Hi Jan, > On 21. Mar 2024, at 14:28, Jun Aruga (he / him) <jar...@redhat.com> wrote: > > > * https://github.com/ruby/openssl/issues/722 >> The Engine API was deprecated in OpenSSL 3 and there seems to be > no alternatives for it at the moment using Provider API. The providers > can only be loaded, but there seems to be no way to load keys using an > uri (for ex. pkcs11 uri scheme)
As I understand that ticket, the functionality exists in OpenSSL, but ruby OpenSSL module does not expose it. In any case, some providers are also providing workarounds for this problem. See for example https://github.com/latchset/pkcs11-provider/pull/328, which allows the PKCS11 provider to work everywhere where a simple PEM private key file is currently supported. With this, the Ruby OpenSSL module has all the time in the world to make the transition. -- Clemens Lang RHEL Crypto Team Red Hat -- _______________________________________________ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
