That does sound incredibly powerful (and right up the alley of what I'm try to do) but rather than peppering you with individual questions, is there any documentation other than tackling the code? (even an api man page wrt engine usage would help)
E.g. I'd like to specify the location of the windows cert store to look in for the certificate that I want to use being selecting the actual certificate, and it's not clear how I would do that, thanks again for your help ... N --- Nou Dadoun ndad...@teradici.com 604-628-1215 -----Original Message----- From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org] On Behalf Of Dr. Stephen Henson Sent: March 9, 2012 10:11 AM To: openssl-users@openssl.org Subject: Re: OpenSSL Windows CryptoAPI certificate and encrypt/decrypt interop On Fri, Mar 09, 2012, Nou Dadoun wrote: > I think I'll probably have to jump off that bridge when I get to it, but to > make progress I'm going to try to get something going in the interim. I > think I'll post some code (I suspect that the padding provided by the capi > encrypt/decrypt is somehow different than what openssl is doing - the ms > docs are woefully inadequate) but if anyone has pointers on information on > how to use the capi engine, I'd greatly appreciate it, thanks! ... N > You can actually use the capi ENGINE from the command line to perform private key operations. You specify -engine capi -inform/-keyform engine and the input key parameter can take several forms. The default is a string from the corresponding certificate DN so if it has "CN=steve" then "steve" would do. At an API level you use ENGINE_load_private_key("steve") which returns an EVP_PKEY structure which can then be used like any other private key. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
