Hi, On Tuesday 05 March 2002 08:12, John Viega wrote: > On Mon, Mar 04, 2002 at 02:48:46PM +0100, Richard Levitte - VMS Whacker wrote: > > I'm not sure why you need to yank out source when it's just as easy to > > link with libcrypto and make sure you only use the specific > > algorithms. In such a case, one should avoid using things like > > EVP_get_cipherbyname() since that requires that all compiled > > algorithms be linked in. > > I was thinking more of environments where dynamic linking doesn't > exist, or everything you need has to be stored in a limited amount of > space like a floppy or some sort of solid-state memory device. This > is somewhat common.
Well yes, but as Richard was explaining - static linking with a libcrypto.a full of stuff is not that different to linking with a custom-built "./crypto/des/"-only libdes.a - your linked executable should just contain the DES bits either way. There's no particular win, that I can see anyway, to not *building* the rest of libcrypto ... any respectable linker will only drag in object files from the archive that are required. > Off the top of my head, I don't see why a well-organized library > couldn't have well-compartmentalized algorithms that can be easily > ripped out, yet are all accessible through a generic interface such as > EVP. That is, I don't see any disadvantage to such an approach, Well, EVP *should* work like that now, though I fear that some C files in crypto/evp/ could have links across into other stuff (eg. perhaps RSA, DSA, etc). Without trying it I can't be sure. But if you don't call OpenSSL_add_all_[algorithms|ciphers|digests], and instead simply call EVP_add_[cipher|digest] for those algo's you want, then EVP should work as you suggest. > especially if there's no fear of people breaking out little parts and > maintaining them separately. This is what a linker (for static-linking anyhow) does ... it rips object files out of an archive on an "as-needed" basis ... why is it so important to actually build miniature archives? Cheers, Geoff ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
