]>
Commit | Line | Data |
---|---|---|
1dc1ea18 DDO |
1 | ENGINES |
2 | ======= | |
b22bda21 | 3 | |
a8a18782 GT |
4 | With OpenSSL 0.9.6, a new component was added to support alternative |
5 | cryptography implementations, most commonly for interfacing with external | |
6 | crypto devices (eg. accelerator cards). This component is called ENGINE, | |
7 | and its presence in OpenSSL 0.9.6 (and subsequent bug-fix releases) | |
8 | caused a little confusion as 0.9.6** releases were rolled in two | |
3b80e3aa | 9 | versions, a "standard" and an "engine" version. In development for 0.9.7, |
a8a18782 GT |
10 | the ENGINE code has been merged into the main branch and will be present |
11 | in the standard releases from 0.9.7 forwards. | |
b22bda21 | 12 | |
a8a18782 GT |
13 | There are currently built-in ENGINE implementations for the following |
14 | crypto devices: | |
b22bda21 | 15 | |
1dc1ea18 DDO |
16 | * Microsoft CryptoAPI |
17 | * VIA Padlock | |
18 | * nCipher CHIL | |
a8a18782 GT |
19 | |
20 | In addition, dynamic binding to external ENGINE implementations is now | |
21 | provided by a special ENGINE called "dynamic". See the "DYNAMIC ENGINE" | |
22 | section below for details. | |
23 | ||
24 | At this stage, a number of things are still needed and are being worked on: | |
25 | ||
1dc1ea18 DDO |
26 | 1. Integration of EVP support. |
27 | 2. Configuration support. | |
28 | 3. Documentation! | |
a8a18782 | 29 | |
1dc1ea18 DDO |
30 | Integration of EVP support |
31 | -------------------------- | |
32 | ||
33 | With respect to EVP, this relates to support for ciphers and digests in | |
a8a18782 GT |
34 | the ENGINE model so that alternative implementations of existing |
35 | algorithms/modes (or previously unimplemented ones) can be provided by | |
36 | ENGINE implementations. | |
37 | ||
1dc1ea18 DDO |
38 | Configuration support |
39 | --------------------- | |
40 | ||
41 | Configuration support currently exists in the ENGINE API itself, in the | |
a8a18782 GT |
42 | form of "control commands". These allow an application to expose to the |
43 | user/admin the set of commands and parameter types a given ENGINE | |
44 | implementation supports, and for an application to directly feed string | |
45 | based input to those ENGINEs, in the form of name-value pairs. This is an | |
46 | extensible way for ENGINEs to define their own "configuration" mechanisms | |
47 | that are specific to a given ENGINE (eg. for a particular hardware | |
48 | device) but that should be consistent across *all* OpenSSL-based | |
49 | applications when they use that ENGINE. Work is in progress (or at least | |
50 | in planning) for supporting these control commands from the CONF (or | |
51 | NCONF) code so that applications using OpenSSL's existing configuration | |
52 | file format can have ENGINE settings specified in much the same way. | |
53 | Presently however, applications must use the ENGINE API itself to provide | |
54 | such functionality. To see first hand the types of commands available | |
55 | with the various compiled-in ENGINEs (see further down for dynamic | |
1dc1ea18 DDO |
56 | ENGINEs), use the "engine" openssl utility with full verbosity, i.e.: |
57 | ||
a8a18782 | 58 | openssl engine -vvvv |
b22bda21 | 59 | |
1dc1ea18 DDO |
60 | Documentation |
61 | ------------- | |
62 | ||
63 | Documentation? Volunteers welcome! The source code is reasonably well | |
a8a18782 GT |
64 | self-documenting, but some summaries and usage instructions are needed - |
65 | moreover, they are needed in the same POD format the existing OpenSSL | |
66 | documentation is provided in. Any complete or incomplete contributions | |
67 | would help make this happen. | |
b22bda21 | 68 | |
a8a18782 GT |
69 | STABILITY & BUG-REPORTS |
70 | ======================= | |
b22bda21 RL |
71 | |
72 | What already exists is fairly stable as far as it has been tested, but | |
a8a18782 GT |
73 | the test base has been a bit small most of the time. For the most part, |
74 | the vendors of the devices these ENGINEs support have contributed to the | |
75 | development and/or testing of the implementations, and *usually* (with no | |
76 | guarantees) have experience in using the ENGINE support to drive their | |
77 | devices from common OpenSSL-based applications. Bugs and/or inexplicable | |
78 | behaviour in using a specific ENGINE implementation should be sent to the | |
79 | author of that implementation (if it is mentioned in the corresponding C | |
80 | file), and in the case of implementations for commercial hardware | |
81 | devices, also through whatever vendor support channels are available. If | |
