bcrypto/bee2evp

An OpenSSL engine

Bee2evp: an OpenSSL engine

What is Bee2evp?

Bee2evp is a cryptographic library which encapsulates Bee2 into OpenSSL. Bee2evp provides cryptographic services using the EVP interface. Bee2evp is organized as an OpenSSL engine.

Build

mkdir build
cd build
cmake [-DCMAKE_BUILD_TYPE={Release|Debug|Coverage|ASan|ASanDbg|MemSan|MemSanDbg|Check}] ..
make
[make install]

Build types (Release by default):

• Coverage -- test coverage;
• ASan, ASanDbg -- address sanitizer;
• MemSan, MemSanDbg -- memory sanitizer;
• Check -- strict compile rules.

Preparations

Before building Bee2evp, it is necessary to build and configure Bee2 and OpenSSL. Bee2evp requires OpenSSL version 1.1.1 or higher.

Building Bee2

See instructions in github.com/agievich/bee2.

Building OpenSSL

1. Download the latest source files from openssl.org/source.
2. Unpack files into some directory, for example, openssl-1.1.1.
3. Go to this directory.
4. Run the following commands:

   mkdir build
   cd build
   ../config 
   make
   make install
   

By default, OpenSSL {headers|binaries|libraries} will be installed in the directory /usr/local/{include|bin|lib}.

Configuring OpenSSL

1. Rename /usr/local/ssl/openssl.cnf.dist -> /usr/local/lib/openssl.cnf.
2. Open /usr/local/lib/openssl.cnf.
3. Add the following text (before the [new_oids] section):

   openssl_conf = openssl_init
   [openssl_init]
   engines = engine_section
   [engine_section]
   bee2evp = bee2evp_section
   [bee2evp_section]
   engine_id = bee2evp
   dynamic_path = /usr/local/lib/libbee2evp.so
   default_algorithms = ALL
   

4. Make sure that LD_LIBRARY_PATH includes /usr/local/lib.

Listing the capabilities

openssl engine -c -t bee2evp

BTLS

In this folder, patches for different versions of OpenSSL are provided. These patches support the following ciphersuites defined in STB 34.101.65 (Btls, see apmi.bsu.by/resources/std.html):

• DHE-BIGN-WITH-BELT-CTR-MAC-HBELT;
• DHE-BIGN-WITH-BELT-DWP-HBELT;
• DHT-BIGN-WITH-BELT-CTR-MAC-HBELT;
• DHT-BIGN-WITH-BELT-DWP-HBELT;
• DHE-PSK-BIGN-WITH-BELT-CTR-MAC-HBELT;
• DHE-PSK-BIGN-WITH-BELT-DWP-HBELT;
• DHT-PSK-BIGN-WITH-BELT-CTR-MAC-HBELT;
• DHT-PSK-BIGN-WITH-BELT-DWP-HBELT.

An example of applying a patch can be found in travis.yml.

License

Bee2 is distributed under the Apache License version 2.0. See Apache 2.0 or LICENSE for details.

Automated tools

Platforms:

• Github Actions;
• Travis CI (archived).

Code coverage:

• CodeCov.