[openssl-dev] Adding a new Engine to OpenSSL
Animesh Das
animesdas at gmail.com
Thu May 28 11:24:28 UTC 2015
My understanding is as there are some similarities between my device and
cryptodev device, i may follow the cryptodev. Is it right? If we want to
take reference from any other engine iam not getting any similarity between
my engine and any one from already implemented. If i go through with pkcs11
then please suggest any url or share any documents which will help me as i
am new to this.
Thanks
Animesh Das
On 15 May 2015 22:18, "David Woodhouse" <dwmw2 at infradead.org> wrote:
> On Fri, 2015-05-15 at 17:17 +0530, Animesh Das wrote:
> >
> > I have a new hardware crypto engine. The device can be accessed
> > from user space application opening the device like
> > "/dev/mydevice". There are also some IOCTLs which can be used from
> > user space. I want to add that device as one of the engines of
> > OpenSSL so that the encryption/decryption process can be offloaded
> > to that device.
> >
> > I have new to OpenSSL. Could you please help me giving ideas/steps
> > to add that engine in OpenSSL.
>
> My first inclination is to say "don't".
>
> Make it a PKCS#11 provider instead, and let OpenSSL use it through
> engine_pkcs11.
>
> (OpenSSL really ought to gain first-class support for PKCS#11 too,
> FWIW).
>
> -- dwmw2
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-dev/attachments/20150528/c25f0dc9/attachment-0001.html>
More information about the openssl-dev
mailing list