Thanks to add these patches to the openssl contibution page
PKCS#11 engine:
updates for
. openssl 0.9.7d
. engine-0.9.6m
Regards
[EMAIL PROTECTED]
Bull TrustWay
__
OpenSSL Project
Hi Gilad,
You must copy the public key file generated by openssl (cakey.pem)
in usr/local/appache/ssl.crt/server.key.
The pkcs#11 engine "load_private_key" function read the public key file
to find the private key in the hardware.
cheers
Afchine
__
[EMAIL PROTECT
Hi,
I have written this patch to be used with a hardware Crypto PKCS#11
accelerator
which can store keys. It is used in my company in TrustWay SSL accelerator
and,
TrustWay Apache-SSL accelerator with the Bull PCI CC2000 HSM.
Our HSM doesn't require C_Login. I believe that call to C_Login is mandat
m: "Gilad Finkelstein" <[EMAIL PROTECTED]>
To: "'Afchine Madjlessi'" <[EMAIL PROTECTED]>
Sent: Wednesday, June 18, 2003 7:33 PM
Subject: RE: pkcs#11 engine for openssl
> HI Afchine,
> I probably do not understand fully the concept of the engine modu
this should be the generic case of pkcs#11 implementation)
>
> I would also like to add the ability to create the certificate on the
> hardware token and not as a file.
>
>
>
> Thanks for your help
>
> Gilad
>
>
>
> -----Original Message-
> From: Gilad
Hi,
I used the joined shell to generate key pair on my crypto hardware, a CSR,
and make a self-signed certificate.
Regards
Afchine Madjlessi
- Original Message -
From: "Gilad Finkelstein" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Wednesday, June 11, 2003 4:
to work
properly within OpenSSL.
So, you can find attached to this mail updates taking in account your
advice.
Cheers,
Afchine Madjlessi
__
[EMAIL PROTECTED]
Bull TrustWay R&D, France
http://www.servers.bull.com/trustway
trustway-pkcs11-openssl-eng
to work
properly within OpenSSL.
So, you can find attached to this mail updates taking in account your
advice.
Cheers,
Afchine Madjlessi
__
[EMAIL PROTECTED]
Bull TrustWay R&D, France
http://www.servers.bull.com/trustway
trustway-pkcs11-openssl-0.9.7.patch
This patch implements a generic pkcs#11 engine in openssl-0.9.7.
Applying this patch to openssl-0.9.7 allows applicatioto use
the security functions provided by a cryptographic card supporting
the PKCS#11 interface.
This release permits to use the key storage in secure memory and
acceleration
t; <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
Sent: Monday, December 16, 2002 9:47 AM
Subject: [openssl.org #11] Fw: trustway pkcs11 engine for openssl
>
> It's so nice that someone provided pkcs11 enginge patch.
>
t; <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
Sent: Monday, December 16, 2002 9:47 AM
Subject: [openssl.org #11] Fw: trustway pkcs11 engine for openssl
>
> It's so nice that someone provided pkcs11 enginge patch.
>
Hi Fred,
> " Frederic DONNAT" <[EMAIL PROTECTED]> wrote:
> Hi,
> First of all, thanks for your answer.;)
> A few question about your PKCS#11 ENGINE.
> When you say that the stored private key can be load:
> - do you mean that one can get it from the store?
> -or do you mean that one can
Hi,
Our PKCS#11 generic engine delivered to openssl provides already RSA_generate_key and
is able to store private key in the hardware crypto. It provides also i2d & d2i RSA
functions to load the stored private keys from the crypto card.
These methods are added in RSA_method. This patch is non-i
would be more likely to be
> incorporated into 0.9.8???
>
> afchine madjlessi wrote:
> > I've made some improvements in the Bull trustway pkcs#11 engine to be more generic.
> > In this release, PKCS#11 functions are called through the functions list rather
>than specific
card on Linux. It
have been tested also on Win32.
Cheers,
Afchine Madjlessi
__
[EMAIL PROTECTED]
Bull - Trustway R&D - Networking & Security
http://www.servers.bull.com/trustway
__
aSteven A. Bade wrote
> The 64$ question from my mind is are you working on a 0.9.7 engine for
> PKCS#11... That's the one of particular interest to me in the long run.
>
of course.
afchine
__
[EMAIL PROTECTED]
Bull - Trustway R&D - Networking & Security
http:
You can find here the last updates for Trustway PKCS#11 engine.
ChangeLog:
- patch update for openssl-engine-0.9.6d
- patch update for mod_ssl-2.2.10-1.3.26
Work on a generic non-intrusive version of pkcs11 engine implementation for
openssl is in progress.
I will submit it as soon as possible.
ity going on.
> > The reason is that we'd prefer not to surprise the users too much.
> >
> "Afchine Madjlessi" <[EMAIL PROTECTED] > wrote
> The Bull Trustway CC2000 isn't only a cryptographic accelerator card,
> it is a high level security hardwar
Zoran,
could you please send me source code of Eracom
PKCS11 engine for openssl?
regards
__[EMAIL PROTECTED]Bull
Technologies -Trustway R&D - Networking & Securityhttp://www.servers.bull.com/trustway
- Original Message -
From:
Zoran Rade
"Steven Bade" <[EMAIL PROTECTED]> wrote
> We generate all keys within our "tokens" Some tokens such as the
> 4758 keep all the token objects within the secure boundary, and rely on
> the proper PKCS#11 attributes to control selection, keys generated stay
> within the FIPS4 boundary. Others
"Steven Bade" <[EMAIL PROTECTED]> writes:
> I'm not sure about the second question, but we found that the eracom
> engine submission was much more generic. When one of my co-workers
> tried to get our PKCS#11 libraries (openCryptoki) used by the Trustway
> module there were many issues, as wel
"Richard Levitte via RT" <[EMAIL PROTECTED]> writes:
>
> I've just started looking at this, and I've got a couple of
> questions:
>
> 1. could this engine be considered a general PKCS#11 engine, or are
> there specific ties to Trustway. I'd prefer to see a general
> PKCS#11 engine.
>
This engin
You can find here the last updates for Trustway PKCS#11 engine.
ChangeLog:
- add of PKCS#11 free session callback function
- add of generate RSA temp keys callback function
- logging PKCS#11 error codes
These patches applies to openssl-engine-0.9.6c and mod_ssl-2.2.8-1.3.24.
Afchine
_
Based on openssl-engine-0.9.6c, we have developed a new engine which
allowsopenssl applications and Apache-mod_ssl servers to use through a
PKCS#11interface the security functions provided by the Bull trustway cc2000
cryptographiccard, taking advantage of key storage in secure memory and
acc
Based on openssl-engine-0.9.6c, we have developed a new engine which allows
openssl applications and Apache-mod_ssl servers to use through a PKCS#11
interface the security functions provided by the Bull cc2000 cryptographic
card, taking advantage of key storage in secure memory and acceleration of
Hello everybody,
We are implementing an new engine (based on openssl 0.9.6c) to use the RSA
PKCS11 interface of our crypto hardware (Bull Trustway CC2000).
We would like to access our C_GenerateKeyPair PKCS11 function through the
openssl RSA_generate_key.
So we are adding a new entry gen_key in t
26 matches
Mail list logo
