Christopher Nebergall wrote:
I've been working with some patches to curl I found on the curl mailing
list to support openssl and opensc's engine_pkcs11.
Basically it consists of
Curl 7.14 + patch which adds dynamic engine support -> opensc-20050826
[engine_pkcs11.so] -> soft-pkcs11 1.2
on
Ubuntu Linux (5.04) Kernel 2.6.10-5-386
actually the openssl version would be more interesting
The problem is that engine_pkcs11 from opensc registers custom rsa
functions for its purposes. They dlopen a pkcs11 library in my case
soft-pkcs11 which is also implemented using openssl. The problem is
that the soft token seems to be calling the rsa functions registered by
opensc and not the original versions. I need some advice or background
on overriding crypto implementations to figure out how to make
soft-pkcs11 not inherit the opensc's overridden functions.
you could use RSA_set_method with RSA_PKCS1_SSLeay for example
I would have
thought since soft-pkcs11 was dlopened that this wouldn't have inherited
the modified functions.
the default engine is a global parameter
Nils
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]