How to access keys on HW tokens via PKCS11 Provider?
Dmitry Belyavsky
beldmit at gmail.com
Tue Feb 7 20:22:46 UTC 2023
Dear Uri,
How do you configure the actual PKCS#11 module (not the provider
itself) to use and pin?
There should be examples in the openssl.cnf generated by running tests.
On Tue, Feb 7, 2023 at 8:42 PM Blumenthal, Uri - 0553 - MITLL
<uri at ll.mit.edu> wrote:
>
> > What is the OpenSSL version you use? There were some fixes after 3.0.7
> > related to some problems found by PKCS#11 provider authors.
>
> I'm still on 3.0.7 - hopefully move to 3.0.8 soon (as soon as Macports migrates to 3.0.8).
>
> If you think it's beneficial - I can do the same test with 3.2dev (current OpenSSL master).
>
> I still would like to know *exactly what the URI should look like*, e.g., for KEY MAN Key (encryption/decryption, PIV slot 9d).
>
> Thanks!
>
--
SY, Dmitry Belyavsky
More information about the openssl-users
mailing list