blob: 0d698b7446bccb1b36f9d5333eb07fcc39ad2440 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
|
ENGINE
======
With OpenSSL 0.9.6, a new component has been added to support external
crypto devices, for example accelerator cards. The component is called
ENGINE, and has still a pretty experimental status and almost no
documentation. It's designed to be faily easily extensible by the
calling programs.
There's currently built-in support for the following crypto devices:
o CryptoSwift
o Compaq Atalla
o nCipher CHIL
o Nuron
A number of things are still needed and are being worked on:
o A better way of handling the methods that are handled by the
engines.
o Documentation!
What already exists is fairly stable as far as it has been tested, but
the test base has been a bit small most of the time.
No external crypto device is chosen unless you say so. You have actively
tell the openssl utility commands to use it through a new command line
switch called "-engine". And if you want to use the ENGINE library to
do something similar, you must also explicitely choose an external crypto
device, or the built-in crypto routines will be used, just as in the
default OpenSSL distribution.
PROBLEMS
========
It seems like the ENGINE part doesn't work too well with Cryptoswift on
Win32. A quick test done right before the release showed that trying
"openssl speed -engine cswift" generated errors. If the DSO gets enabled,
an attempt is made to write at memory address 0x00000002.
|
