Sure.
On 12/11/2015 11:03 AM, Alexander
Gostrer wrote:
Hi Doug,
John and I implemented an
ECDSA/ECDH/ECDHE engine. We are in the process of final testing
and cleaning up. Changes to OpenSSL were pretty minor. Would
you like to review this code? We are planing to publish it on
github in a week or so.
Regards.
Alex
Sent from my iPhone
The OpenSC engine code does not support ECDH. It is on the
TODO list.
It took forever to get the ECDSA changes needed into OpenSSL
to work with engines, that I never
got to doing the ECDH in engine and libp11.
On 12/10/2015 10:59 AM,
Blumenthal, Uri - 0553 - MITLL wrote:
I want to add that apparently some openssl commands work OK with this
token and pkcs11 engine:
$ openssl version
OpenSSL 1.0.2e 3 Dec 2015
$ openssl dgst -engine pkcs11 -keyform engine -sign
"pkcs11:object=SIGN%20key;object-type=private;pin-value=123456" -sha256
-out t.sig < config.h
engine "pkcs11" set.
$ ll t.sig
-rw-r--r-- 1 ur20980 MITLL\Domain Users 256 Dec 10 11:52 t.sig
$ openssl dgst -verify pub.key -keyform PEM -signature t.sig -sha256 <
config.h
Verified OK
$
But I need to also be able to use “encrypt” (well, “decrypt” to be precise
:) and “derive” (for ECDH key)…
Thanks!
_______________________________________________
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
--
Douglas E. Engert <deeng...@gmail.com>
_______________________________________________
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
--
Douglas E. Engert <deeng...@gmail.com>
|
_______________________________________________
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
