From: paula <[EMAIL PROTECTED]>
paula> I've been looking at the new code in BRANCH_ENGINE for adding
paula> support for hw crypto cards. It looks like the code is pretty
paula> straight forward for adding new cards. It doesn't look like
paula> there is code there to protect the private keys (keep them on
paula> the card). Can you tell me how the keys are being protected or
paula> tell me if there are plans to add such code?
The only code that we have right now that deals with keys at all is
the HWCryptoHook (CHIL) part, which is currently bound to nCipher
(they've implemented that library). As it is now, the CHIL library
takes care of protecting the key, all the engine does is keep around
references to those keys and rely on the underlying library to protect
the keys at it sees fit.
All will actually depend on what the different vendor libraries will
do in this area.
--
Richard Levitte \ Spannvägen 38, II \ [EMAIL PROTECTED]
Chairman@Stacken \ S-168 35 BROMMA \ T: +46-8-26 52 47
Redakteur@Stacken \ SWEDEN \ or +46-709-50 36 10
Procurator Odiosus Ex Infernis -- [EMAIL PROTECTED]
Member of the OpenSSL development team: http://www.openssl.org/
Software Engineer, Celo Communications: http://www.celocom.com/
Unsolicited commercial email is subject to an archival fee of $400.
See <http://www.stacken.kth.se/~levitte/mail/> for more info.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
