Hi. I'm writing a book on open source network security tools and I'm covering a portion of OpenSSL and I have a few questions for those of you who are "seasoned" OpenSSL users / developers. I'll ask them in order of stupidity... ;)
1) The evp(3) interface (all of the EVP_ functions) refers to an "Envelope" interface, right? 2) The "_ex" functions (such as EVP_CipherInit_ex(), EVP_DigestInit_ex(), etc) appear to offer Engine arguments where applicable. Is this the only tangible benefit? Is there any reason as an application programmer using the default software engine to use these _ex functions as opposed to the regular counterparts (which call the _ex functions internally)? What is the "_ex" supposed to canonically refer to? 3) I will have this short 15 page chapter completed in a few days and I would love to get someone from the OpenSSL project to give the once over from a technical perspective (it shouldn't take more than an hour of work for someone handy with the library). The chapter consists of an overview of a few of the finer points of the library and some very short sample code that needs another set of eyes. I can't offer any cash as my publisher has not given me a budget for this, but I can get books for the reviewer! If anyone has any remote interest in helping me out, getting your name in my up and coming book, and getting some free books (technical or otherwise) from the world's largest book publisher, Wiley and Sons, please let me know ASAP! -- Mike Schiffman, CISSP Director of Security Architecture @stake, Inc 565 Commercial Street San Francisco, CA 94111 415.572.6014 ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
