIC_ENGINE && !OPENSSL_NO_GOST */
>> +
>> + e = ENGINE_by_id("gost");
>> + if (e) {
>> + ENGINE_set_default(e, ENGINE_METHOD_ALL);
> Doesn't this affect RSA operations?
Gost engine doesn't have callback for ENGINE_METHOD_RSA. Therefore it
doesn't affect.
_______________________________________________
opensc-devel mailing list
opensc-devel@lists.opensc-project.org
http://www.opensc-project.org/mailman/listinfo/opensc-devel
