From c90be3b1430ef904f4060a3b886b54de22d2e2d6 Mon Sep 17 00:00:00 2001 From: Adam Langley Date: Fri, 4 Aug 2017 12:31:20 -0700 Subject: [PATCH] Add a paragraph to PORTING.md about async private keys. Change-Id: I4aae8066292bf9a5dd5d94e8568cbfbca99746dc Reviewed-on: https://boringssl-review.googlesource.com/18925 Reviewed-by: David Benjamin --- PORTING.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/PORTING.md b/PORTING.md index 86f67be5..ca9f6a44 100644 --- a/PORTING.md +++ b/PORTING.md @@ -269,3 +269,7 @@ When using these functions, the application also needs to ensure that it doesn't In order to use buffers, the application code also needs to implement its own certificate verification using `SSL_[CTX_]set_custom_verify`. Otherwise all connections will fail with a verification error. Auto-chaining is also disabled when using buffers. Once those changes have been completed, the whole of the OpenSSL X.509 and ASN.1 code should be eliminated by the linker if BoringSSL is linked statically. + +### Asynchronous and opaque private keys + +OpenSSL offers the ENGINE API for implementing opaque private keys (i.e. private keys where software only has oracle access because the secrets are held in special hardware or on another machine). While the ENGINE API has been mostly removed from BoringSSL, it is still possible to support opaque keys in this way. However, when using such keys with TLS and BoringSSL, you should strongly prefer using `SSL_PRIVATE_KEY_METHOD` via `SSL[_CTX]_set_private_key_method`. This allows a handshake to be suspended while the private operation is in progress. It also supports more forms of opaque key as it exposes higher-level information about the operation to be performed.