Loading NEWS +4 −0 Original line number Diff line number Diff line Loading @@ -14,6 +14,10 @@ o New 'rsautl' application, low level RSA utility. o MD4 now included. o Bugfix for SSL rollback padding check. o Support for external crypto device[1]. [1] The support for external crypto devices is currently a separate distribution. See the file README.ENGINE. Major changes between OpenSSL 0.9.5 and OpenSSL 0.9.5a: Loading README.ENGINE 0 → 100644 +54 −0 Original line number Diff line number Diff line ENGINE ====== With OpenSSL 0.9.6, a new component has been added to support external crypto devices, for example accelerator cards. The component is called ENGINE, and has still a pretty experimental status and almost no documentation. It's designed to be faily easily extensible by the calling programs. There's currently built-in support for the following crypto devices: o CryptoSwift o Compaq Atalla o nCipher CHIL A number of things are still needed and are being worked on: o An openssl utility command to handle or at least check available engines. o A better way of handling the methods that are handled by the engines. o Documentation! What already exists is fairly stable as far as it has been tested, but the test base has been a bit small most of the time. Because of this experimental status and what's lacking, the ENGINE component is not yet part of the default OpenSSL distribution. However, we have made a separate kit for those who want to try this out, to be found in the same places as the default OpenSSL distribution, but with "-engine-" being part of the kit file name. For example, version 0.9.6 is distributed in the following two files: openssl-0.9.6.tar.gz openssl-engine-0.9.6.tar.gz NOTES ===== openssl-engine-0.9.6.tar.gz does not depend on openssl-0.9.6.tar, you do not need to download both. openssl-engine-0.9.6.tar.gz is usable even if you don't have an external crypto device. The internal OpenSSL functions are contained in the engine "openssl", and will be used by default. No external crypto device is chosen unless you say so. You have actively tell the openssl utility commands to use it through a new command line switch called "-engine". And if you want to use the ENGINE library to do something similar, you must also explicitely choose an external crypto device, or the built-in crypto routines will be used, just as in the default OpenSSL distribution. Loading
NEWS +4 −0 Original line number Diff line number Diff line Loading @@ -14,6 +14,10 @@ o New 'rsautl' application, low level RSA utility. o MD4 now included. o Bugfix for SSL rollback padding check. o Support for external crypto device[1]. [1] The support for external crypto devices is currently a separate distribution. See the file README.ENGINE. Major changes between OpenSSL 0.9.5 and OpenSSL 0.9.5a: Loading
README.ENGINE 0 → 100644 +54 −0 Original line number Diff line number Diff line ENGINE ====== With OpenSSL 0.9.6, a new component has been added to support external crypto devices, for example accelerator cards. The component is called ENGINE, and has still a pretty experimental status and almost no documentation. It's designed to be faily easily extensible by the calling programs. There's currently built-in support for the following crypto devices: o CryptoSwift o Compaq Atalla o nCipher CHIL A number of things are still needed and are being worked on: o An openssl utility command to handle or at least check available engines. o A better way of handling the methods that are handled by the engines. o Documentation! What already exists is fairly stable as far as it has been tested, but the test base has been a bit small most of the time. Because of this experimental status and what's lacking, the ENGINE component is not yet part of the default OpenSSL distribution. However, we have made a separate kit for those who want to try this out, to be found in the same places as the default OpenSSL distribution, but with "-engine-" being part of the kit file name. For example, version 0.9.6 is distributed in the following two files: openssl-0.9.6.tar.gz openssl-engine-0.9.6.tar.gz NOTES ===== openssl-engine-0.9.6.tar.gz does not depend on openssl-0.9.6.tar, you do not need to download both. openssl-engine-0.9.6.tar.gz is usable even if you don't have an external crypto device. The internal OpenSSL functions are contained in the engine "openssl", and will be used by default. No external crypto device is chosen unless you say so. You have actively tell the openssl utility commands to use it through a new command line switch called "-engine". And if you want to use the ENGINE library to do something similar, you must also explicitely choose an external crypto device, or the built-in crypto routines will be used, just as in the default OpenSSL distribution.
