[Dovecot] Solaris hardware crypto engines
Martin Preen
preen at informatik.uni-freiburg.de
Mon Apr 18 13:30:27 EEST 2011
Hello,
I tried to find out how about to use the hardware crypto engines under
Solaris (Sun Fire T2000). It seems, that its not just a compilation issue:
> For operations that are to be offloaded, it is necessary to restrict use to subset
> of OpenSSL functions (the EVP_ functions) and explicitly indicate the use of
the PKCS11
> engine; something like the following works for bulk ciphers (the process for
RSA is similar):
>
> ENGINE *e;
> ENGINE_load_builtin_engines();
> e = ENGINE_by_id("pkcs11");
> ENGINE_set_default_ciphers(e);
> EVP_CIPHER_CTX_init (&ctx);
> EVP_EncryptInit (&ctx, EVP_des_cbc (), key, iv);
> EVP_EncryptUpdate (.....);
Since I'm not familiar with SSL programming, I wonder if it's possible to
modify the dovecot 1.2.x source code. Maybe someone has already tried this
or can give me hint.
Regards.
Martin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 6337 bytes
Desc: S/MIME Cryptographic Signature
Url : http://dovecot.org/pipermail/dovecot/attachments/20110418/661f78d3/attachment.bin
More information about the dovecot
mailing list