Cryptography for developers

QNX SDP8.0QNX OS System Security GuideAPIConfiguration

QNX OS offers developers many alternatives for cryptography functions.

QNX Cryptography Library

The QNX Cryptography Library (qcrypto) is a shim layer library that is used in QNX OS components and interfaces that use cryptography providers. It provides access to cryptography providers through a plugin system that is configurable at the system level and allows a “write-once” approach where changing the cryptography provider doesn’t require recompiling the application code. This library should be the preferred solution for any new application code on QNX OS. The plugin system can be extended to any third-party cryptography library or even hardware cryptography interfaces.

The library uses a “tag” – a character string keyword – to identify the cryptography provider to use with the library calls. If the tag value provided is NULL, the name of the process binary is used by default. This tag value paired with the qcrypto configuration file allows the system to choose which cryptography provider to use with a process. Because there is no clear advantage to using another value as the tag name, developers will usually want to use NULL.

For more information, see QNX Cryptography Library.

OpenSSL

The OpenSSL open source library is provided with QNX OS.

For more information, see OpenSSL in the Security features for system integrators section.

devcrypto

The devcrypto service is a legacy system driver interface and is mainly provided for backwards compatibility. It uses the ioctl API and its capabilities are limited to digests, macs and symmetric cryptography. Previously, it was used to provided access to hardware cryptography accelerators on the system, but currently is seldom used.

For more information, see “devcrypto” in the Security features for system integrators section.

Page updated: