Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

re-add a few engine bindings for advanced users #5449

Merged
merged 2 commits into from
Sep 1, 2020

Conversation

reaperhulk
Copy link
Member

For users who are capable of compiling cryptography against custom openssl and properly using these functions this hopefully allows PKCS11 usage through OpenSSL engines.

We've seen quite a few requests for this to be re-added over the past year, OpenSSL 3.0 is not coming out quickly (and providers won't replace engines immediately), and since we now support no-engine the maintenance burden here should be manageable.

Note that we are not directly supporting the use of this, merely providing the escape hatch for advanced users. If there are additional bindings that are missing please let us know, although we won't add functions that have equivalents already (e.g. EVP_sha256() is not needed because you can get the EVP_MD *via a call toEVP_get_digestbyname`).

For users who are capable of compiling cryptography against custom
openssl and properly using these functions this hopefully allows
PKCS11 usage through OpenSSL engines.
@reaperhulk
Copy link
Member Author

reaperhulk commented Sep 1, 2020

Fixes #4967 and #5186 (although there will be a longer term provider followup on the latter)

@alex alex merged commit ad05ebb into pyca:master Sep 1, 2020
@reaperhulk reaperhulk deleted the engine-again branch September 1, 2020 20:43
@github-actions github-actions bot locked as resolved and limited conversation to collaborators Dec 1, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Development

Successfully merging this pull request may close these issues.

2 participants