Hi! I am creating an application using the openssl crate, created by @sfackler. My question is, are openssl enginges somehow supported in this crate? I need to integrate smartcard support, which on debian is piece of cake and works out of the box with the
openssl tool. Just install the
libengine-pkcs11-openssl package. On the shell I can create a server using the private key on my token using sth. like this:
$ openssl s_server -engine pkcs11 -cert ~/cert.pem -keyform engine -key "pkcs11:serial=0005000037f5"
For the sake of completeness, the certificate can be generated using this command:
$ openssl req -engine pkcs11 -new -key "pkcs11:serial=0005000037f5" -keyform engine -out ~/cert.pem -text -x509
So, in theory I “just” need to enable the pkcs11 engine in the rust openssl crate and specify the relevant keypath. I fear that the support is disabled, since I found this
in the build script. Can I somehow use the pkcs11 openssl engine with the rust openssl crate?