|
|
Hello, This patch enabled openvpn to access PKCS#11 cryptographic tokens. It is based on the opensc patch that was post earlier (http://sourceforge.net/tracker/index.php?func=detail&aid=1114521&group_id=48978&atid=454721). This patch was tested under Linux. It was tested with the opensc PKCS#11 provider. Since it works with the opensc provider and PKCS#11 standard is much more common, it makes the opensc patch obsolete. This patch compiles under Windows, but was not tested. I will be glad if somebody will test it under Windows as well. The patch is capable of using several PKCS#11 providers at the same time. The following options were added: --pkcs11-providers provider... - Loads a PKCS#11 provider. --pkcs11-sign-mode - How to perform signature. --pkcs11-slot-type - Specifies how to locate correct slot. --pkcs11-slot - Specifies slot name. --pkcs11-id-type - Specifies how to find certificate and key. --pkcs11-id - Specifies certificate and key name. The following standalone options were added: --show-pkcs11-slots - Displays PKCS#11 slots. --show-pkcs11-objects - Displays PKCS#11 token contents. Please refer to man page for further information. The patch can be found at http://sourceforge.net/tracker/index.php?func=detail&aid=1293066&group_id=48978&atid=454721 Any comments/suggestions will be gladly accepted (mailto:alon.barlev@xxxxxxxxx). Special thanks to: Fritz Elfert - Wrote the original patch. IvÃn Casado Ruiz - Updated original patch and helped in testing this one. Best Regards, Alon Bar-Lev. ____________________________________________ Openvpn-devel mailing list Openvpn-devel@xxxxxxxxxxxxxxxxxxxxx https://lists.sourceforge.net/lists/listinfo/openvpn-devel |