82 | none of this is possible, or the problem seems to be something about the | |
83 | ENGINE API itself (ie. not necessarily specific to a particular ENGINE | |
84 | implementation) then you should mail complete details to the relevant | |
85 | OpenSSL mailing list. For a definition of "complete details", refer to | |
1dc1ea18 | 86 | the OpenSSL "README" file. As for which list to send it to: |
a8a18782 | 87 | |
1dc1ea18 DDO |
88 | * openssl-users: if you are *using* the ENGINE abstraction, either in an |
89 | pre-compiled application or in your own application code. | |
a8a18782 | 90 | |
1dc1ea18 | 91 | * openssl-dev: if you are discussing problems with OpenSSL source code. |
a8a18782 GT |
92 | |
93 | USAGE | |
94 | ===== | |
95 | ||
96 | The default "openssl" ENGINE is always chosen when performing crypto | |
97 | operations unless you specify otherwise. You must actively tell the | |
98 | openssl utility commands to use anything else through a new command line | |
99 | switch called "-engine". Also, if you want to use the ENGINE support in | |
100 | your own code to do something similar, you must likewise explicitly | |
101 | select the ENGINE implementation you want. | |
102 | ||
103 | Depending on the type of hardware, system, and configuration, "settings" | |
104 | may need to be applied to an ENGINE for it to function as expected/hoped. | |
105 | The recommended way of doing this is for the application to support | |
106 | ENGINE "control commands" so that each ENGINE implementation can provide | |
107 | whatever configuration primitives it might require and the application | |
108 | can allow the user/admin (and thus the hardware vendor's support desk | |
109 | also) to provide any such input directly to the ENGINE implementation. | |
110 | This way, applications do not need to know anything specific to any | |
111 | device, they only need to provide the means to carry such user/admin | |
112 | input through to the ENGINE in question. Ie. this connects *you* (and | |
113 | your helpdesk) to the specific ENGINE implementation (and device), and | |
114 | allows application authors to not get buried in hassle supporting | |
115 | arbitrary devices they know (and care) nothing about. | |
116 | ||
117 | A new "openssl" utility, "openssl engine", has been added in that allows | |
118 | for testing and examination of ENGINE implementations. Basic usage | |
119 | instructions are available by specifying the "-?" command line switch. | |
120 | ||
121 | DYNAMIC ENGINES | |
122 | =============== | |
123 | ||
124 | The new "dynamic" ENGINE provides a low-overhead way to support ENGINE | |
125 | implementations that aren't pre-compiled and linked into OpenSSL-based | |
126 | applications. This could be because existing compiled-in implementations | |
127 | have known problems and you wish to use a newer version with an existing | |
128 | application. It could equally be because the application (or OpenSSL | |
129 | library) you are using simply doesn't have support for the ENGINE you | |
130 | wish to use, and the ENGINE provider (eg. hardware vendor) is providing | |
131 | you with a self-contained implementation in the form of a shared-library. | |
132 | The other use-case for "dynamic" is with applications that wish to | |
133 | maintain the smallest foot-print possible and so do not link in various | |
134 | ENGINE implementations from OpenSSL, but instead leaves you to provide | |
135 | them, if you want them, in the form of "dynamic"-loadable | |
136 | shared-libraries. It should be possible for hardware vendors to provide | |
137 | their own shared-libraries to support arbitrary hardware to work with | |
138 | applications based on OpenSSL 0.9.7 or later. If you're using an | |
139 | application based on 0.9.7 (or later) and the support you desire is only | |
140 | announced for versions later than the one you need, ask the vendor to | |
141 | backport their ENGINE to the version you need. | |
142 | ||
143 | How does "dynamic" work? | |
144 | ------------------------ | |
1dc1ea18 DDO |
145 | |
146 | The dynamic ENGINE has a special flag in its implementation such that | |
147 | every time application code asks for the 'dynamic' ENGINE, it in fact | |
148 | gets its own copy of it. As such, multi-threaded code (or code that | |
149 | multiplexes multiple uses of 'dynamic' in a single application in any | |
150 | way at all) does not get confused by 'dynamic' being used to do many | |
151 | independent things. Other ENGINEs typically don't do this so there is | |
152 | only ever 1 ENGINE structure of its type (and reference counts are used | |
