Hello,
I write an engine which shifts private key operations to a hardware 
security module.
I face a problem concerning the key generation process. The keys are 
stored in the hsm but
there exists an external reference file, like an keystore, which is used 
to address the key in conjunction 
with an alias name. If I invoke the key generation then a certain key_id 
is not available within the key 
generation function. Furthermore openssl saves the key and not the engine. 
Therefore I can't create 
a certain reference keystore and an alias for a key. 
Is there a possibility to allow the engine to save the key?

Here is an example of the problem. The execution of openssl req -newkey 
rsa:1024 -keyout <key_id> -engine <engine>
leads to the function call of rsa_keygen(RSA *rsa, BIGNUM *e, BN_GENCB 
*cb). But within this function and in no other function,
which is called before or after rsa_keygen, the key_id string is available 
to the engine.
But if the load_key function of an engine is called, an key_id, to specify 
the key, is available.

Thank you for your help.

Kind regards.
Andreas Grüner

-- 

Informationen (einschließlich Pflichtangaben) zu einzelnen, innerhalb der EU 
tätigen Gesellschaften und Zweigniederlassungen des Konzerns Deutsche Bank 
finden Sie unter http://www.deutsche-bank.de/de/content/pflichtangaben.htm. 
Diese E-Mail enthält vertrauliche und/ oder rechtlich geschützte Informationen. 
Wenn Sie nicht der richtige Adressat sind oder diese E-Mail irrtümlich erhalten 
haben, informieren Sie bitte sofort den Absender und vernichten Sie diese 
E-Mail. Das unerlaubte Kopieren sowie die unbefugte Weitergabe dieser E-Mail 
ist nicht gestattet.

Please refer to http://www.db.com/en/content/eu_disclosures.htm for information 
(including mandatory corporate particulars) on selected Deutsche Bank branches 
and group companies registered or incorporated in the European Union. This 
e-mail may contain confidential and/or privileged information. If you are not 
the intended recipient (or have received this e-mail in error) please notify 
the sender immediately and delete this e-mail. Any unauthorized copying, 
disclosure or distribution of the material in this e-mail is strictly forbidden.

Reply via email to