[Dovecot] Solaris hardware crypto engines

Martin Preen preen at informatik.uni-freiburg.de
Mon Apr 18 13:30:27 EEST 2011

I tried to find out how about to use the hardware crypto engines under
Solaris (Sun Fire T2000). It seems, that its not just a compilation issue:

> For operations that are to be offloaded, it is necessary to restrict use to subset
 > of OpenSSL functions (the EVP_ functions) and explicitly indicate the use of 
the PKCS11
 > engine; something like the following works for bulk ciphers (the process for 
RSA is similar):
> ENGINE *e;
> ENGINE_load_builtin_engines();
> e = ENGINE_by_id("pkcs11");
> ENGINE_set_default_ciphers(e);
> EVP_CIPHER_CTX_init (&ctx);
> EVP_EncryptInit (&ctx, EVP_des_cbc (), key, iv);
> EVP_EncryptUpdate (.....);

Since I'm not familiar with SSL programming, I wonder if it's possible to
modify the dovecot 1.2.x source code. Maybe someone has already tried this
or can give me hint.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 6337 bytes
Desc: S/MIME Cryptographic Signature
Url : http://dovecot.org/pipermail/dovecot/attachments/20110418/661f78d3/attachment.bin 

More information about the dovecot mailing list