[openssl-users] External encryption chip and EC{DSA, DH} (with engine?)
Matt Caswell
matt at openssl.org
Wed Jun 3 12:58:36 UTC 2015
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 03/06/15 06:32, Rémy Grünblatt wrote:
> Hello. I have a custom external hardware encryption chip that can
> computes some operations like the addition of two points, the
> inverse of one point, etc.
>
> I read that if I want to move some calculus from openssl to this
> chip, Openssl engines are the way to go.
>
> By defining a custom EC_METHOD, for example, I can just move the
> inverse on the chip while keeping other functions "in openssl"
> (not moving them). Still, how do I ask to my Engine to use this
> new custom EC_METHOD ?
>
> I see functions like ENGINE_set_default_ECDSA, or
> ENGINE_set_default_ECDH, but I don't want to change thoses, only
> the underlying EC_METHOD which is "used" for calculus.
>
> I do not know if it's clear, but what i'm searching for is a kind
> of "ENGINE_set_default_EC_METHOD" which could be used by the tests
> from ectest.c, for example. Any idea ?
Unfortunately, I don't think such a thing exists. In fact the
definition of EC_METHOD is not defined in any public header file so it
is not currently possible to provide your own version without hacking
OpenSSL itself.
Matt
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQEcBAEBAgAGBQJVbvn8AAoJENnE0m0OYESRwtsH/1p941OTgrEMPuLlkyulf4DA
E3HzZNqgShlGBK6y4NrI+1bwPAHNeRe1weQuaOokDqiY9k+Qh/B4ncKVKbH3kJFF
c8xlKhf9GsMzsfV+sqeTSX0b16cvTbos0l6JEVGcypLib7jtcJcE9a966dC699Cz
7k6Adq6mpznm30JFFARon0Ov7htLvCvU6nRgBnV3nSh/+++5iNe1ZQht06El92Ap
VPvbYz54zePaQgndI/lgtNEA9RQcI/Zsbn3dJzs9FDWyMs4JCjf0Yl2oCtzfeb2c
wMX6nJFiTOMa6rMUpPedTd2QS/XrOHUpPdcRxWpz4grYklqVAizlKrtHPutwrpo=
=//we
-----END PGP SIGNATURE-----
More information about the openssl-users
mailing list