Hi,
I need some help with a special case: a dynamic engine with non-static
or configureable ciphers.
While I do not use cryptodev, the code provides a good example of the
intial problem:
http://cvs.openssl.org/fileview?f=openssl/crypto/engine/eng_cryptodev.c&v=1.23
I basically have it working, but there is a problem, during the first
call to af_alg_ciphers() I have to list all ciphers the engine *could*
support or none, as af_alg_ctrl() gets called later.
If I respond with all ciphers, OpenSSL will assume I support all of
them, and bail out unfriendly if told later on a given cipher is not
supported in af_alg_ciphers().
If I claim there are no supported ciphers during this initital call to
af_alg_ciphers(), the auto-engine loading feature via openssl.cnf does
not work and software using openssl may require modifications to use the
engine.
The code and instructions for my engine is available here:
http://src.carnivore.it/users/common/af_alg/
The comments for cryptodev_usable_ciphers and cryptodev_usable_digests
show there is a demand for a way to configure the ciphers/digests run by
the particular engine.
How to do it properly?
I want this to be a runtime option, not a compile time option.
MfG
Markus
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
