Lutz Behnke wrote:
>
> Hi Chris,
>
> I have recently been working on a PKCS#11 support for
> OpenSSL via a change to the EVP interface. I thing
> I can, at least conceptualy, answer all the questions
> below.
>
> If you are interested I could mail you the patches
> for you to have a look at them.
>
> > >X-Mailer: Liam [version 0.7]
> Whats that? never head of it.
> > >
> > >After my first round of adding nCipher support to SSLeay, I'm going to start
> > >working on a new hardware API for OpenSSL.
> Why Invent a new one? PKCS#11 is exactly designed for this. While one
> might argue
> that something sponsored by RSA Inc. is not as open as it can be, it is
> not as
> focused on SmartCards as PC/SC
Well it does most of what Chris says except the non blocking crypto
calls. There are also other types of behaviour that are a bit limited,
such as the session/PIN behaviour (which is being reviewed) and how it
handles removable tokens.
Wrt nCipher I don't think they have PKCS#11 on all platforms. I don't
think there's a Linux version for example... though someone please
correct me if I'm mistaken.
>
> I know that I have been talking about this for a long time. But I
> consider
> it a grave breach of netiquette to post ~1MB to a mailing list. Even in
> the
> days of Mailers that send Word-Docs as primary mail contetn. I mailed
> the
> changes to Steve, but have not heard from him yet.
>
Sorry I've been ridiculously busy recently. I should get a chance to
look at it shortly.
Steve.
--
Dr Stephen N. Henson. http://www.drh-consultancy.demon.co.uk/
Personal Email: [EMAIL PROTECTED]
Senior crypto engineer, Celo Communications: http://www.celocom.com/
Core developer of the OpenSSL project: http://www.openssl.org/
Business Email: [EMAIL PROTECTED] PGP key: via homepage.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
