Security Builder Engine for OpenSSL Library

Enable FIPS-validated cryptography with an OpenSSL application.

Some applications require that FIPS-validated cryptography be used to ensure a certain level of security. For example, many government applications require that data be protected using FIPS-validated cryptography.

You can use FIPS-validated cryptography in your OpenSSL application by calling ENGINE_load_sb() . This function uses the OpenSSL dynamic ENGINE to load and register the Security Builder Engine for OpenSSL. This replaces the default cryptography used by OpenSSL with the BlackBerry OS Cryptographic Engine (version 5.6), which has been validated to FIPS 140-2, Level 1, under certificate #1578.

When you use Security Builder Engine for OpenSSL in your application, you must also call the OpenSSL ENGINE_cleanup() function before program exit, to avoid memory leaks.

OpenSSL ENGINE API documentation may be found at http://www.openssl.org/docs/crypto/engine.html.

Last modified: 2013-12-21

comments powered by Disqus