Our project is using hardware tokens to do RSA crypto. I want to
use SSLeay's parsing functions to pull RSA crypto params out of an
X509v3 cert.
We're not licensing RSA (for now), so our SSL implementation
only wants to use DSA certs. So I want to remove all RSA software
crypto.
It seems to me that NO_RSA is not fine-grain enough, and that I'm going
to have to go into ssl and crypto/rsa and add some of my own #ifdef's.
Is this assessment correct? Anyone already done this? :)
While I'm here, an unrelated question: I am going to be creating my DSA
keypair for every SSL context. (Yes, the server cert will be a session key:)
Anyone foresee any problems with this?
Thanks.
/r$
+-------------------------------------------------------------------------+
| Administrative requests should be sent to [EMAIL PROTECTED] |
| List service provided by Open Software Associates, http://www.osa.com/ |
+-------------------------------------------------------------------------+
