On Aug 30, 2010, at 5:16 PM, Andre Zepezauer wrote: > Possibly libksba could replace openssl in the future. It provides the > functionality required by opensc (certificate and public key handling) > but without the cryptographic operations. I haven't used it in the past, > therefore I can't tell you any details. But it may be a target of > evaluation. > > http://www.gnupg.org/related_software/libksba/index.en.html > http://cvs.gnupg.org/cgi-bin/viewcvs.cgi/trunk/src/ksba.h?revision=322&root=KSBA&view=markup
Alternative possibilities would be nice, but unfortunately OpenSC is pretty deeply interwoven with OpenSSL, as it has been an approved library. It would be nice to collect Windows specific (mostly registry) code in OpenSC into a "platform_windows.c" kind of place and OpenSSL related things to "crypto_openssl.c" with a common interface, so that it could be switched to "crypto_gnutls.c" for example (or to libksba). But that's pretty low priority. It also causes some confusion, like unwanted behavior differences depending on the chosen crypto library (some Linux software can be used with GnuTLS or OpenSSL (and maybe also NSS?) and behave differently). At least subversion and the SSL renegotiation issue behaved differently with libneon (with OpenSSL) and libneon (with GnuTLS). -- Martin Paljak @martinpaljak.net +3725156495 _______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel