Cryptography for developers

Updated: May 06, 2022

QNX Neutrino offers developers many alternatives for cryptography functions.

QNX Cryptography Library

The QNX Cryptography Library (qcrypto) is a shim layer library that is used in QNX Neutrino components and interfaces that use cryptography providers. It provides access to cryptography providers through a plugin system that is configurable at the system level and allows a “write-once” approach where changing the cryptography provider doesn’t require recompiling the application code. This library should be the preferred solution for any new application code on QNX Neutrino. The plugin system can be extended to any third-party cryptography library or even hardware cryptography interfaces.

The library uses a “tag” – a character string keyword – to identify the cryptography provider to use with the library calls. If the tag value provided is NULL, the name of the process binary is used by default. This tag value paired with the qcrypto configuration file allows the system to choose which cryptography provider to use with a process. Because there is no clear advantage to using another value as the tag name, developers will usually want to use NULL.

For more information, see QNX Cryptography Library.

OpenSSL

The OpenSSL open source library is provided with QNX Neutrino.

For more information, see “OpenSSL” in the “Security features for system integrators” section.

devcrypto

The devcrypto service is a legacy system driver interface and is mainly provided for backwards compatibility. It uses the ioctl API and its capabilities are limited to digests, macs and symmetric cryptography. Previously, it was used to provided access to hardware cryptography accelerators on the system, but currently is seldom used.

For more information, see “devcrypto” in the “Security features for system integrators” section.