https://github.com/parallaxsecond/parsec-openssl-provider
Parsec OpenSSL Provider
https://github.com/parallaxsecond/parsec-openssl-provider
Last synced: 2 days ago
JSON representation
Parsec OpenSSL Provider
- Host: GitHub
- URL: https://github.com/parallaxsecond/parsec-openssl-provider
- Owner: parallaxsecond
- License: apache-2.0
- Created: 2023-11-24T13:59:09.000Z (over 1 year ago)
- Default Branch: main
- Last Pushed: 2024-05-23T16:03:21.000Z (12 months ago)
- Last Synced: 2024-12-06T21:43:48.107Z (5 months ago)
- Language: Rust
- Size: 141 KB
- Stars: 1
- Watchers: 4
- Forks: 1
- Open Issues: 2
-
Metadata Files:
- Readme: README.md
- Changelog: CHANGELOG.md
- License: LICENSE
- Security: SECURITY.md
Awesome Lists containing this project
README
# parsec-openssl-provider
Parsec OpenSSL Provider is an OpenSSL 3.x provider to access the Parsec Service for
performing cryptographic operations using hardware backed keys.
Learn more about Parsec [here](https://github.com/parallaxsecond/parsec).
The provider should work with any version of the Parsec Service starting from 1.x.x
but it is recommended to use the latest available version.
# Build Prerequisites
- OpenSSL 3.x.x libraries and development headers
# Building the provider
Use the following commands to build a shared library of the parsec provider that can
be dynamically loaded by openssl,
```
cd parsec-openssl-provider-shared
cargo build
```
You should be able to find the provider libparsec_openssl_provider_shared.so under
/parsec-openssl-provider/target/debug/.
# Configuring the provider
The easiest way to load and run the provider is by using the openssl config file. You
can add the following section to your existing config file,
```
[openssl_init]
providers = provider_sect
[provider_sect]
default = default_sect
parsec = parsec_sect
[parsec_sect]
module = /path-to-shared-library/libparsec_openssl_provider_shared.so
activate = 1
[default_sect]
activate = 1
```
Once configured, you can list the providers loaded using the following command and ensure that parsec is loaded successfully.
```
openssl list -providers
```
You can explicitly specify the provider in the above command instead of using the openssl config file as shown below,
```
openssl list -providers -provider-path /path/to/provider -provider libparsec_openssl_provider_shared
```
# License
The software is provided under Apache-2.0. Contributions to this project are accepted
under the same license.