diff options
| author | cvs2svn <cvs2svn> | 2000-09-20 15:52:27 +0000 |
|---|---|---|
| committer | cvs2svn <cvs2svn> | 2000-09-20 15:52:27 +0000 |
| commit | 12f49bd79d17f0a325f89738f06f1332b705e64a (patch) | |
| tree | fbba4664e1dc75e8e396bd4b6af4729db34da105 | |
| parent | 4b250a3d25777d1fae6287caf0ecab4ca510b816 (diff) | |
| parent | b22bda21a15b46094db379ffba55e3481e60223f (diff) | |
| download | openssl-12f49bd79d17f0a325f89738f06f1332b705e64a.tar.gz | |
This commit was manufactured by cvs2svn to create branch 'BRANCH_engine'.
| -rw-r--r-- | README.ENGINE | 54 |
1 files changed, 54 insertions, 0 deletions
diff --git a/README.ENGINE b/README.ENGINE new file mode 100644 index 0000000000..b30206c0ed --- /dev/null +++ b/README.ENGINE @@ -0,0 +1,54 @@ + + ENGINE + ====== + + With OpenSSL 0.9.6, a new component has been added to support external + crypto devices, for example accelerator cards. The component is called + ENGINE, and has still a pretty experimental status and almost no + documentation. It's designed to be faily easily extensible by the + calling programs. + + There's currently built-in support for the following crypto devices: + + o CryptoSwift + o Compaq Atalla + o nCipher CHIL + + A number of things are still needed and are being worked on: + + o An openssl utility command to handle or at least check available + engines. + o A better way of handling the methods that are handled by the + engines. + o Documentation! + + What already exists is fairly stable as far as it has been tested, but + the test base has been a bit small most of the time. + + Because of this experimental status and what's lacking, the ENGINE + component is not yet part of the default OpenSSL distribution. However, + we have made a separate kit for those who want to try this out, to be + found in the same places as the default OpenSSL distribution, but with + "-engine-" being part of the kit file name. For example, version 0.9.6 + is distributed in the following two files: + + openssl-0.9.6.tar.gz + openssl-engine-0.9.6.tar.gz + + NOTES + ===== + + openssl-engine-0.9.6.tar.gz does not depend on openssl-0.9.6.tar, you do + not need to download both. + + openssl-engine-0.9.6.tar.gz is usable even if you don't have an external + crypto device. The internal OpenSSL functions are contained in the + engine "openssl", and will be used by default. + + No external crypto device is chosen unless you say so. You have actively + tell the openssl utility commands to use it through a new command line + switch called "-engine". And if you want to use the ENGINE library to + do something similar, you must also explicitely choose an external crypto + device, or the built-in crypto routines will be used, just as in the + default OpenSSL distribution. + |