Is it possible to provide a URI to create a PKey? #2059
Comments
|
I don't think we currently expose anything like that but I'd be happy to take a PR. |
|
Similar to this, a method to create keys into a PKCS11 provider would probably be good here to complete the lifecycle. The challenge might be the provider setup if you have keys coming from different sources though. |
|
@WolfDan I'm going to give this a go. |
mvar-ms
pushed a commit
to mvar-ms/rust-openssl
that referenced
this issue
Nov 29, 2023
PR: sfackler#2077 issue: sfackler#2059 It works! fmt
mvar-ms
pushed a commit
to mvar-ms/rust-openssl
that referenced
this issue
Apr 11, 2024
PR: sfackler#2077 issue: sfackler#2059 It works! fmt
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
I'm working with the pkcs11-provider for OpenSSL 3; one way to use the provider is via a URI; openssl internally will make use of
OSSL_STORE_INFO_get1_PKEYafter getting a ctw and store info to get the provider key and use it internally. I can't see any function onPKeyor a store module, so I'm wondering if that's possible with the libraryFor example, this command works with OpenSSL, but I'm unsure if
-key "pkcs11:type=private;id=%00%01"will translate into rust-opensslopenssl req -new -x509 -days 365 -subj '/CN=my key/' -sha256 -provider pkcs11 -key "pkcs11:type=private;id=%00%01" -out cert.pemThank you!
The text was updated successfully, but these errors were encountered: