The engines are all vendor specific today... There has been some work to bring a PKCS#11 "engine" in.... Look in the mailing list archives for posts from adnovum...
Eric Gilbertson wrote: > > Richard: > > I thought that the engine used PKCS#11 to interface to HSMs. In this > case it should be able to work with any PKCS#11 compatible device. > Your comment implies though that the engine interface is vendor > specific. Can you clarify? > > TIA, > > Eric Gilbertson > [EMAIL PROTECTED] > > > At 01:37 PM 3/14/2002 +0100, Richard Levitte - VMS Whacker wrote: > >> ferruh.zamangoer> <openssl-engine-0.9.6c.tar.gz> [LATEST] >> ferruh.zamangoer> <openssl-0.9.6c.tar.gz> >> ferruh.zamangoer> >> ferruh.zamangoer> but are there stable and what is difference between >> openssl-engine and >> ferruh.zamangoer> openssl . Can anybody help me ??? >> >> The 'engine' variant has an extra component (called an ENGINE :-)), >> which permits communication with certain external crypto devices >> (basically those we've been able to create an interface to). Those we >> support are all hardware devices, like the nCipher box or certain >> CryptoSwift cards. Only public key cryptography and random number >> generation are supported, as well as HSM keys for nCipher boxes that >> support it. >> >> In the upcoming version 0.9.7, the support has been extended to >> include symmetric ciphers and digests, as well as having engines in >> separate shared libraries (so others can develop their own engines >> without having it part of the OpenSSL source). >> >> -- >> Richard Levitte \ Spannvägen 38, II \ [EMAIL PROTECTED] >> Redakteur@Stacken \ S-168 35 BROMMA \ T: +46-8-26 52 47 >> \ SWEDEN \ or +46-708-26 53 44 >> Procurator Odiosus Ex Infernis -- [EMAIL PROTECTED] >> Member of the OpenSSL development team: http://www.openssl.org/ >> >> Unsolicited commercial email is subject to an archival fee of $400. >> See <http://www.stacken.kth.se/~levitte/mail/> for more info. >> ______________________________________________________________________ >> OpenSSL Project http://www.openssl.org >> User Support Mailing List [EMAIL PROTECTED] >> Automated List Manager [EMAIL PROTECTED] > > > > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List [EMAIL PROTECTED] > Automated List Manager [EMAIL PROTECTED] -- Steven A. Bade UNIX Network Security Cryptographic Strategy and Development Architecture [EMAIL PROTECTED] T/L 678-4799 (512)-838-4799 -- To convert from Hogsheads to Cubic Feet - Multiply by 8.4219 "Two-way communication is necessary to proactively facilitate acceptance and involvement and to get insights about the journey it takes to get where we want" this mess is so big and so bad and so tall, we cannot clean it up, there is no way at all (Cat in the Hat) ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