153 | to keep order). The dynamic ENGINE itself provides absolutely no | |
154 | cryptographic functionality, and any attempt to "initialise" the ENGINE | |
155 | automatically fails. All it does provide are a few "control commands" | |
156 | that can be used to control how it will load an external ENGINE | |
157 | implementation from a shared-library. To see these control commands, | |
158 | use the command-line; | |
159 | ||
160 | openssl engine -vvvv dynamic | |
161 | ||
162 | The "SO_PATH" control command should be used to identify the | |
163 | shared-library that contains the ENGINE implementation, and "NO_VCHECK" | |
164 | might possibly be useful if there is a minor version conflict and you | |
165 | (or a vendor helpdesk) is convinced you can safely ignore it. | |
166 | "ID" is probably only needed if a shared-library implements | |
167 | multiple ENGINEs, but if you know the engine id you expect to be using, | |
168 | it doesn't hurt to specify it (and this provides a sanity check if | |
169 | nothing else). "LIST_ADD" is only required if you actually wish the | |
170 | loaded ENGINE to be discoverable by application code later on using the | |
171 | ENGINE's "id". For most applications, this isn't necessary - but some | |
172 | application authors may have nifty reasons for using it. The "LOAD" | |
173 | command is the only one that takes no parameters and is the command | |
174 | that uses the settings from any previous commands to actually *load* | |
175 | the shared-library ENGINE implementation. If this command succeeds, the | |
176 | (copy of the) 'dynamic' ENGINE will magically morph into the ENGINE | |
177 | that has been loaded from the shared-library. As such, any control | |
178 | commands supported by the loaded ENGINE could then be executed as per | |
179 | normal. Eg. if ENGINE "foo" is implemented in the shared-library | |
180 | "libfoo.so" and it supports some special control command "CMD_FOO", the | |
181 | following code would load and use it (NB: obviously this code has no | |
182 | error checking); | |
183 | ||
184 | ENGINE *e = ENGINE_by_id("dynamic"); | |
185 | ENGINE_ctrl_cmd_string(e, "SO_PATH", "/lib/libfoo.so", 0); | |
186 | ENGINE_ctrl_cmd_string(e, "ID", "foo", 0); | |
187 | ENGINE_ctrl_cmd_string(e, "LOAD", NULL, 0); | |
188 | ENGINE_ctrl_cmd_string(e, "CMD_FOO", "some input data", 0); | |
189 | ||
190 | For testing, the "openssl engine" utility can be useful for this sort | |
191 | of thing. For example the above code excerpt would achieve much the | |
192 | same result as; | |
193 | ||
194 | openssl engine dynamic \ | |
195 | -pre SO_PATH:/lib/libfoo.so \ | |
196 | -pre ID:foo \ | |
197 | -pre LOAD \ | |
198 | -pre "CMD_FOO:some input data" | |
199 | ||
200 | Or to simply see the list of commands supported by the "foo" ENGINE; | |
201 | ||
202 | openssl engine -vvvv dynamic \ | |
203 | -pre SO_PATH:/lib/libfoo.so \ | |
204 | -pre ID:foo \ | |
205 | -pre LOAD | |
206 | ||
207 | Applications that support the ENGINE API and more specifically, the | |
208 | "control commands" mechanism, will provide some way for you to pass | |
209 | such commands through to ENGINEs. As such, you would select "dynamic" | |
210 | as the ENGINE to use, and the parameters/commands you pass would | |
211 | control the *actual* ENGINE used. Each command is actually a name-value | |
212 | pair and the value can sometimes be omitted (eg. the "LOAD" command). | |
213 | Whilst the syntax demonstrated in "openssl engine" uses a colon to | |
214 | separate the command name from the value, applications may provide | |
215 | their own syntax for making that separation (eg. a win32 registry | |
216 | key-value pair may be used by some applications). The reason for the | |
217 | "-pre" syntax in the "openssl engine" utility is that some commands | |
218 | might be issued to an ENGINE *after* it has been initialised for use. | |
219 | Eg. if an ENGINE implementation requires a smart-card to be inserted | |
220 | during initialisation (or a PIN to be typed, or whatever), there may be | |
221 | a control command you can issue afterwards to "forget" the smart-card | |
222 | so that additional initialisation is no longer possible. In | |
223 | applications such as web-servers, where potentially volatile code may | |
224 | run on the same host system, this may provide some arguable security | |
225 | value. In such a case, the command would be passed to the ENGINE after | |
226 | it has been initialised for use, and so the "-post" switch would be | |
227 | used instead. Applications may provide a different syntax for | |
228 | supporting this distinction, and some may simply not provide it at all | |
229 | ("-pre" is almost always what you're after, in reality). | |
b22bda21 | 230 | |
a8a18782 GT |
231 | How do I build a "dynamic" ENGINE? |
232 | ---------------------------------- | |
1dc1ea18 DDO |
233 | |
234 | This question is trickier - currently OpenSSL bundles various ENGINE | |
235 | implementations that are statically built in, and any application that | |
236 | calls the "ENGINE_load_builtin_engines()" function will automatically | |
237 | have all such ENGINEs available (and occupying memory). Applications | |
238 | that don't call that function have no ENGINEs available like that and | |
239 | would have to use "dynamic" to load any such ENGINE - but on the other | |
240 | hand such applications would only have the memory footprint of any | |
241 | ENGINEs explicitly loaded using user/admin provided control commands. | |
242 | The main advantage of not statically linking ENGINEs and only using | |
243 | "dynamic" for hardware support is that any installation using no | |
244 | "external" ENGINE suffers no unnecessary memory footprint from unused | |
245 | ENGINEs. Likewise, installations that do require an ENGINE incur the | |
246 | overheads from only *that* ENGINE once it has been loaded. | |
247 | ||
248 | Sounds good? Maybe, but currently building an ENGINE implementation as | |
249 | a shared-library that can be loaded by "dynamic" isn't automated in | |
250 | OpenSSL's build process. It can be done manually quite easily however. | |
251 | Such a shared-library can either be built with any OpenSSL code it | |
252 | needs statically linked in, or it can link dynamically against OpenSSL | |
253 | if OpenSSL itself is built as a shared library. The instructions are | |
254 | the same in each case, but in the former (statically linked any | |
255 | dependencies on OpenSSL) you must ensure OpenSSL is built with | |
256 | position-independent code ("PIC"). The default OpenSSL compilation may | |
257 | already specify the relevant flags to do this, but you should consult | |
258 | with your compiler documentation if you are in any doubt. | |
259 | ||
260 | This example will show building the "atalla" ENGINE in the | |
261 | crypto/engine/ directory as a shared-library for use via the "dynamic" | |
262 | ENGINE. | |
263 | ||
264 | 1. "cd" to the crypto/engine/ directory of a pre-compiled OpenSSL | |
265 | source tree. | |
266 | ||
267 | 2. Recompile at least one source file so you can see all the compiler | |
268 | flags (and syntax) being used to build normally. Eg; | |
269 | ||
270 | touch hw_atalla.c ; make | |
271 | ||
272 | will rebuild "hw_atalla.o" using all such flags. | |
273 | ||
274 | 3. Manually enter the same compilation line to compile the | |
275 | "hw_atalla.c" file but with the following two changes; | |
276 | * add "-DENGINE_DYNAMIC_SUPPORT" to the command line switches, | |
277 | * change the output file from "hw_atalla.o" to something new, | |
278 | eg. "tmp_atalla.o" | |
279 | ||
280 | 4. Link "tmp_atalla.o" into a shared-library using the top-level | |
281 | OpenSSL libraries to resolve any dependencies. The syntax for doing | |
282 | this depends heavily on your system/compiler and is a nightmare | |
283 | known well to anyone who has worked with shared-library portability | |
284 | before. 'gcc' on Linux, for example, would use the following syntax; | |
285 | ||
286 | gcc -shared -o dyn_atalla.so tmp_atalla.o -L../.. -lcrypto | |
287 | ||
288 | 5. Test your shared library using "openssl engine" as explained in the | |
289 | previous section. Eg. from the top-level directory, you might try | |
290 | ||
291 | apps/openssl engine -vvvv dynamic \ | |
292 | -pre SO_PATH:./crypto/engine/dyn_atalla.so -pre LOAD | |
293 | ||
294 | If the shared-library loads successfully, you will see both "-pre" | |
295 | commands marked as "SUCCESS" and the list of control commands | |
296 | displayed (because of "-vvvv") will be the control commands for the | |
297 | *atalla* ENGINE (ie. *not* the 'dynamic' ENGINE). You can also add | |
298 | the "-t" switch to the utility if you want it to try and initialise | |
299 | the atalla ENGINE for use to test any possible hardware/driver issues. | |
56245be4 RL |
300 | |
301 | PROBLEMS | |
302 | ======== | |
303 | ||
3b80e3aa | 304 | It seems like the ENGINE part doesn't work too well with CryptoSwift on Win32. |
a8a18782 GT |
305 | A quick test done right before the release showed that trying "openssl speed |
306 | -engine cswift" generated errors. If the DSO gets enabled, an attempt is made | |
307 | to write at memory address 0x00000002. | |
56245be4 | 308 |