[openssl-dev] Adding a new Engine to OpenSSL
David Woodhouse
dwmw2 at infradead.org
Fri May 15 16:48:49 UTC 2015
On Fri, 2015-05-15 at 17:17 +0530, Animesh Das wrote:
>
> I have a new hardware crypto engine. The device can be accessed
> from user space application opening the device like
> "/dev/mydevice". There are also some IOCTLs which can be used from
> user space. I want to add that device as one of the engines of
> OpenSSL so that the encryption/decryption process can be offloaded
> to that device.
>
> I have new to OpenSSL. Could you please help me giving ideas/steps
> to add that engine in OpenSSL.
My first inclination is to say "don't".
Make it a PKCS#11 provider instead, and let OpenSSL use it through
engine_pkcs11.
(OpenSSL really ought to gain first-class support for PKCS#11 too,
FWIW).
-- dwmw2
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 5691 bytes
Desc: not available
URL: <http://mta.openssl.org/pipermail/openssl-dev/attachments/20150515/8540e2a3/attachment.bin>
More information about the openssl-dev
mailing list