On 03/03/2023 08:47, Hareesh Das Ulleri wrote:
Hello OpenSSL users,
Is it possible to integrate linux kernel 5.10 Crypto API module with
OpenSSL 3.0.7 or above versions. If possible request to suggest any doc
to start with if available.
My requirement is to integrate a HW Cipher implementation (with or
without OpenSSL custom provider). Is this possible ?
Please let me know if anyone tried or knows this !
The afalg engine exists for integrating with Kernel crypto. It only
supports AES-128-CBC, AES-192-CBC and AES-192-CBC.
https://github.com/openssl/openssl/blob/master/engines/e_afalg.c
Unfortunately engines are deprecated in OpenSSL 3.0 and AFAIK no-one has
really touched the afalg engine in some while. It also appears to be
completely undocumented AFAICT.
The correct long term answer for this is for someone to write a custom
provider to do this job.
Matt
Thanks,
Hareesh
