#CryptoAuthentication OpenSSL Engine

Overview

This is an OpenSSL Engine implementation using ATECC508A for ECC key storage, ECDSA sign/verify, ECDH, and FIPS Random Number Generator

The implementation integrates the Atmel ATECC508A into the OpenSSL ENGINE API to provide secure hardware key storage, CAVP certified random numbers, P256 ECDSA & ECDH, and secure storage for data.

This project will integrate the key creation and import capabilities of the ATECC508A into the OpenSSL key creation and certificate creation process.

Also, secure key storage for RSA keys are implemented using the encrypted read/write feature of the ATECC508A.

Supported Cipher Suites

Many ECDH(E)-ECDSA and ECDHE-RSA cipher suites are supported with the OpenSSL Engine for ATECC508A implementation.

Details for cipher suites can be found here

Download and Make

Build instructions for Linux can be found on the Wiki pages associate with this project.

See: Compile OpenSSL Engine for ATECC508A on Linux

Platform Integration

Follow the platform integration instructions found here

Unit Tests

Unit testing is provided for both integration of the ATECC508A device and OpenSSL Examples. For details see: Platform Integration Tests OpenSSL Engine Tests & Examples

Source-Level Documentation Full Doxygen source-level documentation is provided. See: /docs/doxygen/html/index.html

Web Server Setup

The OpenSSL Engine for ATECC508A can also be configured. See Details here.

Wiki Topics:

• Linux Development Setup
• Compiling on Linux
• Debugging on Linux
• ATECC508A Integration
• ATECC508A Certificate Provisioning
• Tests and Examples