Re: alternative to deprecated ENGINE_* API for external engines for openssl-3.0.0

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 




On 30/07/2020 16:06, Emeric Brun wrote:
> Trying to compile my soft using openssl-3.0.0alpha5, I notice a lot of warnings about deprecated ENGINE_* functions (since commit 8dab4de53887639abc1152288fac76506beb87b3).
> 
> Is-there any documentation on a	new API/functions to handle external crypto engines?

As noted in the CHANGES file the preferred alternative is to use the new
"provider" APIs. Providers are fundamental to OpenSSL 3.0. You can read
about how they're used and configured in 3.0 on this wiki page:

https://wiki.openssl.org/index.php/OpenSSL_3.0

There's some more detailed documentation about providers here:

https://www.openssl.org/docs/manmaster/man7/provider.html

If you're interested in writing providers then there's an example one on
this man page:

https://www.openssl.org/docs/manmaster/man7/provider-base.html


OpenSSL 3.0 comes with a number of built-in or out-of-the-box providers
which are documented here:

https://www.openssl.org/docs/manmaster/man7/OSSL_PROVIDER-default.html
https://www.openssl.org/docs/manmaster/man7/OSSL_PROVIDER-FIPS.html
https://www.openssl.org/docs/manmaster/man7/OSSL_PROVIDER-legacy.html
https://www.openssl.org/docs/manmaster/man7/OSSL_PROVIDER-null.html

There's also a number of other pages for provider authors about the
various hooks available for different types of algorithm, e.g. see:

https://www.openssl.org/docs/manmaster/man7/provider-cipher.html

This gives details about the hooks for symmetric ciphers. There are
other similar pages for different algorithm types linked from here:

https://www.openssl.org/docs/manmaster/man7/


Hope that helps,

Matt



[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux