Hello, Martin Paljak wrote: > Hello, > > On Apr 22, 2010, at 23:08 , Aleksey Samsonov wrote: > >> What are you think about solution in attachment? (openssl.cnf isn't needed >> in this case) >> Thanks >> Index: src/pkcs11/openssl.c >> > >> +#ifndef OPENSSL_NO_ENGINE >> + ENGINE *e; >> + >> +#if !defined(OPENSSL_NO_STATIC_ENGINE) && !defined(OPENSSL_NO_GOST) >> + ENGINE_load_gost(); >> +#else >> + /* TODO: try to load dynamic gost engine */ > Does this mean that the gost engine (and thus software gost verification) > only works if the gost engine is built in and not a dynamic engine?
No. This mean that I'm going to do it if concept is true. >> +#endif /* !OPENSSL_NO_STATIC_ENGINE && !OPENSSL_NO_GOST */ >> + >> + e = ENGINE_by_id("gost"); >> + if (e) { >> + ENGINE_set_default(e, ENGINE_METHOD_ALL); > Doesn't this affect RSA operations? Gost engine doesn't have callback for ENGINE_METHOD_RSA. Therefore it doesn't affect. _______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel