Re: [openssl-dev] A new openssl engine

2015-06-25 Thread Alexander Gostrer
Hi Matt, > No, not at the moment. We do have a page on the Wiki though that could > contain such a list quite nicely. See: > https://wiki.openssl.org/index.php/Related_Links > I think adding an "Engines" section to there would fit quite well. I think it is a good idea Thank you, Alex. On Thu,

Re: [openssl-dev] A new openssl engine

2015-06-25 Thread Matt Caswell
On 25/06/15 21:58, Viktor Dukhovni wrote: > On Thu, Jun 25, 2015 at 10:48:08PM +0200, Kurt Roeckx wrote: > >> On Thu, Jun 25, 2015 at 11:36:58PM +0300, Dmitry Belyavsky wrote: >>> >>> BTW, what does the OpenSSL Team plan regarding the GOST engine? >> >> I think some of us want to get rid of it,

Re: [openssl-dev] A new openssl engine

2015-06-25 Thread Matt Caswell
On 25/06/15 18:48, Alexander Gostrer wrote: > Matt, > > When you say "would prefer new engines to be maintained outside of the > OpenSSL tree", do you mean a private webpage and/or GitHub? Yes. That's exactly what I had in mind. > Is there a > central list of Engine implementations? Something

Re: [openssl-dev] A new openssl engine

2015-06-25 Thread Dmitry Belyavsky
Hello Viktor, On Thu, Jun 25, 2015 at 11:58 PM, Viktor Dukhovni < openssl-us...@dukhovni.org> wrote: > On Thu, Jun 25, 2015 at 10:48:08PM +0200, Kurt Roeckx wrote: > > > On Thu, Jun 25, 2015 at 11:36:58PM +0300, Dmitry Belyavsky wrote: > > > > > > BTW, what does the OpenSSL Team plan regarding t

Re: [openssl-dev] A new openssl engine

2015-06-25 Thread Viktor Dukhovni
On Thu, Jun 25, 2015 at 10:48:08PM +0200, Kurt Roeckx wrote: > On Thu, Jun 25, 2015 at 11:36:58PM +0300, Dmitry Belyavsky wrote: > > > > BTW, what does the OpenSSL Team plan regarding the GOST engine? > > I think some of us want to get rid of it, because it's rather > crappy code. I think that

Re: [openssl-dev] A new openssl engine

2015-06-25 Thread Kurt Roeckx
On Thu, Jun 25, 2015 at 11:36:58PM +0300, Dmitry Belyavsky wrote: > > BTW, what does the OpenSSL Team plan regarding the GOST engine? I think some of us want to get rid of it, because it's rather crappy code. Kurt ___ openssl-dev mailing list To uns

Re: [openssl-dev] A new openssl engine

2015-06-25 Thread Dmitry Belyavsky
Hello Alexander, On Thu, Jun 25, 2015 at 9:38 PM, Alexander Gostrer wrote: > Hi Rich, > > It was my customer's request. I can ask them why:). Personally I think > that it is a good idea to show what hardware is available and supported by > openssl (even if maintained by a private party as a part

Re: [openssl-dev] A new openssl engine

2015-06-25 Thread Alexander Gostrer
Hi Rich, It was my customer's request. I can ask them why:). Personally I think that it is a good idea to show what hardware is available and supported by openssl (even if maintained by a private party as a part of their SDK). Couple years ago I was looking for a good HSM with good openssl support

Re: [openssl-dev] A new openssl engine

2015-06-25 Thread Salz, Rich
Most folks with crypto hardware usually include and maintain their ENGINE manipulation as part of their SDK. Is there any reason why this approach doesn't work here? -- Senior Architect, Akamai Technologies IM: richs...@jabber.at Twitter: RichSalz

Re: [openssl-dev] A new openssl engine

2015-06-25 Thread Alexander Gostrer
Matt, When you say "would prefer new engines to be maintained outside of the OpenSSL tree", do you mean a private webpage and/or GitHub? Is there a central list of Engine implementations? Something that helps the outside world to find a solution not covered by the openssl community? Thank you, Al

Re: [openssl-dev] A new openssl engine

2015-06-25 Thread David Woodhouse
On Thu, 2015-06-25 at 15:45 +, Viktor Dukhovni wrote: > On Thu, Jun 25, 2015 at 04:34:34PM +0100, Matt Caswell wrote: > > > Whether such a patch would be accepted though is an entirely > > different > > thing. Personally I would prefer new engines to be maintained > > outside of > > the Open

Re: [openssl-dev] A new openssl engine

2015-06-25 Thread Alexander Gostrer
Thank you, Matt, Viktor, I very like "clearly written, sensibly commented and well documented" code:) It will be not a problem:) But if you are going to retire existing engines then looks like I have no choice. Thank you, Alex. On Thu, Jun 25, 2015 at 8:45 AM, Viktor Dukhovni wrote: > On Thu,

Re: [openssl-dev] A new openssl engine

2015-06-25 Thread Viktor Dukhovni
On Thu, Jun 25, 2015 at 04:34:34PM +0100, Matt Caswell wrote: > Whether such a patch would be accepted though is an entirely different > thing. Personally I would prefer new engines to be maintained outside of > the OpenSSL tree. Inclusion in the OpenSSL tree implies that the OpenSSL > dev team wi

Re: [openssl-dev] A new openssl engine

2015-06-25 Thread Matt Caswell
On 25/06/15 16:26, Alexander Gostrer wrote: > Hi All, > > Sorry for a wide distribution. I am in a process of writing an OpenSSL > engine to support my client hardware. The client requested to publish > the code on the openssl.org site. What are openssl > criterions for publ

[openssl-dev] A new openssl engine

2015-06-25 Thread Alexander Gostrer
Hi All, Sorry for a wide distribution. I am in a process of writing an OpenSSL engine to support my client hardware. The client requested to publish the code on the openssl.org site. What are openssl criterions for publishing new engines/adding new features? Is there a document or a person who can