Yes this is correct. I've done the same already and it wasn't that
difficut (~30min). However, I wasn't concerned if I broke SSL. I'm only
using X509, DSA, and Diffile-Hellman to do a modified Station-to-Station
implementation.
I'd send you my patches, but because I wasn't concerned about breaking SSL
and I made other changes so I can run embedded I don't think they'll be
much use to you.
Bill
[EMAIL PROTECTED]
http://www.cis.upenn.edu/~waa
On Tuesday, March 10, 1998 10:29 PM, Rich Salz [SMTP:[EMAIL PROTECTED]]
wrote:
> Our project is using hardware tokens to do RSA crypto. I want to
> use SSLeay's parsing functions to pull RSA crypto params out of an
> X509v3 cert.
>
> We're not licensing RSA (for now), so our SSL implementation
> only wants to use DSA certs. So I want to remove all RSA software
> crypto.
>
> It seems to me that NO_RSA is not fine-grain enough, and that I'm going
> to have to go into ssl and crypto/rsa and add some of my own #ifdef's.
>
> Is this assessment correct? Anyone already done this? :)
>
> While I'm here, an unrelated question: I am going to be creating my DSA
> keypair for every SSL context. (Yes, the server cert will be a session
key:)
> Anyone foresee any problems with this?
>
> Thanks.
> /r$
>
>
>
+-------------------------------------------------------------------------+
> | Administrative requests should be sent to [EMAIL PROTECTED]
|
> | List service provided by Open Software Associates, http://www.osa.com/
|
>
+-------------------------------------------------------------------------+
>
+-------------------------------------------------------------------------+
| Administrative requests should be sent to [EMAIL PROTECTED] |
| List service provided by Open Software Associates, http://www.osa.com/ |
+-------------------------------------------------------------------------+
