Thursday Nov 19, 2009

PKCS#11 Engine Patch (including the token access) for OpenSSL 0.9.8l (el)

I have generated a PKCS#11 patch for OpenSSL 0.9.8l. It includes one new feature I have recently integrated into Nevada - RSA Keys by Reference.[Read More]

Wednesday Nov 11, 2009

RSA Keys by Reference (through the OpenSSL PKCS#11 Engine)

I have just done my putback to the SFW gate for the "RSA Keys by Reference" project. It will be part of the Nevada build 129. The CR was "6479874 OpenSSL should support RSA key by reference/hardware keystores". With this code, applications can access RSA keys stored in PKCS#11 tokens...[Read More]

Tuesday Jul 28, 2009

OpenSSL PKCS#11 Engine Internals

Vladimir, who made most of the latest changes to the PKCS#11 engine we ship as part of OpenSSL in Solaris, wrote a presentation on the PKCS#11 internals. It's a very interesting read, and since I believe some of you who use the patch actually read the code and modified it (I got some feedback during the last few years), I hope it might be a very useful thing. See Vladimir's OpenSSL PKCS#11 engine TOI blog entry on that. We also plan to properly document the engine directly in the code so that people can understand how it works without reverse engineering the code. However, there is no ETA for that yet.

Wednesday Apr 15, 2009

PKCS#11 engine patch for OpenSSL 0.9.8k

I didn't generate the patch for OpenSSL 0.9.8k. Given the few changes between 0.9.8j and 0.9.8k it is no suprise that you can apply the PKCS#11 engine patch for 0.9.8j on 0.9.8k.[Read More]

Tuesday Dec 02, 2008

PKCS#11 engine patch update for OpenSSL 0.9.8i

I've updated the PKCS#11 patch to the latest OpenSSL 0.9.8i version. The patch includes RFEs and fixes we integrated into OpenSolaris since the last patch release.[Read More]

Friday Aug 01, 2008

Fixed PKCS#11 engine patch for 0.9.8h

We already found a bug in recent changes to the PKCS#11 engine. It was quickly fixed and the patch was updated. If your PKCS#11 backend offers just one slot you are not affected. You can download pkcs11_engine-0.9.8h.patch.2008-08-01, and take a look at README shipped as part of the patch. BTW, a check whether the patch is used on Solaris to trigger Solaris specific code was made automatic.

Tuesday Jul 29, 2008

PKCS#11 engine patch update for OpenSSL 0.9.8h

I've updated the PKCS#11 patch to the latest OpenSSL 0.9.8h version. It's rather a big update. During the last few months, Vladimir, Darren and me did some work on the PKCS#11 engine source code. The result is a bunch of fixed CRs that are now all integrated into OpenSolaris, and that means they are covered by this patch as well.[Read More]

Monday Oct 15, 2007

Using RSA keys by reference in the pkcs#11 engine (II.)

I've updated the recent patch because I was exporting some private attributes from the key store into the RSA structure; and that wasn't needed of course. Now only public attributes are exported and everything else performed in the token.[Read More]

About

Jan Pechanec

Search

Categories
Archives
« April 2014
SunMonTueWedThuFriSat
  
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
   
       
Today