Richard Levitte - VMS Whacker wrote: > > In message <[EMAIL PROTECTED]> on Sun, 26 Mar 2006 00:51:54 +0100, Francesco > Gennai <[EMAIL PROTECTED]> said: > > francesco.gennai+openssl> I need to sign e-mail messages in OpenVMS > francesco.gennai+openssl> environment by a signing device (SmartCard, > francesco.gennai+openssl> HSM, other...) > francesco.gennai+openssl> > francesco.gennai+openssl> Is there any solution to use a signing > francesco.gennai+openssl> device with OpenSSL in OpenVMS environment? > > Yes, you need to build a shareable image that implements a OpenSSL > engine to interface with the device. That sort of engine translates > OpenSSL crypto and hash algorithm calls to whatever the device needs > to perform its job properly. > > Unfortunately, the best documentation is the source. Look in > crypto/engine/, engines/ and demos/engines/rsaref/ . The last one was > written specifically to show how it's done (or at least how it can be > done :-)). >
Richard, thank you for the pointers. I would get some more information before to start the next step in our development. At this point of our project we have a system that signs messages by using a private key stored on the harddisk. The system runs on OpenVMS OS and uses OpenSSL libraries for the signing process. Now we need to move the private key to a signing device. We could use also an expensive solution, like an HSM, but we would know about existing experiences, and about products: SmartCard models and producers and/or HSM models and producers that have been already used in OpenSSL/OpenVMS environment or that, accordingly to your experiences, could be tested. Thank you. Regards, Francesco > Cheers, > Richard > > ----- > Please consider sponsoring my work on free software. > See http://www.free.lp.se/sponsoring.html for details. > > -- > Richard Levitte [EMAIL PROTECTED] > http://richard.levitte.org/ > > "When I became a man I put away childish things, including > the fear of childishness and the desire to be very grown up." > -- C.S. Lewis > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-users@openssl.org > Automated List Manager [EMAIL PROTECTED] ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
