On July 7, 2004 06:39 pm, Joe smith wrote: > I am new to openssl and am still exploring its use. Can someone tell me > what is the use of the various Engines in openssl.
Well that depends on who you listen to, there are some who would tell you that the sole use of those engines is to grow your libraries by a few Kb :-) The other explanation that's been floated from time to time suggests that those engines provide alternative implementations of various cryptographic algorithms/services in a plug-in form. Most of the current ones are there to support cryptographic hardware of various sorts, but there's also one that provides an RSA implementation based on the GMP library (http://swox.com/gmp/), and [Open|Free|?]BSD systems also get an engine that exposes their /dev/crypto kernel crypto interface. > And what happens if > I disable the engine? Well, if you disable engine functionality in the openssl libs, it means that your application won't be able to use engines. Of course, if your application doesn't make any engine API calls (or it does, but you're already using recent openssl CVS snapshots, where engines can usually be built as separate load-on-demand libraries), then there won't be any significant engine footprint for your application unless it actually loads and uses an engine at run-time. The ability to build openssl libs with engine support completely disabled was more relevant in older releases where footprint bloat was a problem, though it may still be relevant for some restricted (eg. embedded) environments where disk space (or flash memory) is limited. Hope that helps. Cheers, Geoff -- Geoff Thorpe [EMAIL PROTECTED] http://www.geoffthorpe.net/ ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
