[openssl-dev] Using openssl with a remote private key
David Woodhouse
dwmw2 at infradead.org
Tue Mar 17 22:30:17 UTC 2015
On Tue, 2015-03-17 at 22:22 +0000, Tigran Gyonjyan (BLOOMBERG/ 731 LEX)
wrote:
> Thank you for your responses, PKCS#11 could be the right way to go. I
> am hoping there is flexibility as per what functionality I want to
> delegate (just need the decrypt piece).
> If I had to implement a fully fledged PKCS#11 module that would be an
> overkill. I hope that's not the case?
You don't have to have the *cert* in PKCS#11. Only the key. A module to
implement that much can be fairly trivial.
--
dwmw2
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 5745 bytes
Desc: not available
URL: <http://mta.openssl.org/pipermail/openssl-dev/attachments/20150317/3d4a54e4/attachment.bin>
More information about the openssl-dev
mailing list