CNG engine on GitHub
Reinier Torenbeek
reinier.torenbeek at gmail.com
Fri Jul 2 14:11:01 UTC 2021
Hi Richard,
Glad you like it. The cert: scheme is a little inconvenient and I do not
know how extensively it is used in practice. But it seemed appropriate to
leverage it since it was around already and seemed to fit the bill.
Microsoft's documentation is not too extensive, but for anybody interested,
here is a starting point:
https://docs.microsoft.com/en-us/powershell/module/microsoft.powershell.security/about/about_certificate_provider?view=powershell-7.1
Best regards,
Reinier
On Fri, Jul 2, 2021 at 9:03 AM Richard Levitte <levitte at openssl.org> wrote:
> This is cool!
>
> I had some kind of skeleton of a start to make something similar, but
> time was never on my side. I'm really glad to see this got picked up!
>
> This also answered a question I never got the answer for, what scheme
> to use for the STORE. I know next to nothing about PowerShell, so
> hadn't discovered the 'cert:' "scheme". That answers quite a lot :-)
>
> Time for me to throw away my skeleton then ;-)
>
> Cheers,
> Richard
>
> On Thu, 01 Jul 2021 19:49:00 +0200,
> Reinier Torenbeek wrote:
> >
> > Hi,
> >
> > For anyone interested in leveraging Windows CNG with OpenSSL 1.1.1, you
> may want to check out this
> > new OpenSSL CNG Engine project on GitHub:
> https://github.com/rticommunity/openssl-cng-engine . The
> > associated User's Manual is on ReadTheDocs:
> > https://openssl-cng-engine.readthedocs.io/en/latest/index.html .
> >
> > The project implements the majority of the EVP interface, to leverage
> the BCrypt crypto
> > implementations, as well as a subset of the STORE interface, for
> integration with the
> > Windows Certificate and Keystore(s), via the NCrypt and Cert APIs. It
> has been tested with 1.1.1k
> > on Windows 10, with Visual Studio 2017 and 2019. It is released under
> the Apache-2.0 license.
> >
> > Any feedback is welcome, please send it to me or open an issue on GitHub.
> >
> > Best regards,
> > Reinier
> >
> >
> --
> Richard Levitte levitte at openssl.org
> OpenSSL Project http://www.openssl.org/~levitte/
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-users/attachments/20210702/8ee05011/attachment-0001.html>
More information about the openssl-users
mailing list