On 10/24/2012 11:03 PM, Munagala Ramanath wrote:
Just downloaded built openssl 1.0.1c on Ubuntu 10.04 x86_64 with the
standard commands:
./config
make
make test
All is well but I noticed that these files from 'engines' are compiled
but the resulting objects are
not put into any library:
e_4758cca, e_aep, e_atalla, e_cswift, e_gmp, e_chil,
e_nuron, e_sureware, e_ubsec, e_padlock, e_capi
Is this expected ? Any info on why this is necessary is much
appreciated, thanks.
If I understand your question, engines are like "plug-in" stuff: they
are not linked with / from other libraries.
You activate them at run-time because they provide a common API, the
final purpose is to make some functions be performed not by the OpenSSL
library but by some external hardware.
In other words, once you activate an engine from inside OpenSSL, you can
use the engine to, for instance, perform an encryption operation calling
the standard OpenSSL functions for that, but the encryption will be
performed by the hardware that is supposed to be used with that engine.
Sometimes this is just useful for acceleration; most of the time, if you
have your keys in special hardware, it is mandatory (to use the proper
engine).
