Since I already have a well-formed config file, I think it would be a minimalistic change to hijack the "OPENSSL_noconfig" function (instead of changing the code for Init).
But your idea could work too. Even if I do implement your idea though, I will still remove the random number generation routines in drbg_lib.c, as there should not be any software psudeorandomness generator on my embedded device. On Saturday, November 2, 2019, Salz, Rich <rs...@akamai.com> wrote: > If you are changing openssl, why not just change the init function to load > your engine and abort/exit/fail if it doesn’t load? > > >
