CNG engine on GitHub
Selva Nair
selva.nair at gmail.com
Fri Jul 2 13:48:21 UTC 2021
Hi,
On Thu, Jul 1, 2021 at 1:49 PM Reinier Torenbeek <
reinier.torenbeek at gmail.com> wrote:
> Hi,
>
> For anyone interested in leveraging Windows CNG with OpenSSL 1.1.1, you
> may want to check out this new OpenSSL CNG Engine project on GitHub:
> https://github.com/rticommunity/openssl-cng-engine . The associated
> User's Manual is on ReadTheDocs:
> https://openssl-cng-engine.readthedocs.io/en/latest/index.html .
>
> The project implements the majority of the EVP interface, to leverage the
> BCrypt crypto implementations, as well as a subset of the STORE interface,
> for integration with the Windows Certificate and Keystore(s), via the
> NCrypt and Cert APIs. It has been tested with 1.1.1k on Windows 10, with
> Visual Studio 2017 and 2019. It is released under the Apache-2.0 license.
>
> Any feedback is welcome, please send it to me or open an issue on GitHub.
>
This is great, but limiting RSA signature to RSA-PKCS#1 v 1.5 is a major
limitation. It doesn't have to be that way as the OpenSSL engine interface
does allow using EVP_PKEY_METHOD callbacks instead of rsa_priv_dec etc.
Selva
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-users/attachments/20210702/73d15766/attachment.html>
More information about the openssl-users
mailing list