Great, thanks! On 15 September 2021 17:07:59 BST, Matt Caswell <m...@openssl.org> wrote: > > >On 15/09/2021 16:57, Matt Caswell wrote: >> >> >> On 15/09/2021 16:50, Kris Kwiatkowski wrote: >>> Can you point to instructions on how to load provider >>> it into OpenSSL? >>> >>> Is there something similar to "[engine_section]", >>> that can be used to configure loading from openssl.conf? >> >> Yes. See the "config" man page here: >> >> https://www.openssl.org/docs/man3.0/man5/config.html > >And here are some simple config files that do this: > >https://github.com/openssl/openssl/blob/master/test/default.cnf >https://github.com/openssl/openssl/blob/master/test/default-and-fips.cnf >https://github.com/openssl/openssl/blob/master/test/default-and-legacy.cnf >https://github.com/openssl/openssl/blob/master/test/fips-and-base.cnf >https://github.com/openssl/openssl/blob/master/test/fips.cnf > >Matt > > >> >> In particular look at the section "Provider Configuration" >> >> You can also load providers through the API. See: >> >> https://www.openssl.org/docs/man3.0/man3/OSSL_PROVIDER_load.html >> >> Matt >> >> >>> >>> BR, >>> Kris >>> >>> On 9/15/21 4:39 PM, Matt Caswell wrote: >>>> Another, slightly more complicated, but fully self contained provider is >>>> here: >>>> >>>> https://github.com/openssl/openssl/blob/master/test/tls-provider.c >>>> >>>> And another one here: >>>> >>>> https://github.com/openssl/openssl/blob/master/test/p_test.c >>>> >>>> A minimal bare bones provider is here: >>>> >>>> https://github.com/openssl/openssl/blob/master/providers/nullprov.c >>>> >>>> The legacy provider is also worth looking at: >>>> >>>> https://github.com/openssl/openssl/blob/master/providers/legacyprov.c >>>> >>>> Matt >>>> >>>> On 15/09/2021 13:26, Petr Gotthard wrote: >>>>> Shiva, >>>>> you may also have a look at >>>>> thehttps://github.com/provider-corner/vigenere >>>>> That's (as far as I know) the most simple provider implementation >>>>> available. >>>>> >>>>> Petr >>>>> >>>>> -----Original Message----- >>>>> From: openssl-users<openssl-users-boun...@openssl.org> On Behalf Of >>>>> Tomas Mraz >>>>> Sent: Wednesday, September 15, 2021 2:18 PM >>>>> To: Shivakumar >>>>> Poojari<shivakumar.pooj...@rbbn.com>;openssl-users@openssl.org >>>>> Cc: Paramashivaiah, Sunil<sunil.paramashiva...@rbbn.com>; >>>>> Bhattacharjee, Debapriyo (c)<dbhattachar...@rbbn.com> >>>>> Subject: Re: [EXTERNAL] Re: ENGINE API replacement for Openssl3.0 >>>>> >>>>> I am sorry but as I said providers are not a direct replacement for >>>>> ENGINEs. It is a completely different implementation of the same >>>>> concept of pluggable cryptographical modules for OpenSSL. You can >>>>> look at the OpenSSL manual pages for the providers. >>>>> >>>>> This is the starting point: >>>>> https://www.openssl.org/docs/man3.0/man7/provider.html >>>>> >>>>> There is no tutorial as for how to implement your own provider. And >>>>> as I said on the application side if the application loads an >>>>> OpenSSL configuration file the providers loaded can be configured >>>>> via the config file and does not require any explicit API calls from >>>>> the application. >>>>> >>>>> I'd recommend looking at some of the test sources in the tests >>>>> directory for some code examples. >>>>> >>>>> Tomas >>>>> >>>>> On Wed, 2021-09-15 at 10:34 +0000, Shivakumar Poojari wrote: >>>>>> Hi Tomas, >>>>>> As Engine function are deprecated I tried using providers >>>>>> >>>>>> But how to use providers to get engine functionality tried in man >>>>>> pages >>>>>> >>>>>> Some sample program will help, maybe some sample program will give the >>>>>> clear idea how to use provider >>>>>> >>>>>> Struggling in understand the providers >>>>>> >>>>>> Please share the sample program and the links to understand the >>>>>> providers >>>>>> >>>>>> Thanks, >>>>>> shiva kumar >> >
-- Sent from my Android device with K-9 Mail. Please excuse my brevity.