On 02/07/2021 04:25, Reinier Torenbeek wrote:
Hi Matt,
I am aware of the deprecation of the engine interface with 3.0 but have not
looked into the details of support providers yet. I expect converting an
engine to a support provider could be done with quite a bit of code reuse,
correct? Would you say the interface and design of support providers is stable
at this point?
The engine and provider interfaces are quite different - but since the
underlying operations are the same I imagine there will be quite a bit
of reuse.
Yes, we consider the provider interface to be stable now.
Matt
Thanks,
Reinier
On Jul 1, 2021, at 4:41 PM, Matt Caswell <m...@openssl.org> wrote:
Nice! Are there any thoughts to support providers? The engine interface is
deprecated in 3.0.
Matt
On 01/07/2021 18:49, Reinier Torenbeek wrote:
Hi,
For anyone interested in leveraging Windows CNG with OpenSSL 1.1.1, you may want to check
out this new OpenSSL CNG Engine project on GitHub:
https://github.com/rticommunity/openssl-cng-engine
<https://github.com/rticommunity/openssl-cng-engine> . The associated User's Manual
is on ReadTheDocs: https://openssl-cng-engine.readthedocs.io/en/latest/index.html
<https://openssl-cng-engine.readthedocs.io/en/latest/index.html> .
The project implements the majority of the EVP interface, to leverage the
BCrypt crypto implementations, as well as a subset of the STORE interface, for
integration with the Windows Certificate and Keystore(s), via the NCrypt and
Cert APIs. It has been tested with 1.1.1k on Windows 10, with Visual Studio
2017 and 2019. It is released under the Apache-2.0 license.
Any feedback is welcome, please send it to me or open an issue on GitHub.
Best regards,
Reinier
