QNX Neutrino supports many cryptographic algorithms through features such as the OpenSSL library and utility and the QNX Neutrino devcrypto service.
OpenSSL cryptography support is available via the following libraries:
For more information on OpenSSL including openssl commands, go to https://www.openssl.org/docs/man1.0.2/ or https://www.openssl.org/docs/man1.1.1/.
The OpenSSL that QNX Neutrino provides allows you to redirect to devcrypto calls for cryptography operations that use the OpenSSL EVP API. This redirection allows access to EVP functions without recompiling application programs using OpenSSL.
For processes that use or link to the OpenSSL library (libcrypto), the following environment variable automatically redirects cryptography operations:
OPENSSL_CRYPTODEV=["alg1,alg2,..."|all] process_path args
where "alg1,alg2,..." are the algorithms that will be handled by devcrypto instead of OpenSSL's internal implementation. (Specify the algorithms using the names that OpenSSL uses internally.) Alternatively, specify all to redirect to devcrypto all algorithms that it supports; unsupported algorithms use OpenSSL.
In addition, specifying the OPENSSL_CRYPTODEV_DEBUG provides debug output related to the algorithm registration.
The devcrypto service provides cryptography support through the "standard" /dev/crypto interface (similar to OpenBSD's cryptodev userspace API). The QNX Neutrino /dev/crypto is a driver that exposes an interface that uses I/O control calls to perform cryptography operations (MAC, digest, cipher, AEAD cipher, etc.). The devcrypto plugin API allows you to create a software backend to devcrypto, which provides access to either software and hardware cryptographic accelerators.