Status of OpenSC, libp11, engine using OpenSSL-1.1-pre2
I have OpenSC, libp11, engine-pkcs11, working with OpenSSL-1.1-pre2
This includes ECDH support in libp11, engine-pkcs11. There is still a lot of cleanup to be done to get the ECDH code in shape.
I was able to use the OpenSSL cms -encrypt using the certificate for the recipient. Then used the cms -decrypt with the smart card of the
recipient to do a ECDH operation to get the AES key to decrypt the message.
OpenSSL is still not stable, but they have been fixing bugs.
One issue with OpenSC is that src/common/simclist.h does:
# define inline /* inline */
OpenSSL e_os2.h does:
# if !defined(inline) && !defined(__cplusplus)
So depending on the order of header files, things work fine, or you get pages of errors
because ossl_inline is not not changed.