Hi OpenSSL team!
I wrote a provider for Windows certificates and implemented "openssl ca".Now, I think it would be fun to see a HTTPS server using certificates installed in Windows storage.
Certificate is loaded using load_cert_pass (taken from apps.c) with custom uri "wincert://11:22:33....", private key is loaded with load_key from apps.c too. It works, but ...
When I use SSL_CTX_use_PrivateKey(ctx, myprivk) the key is declined. OpenSSL compares strings and expects "rsaEncryption", and so on instead of "MYKEY". Why ?
Maybe I'm missing something, but if you built a key management system, sign interface, ciphers that allows key virtualization, why not go further ? I'm ready to implement the encryption interface, but why OpenSSL still care about key type name. In the new era of version 3, it can check if the key provides necessary interfaces.
--
Alex Dankow
