All, I have the need to distinguish between a private key loaded regularly with openssl and one that is loaded by an engine (hw_pkcs11 trustway engine). It will always be an rsa key. I looked a bit at the definition of rsa_st and found that there is an engine pointer in there. Should this pointer be set to a specific value if an engine is used? In the implementation I use the pointer is not touched by the engine implementation (and I could not find an engine that does change that value) i.e. for a regular loaded pkey the pointer is set to the same address as for an engine loaded key and it is different from an engine pointer address if an engine is loaded.
Does anybody know if the engine SHOULD set this pointer? Is there another good way to distinguish the keys In case you are interested: the problem at hand lies in the fact that you can't DER encode a pkey that is only a handle for a priv. key on the engine device (in the trustway pkcs11 engine I use it leads to a segfault if one tries to encode such a pkey object) I would like to be able to detect engine held keys reliably to prevent this. Markus ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]