On Fri, Apr 08, 2005, Edward Chan wrote: > So what are the purpose of the ENGINE_ctrl_* functions? Assuming I don't > use the auto-config file, what steps would I need to do to get the crypto > card working? I already have a configuration file so I don't want to have > another one. I'd like to keep my app flexible enough that I can use > whatever crypt accelerator card the user has. >
The autoconfig mechanism can use an existing configuration provided it uses NCONF. Configuration commands embedded inside it in the appropriate format. It can also handle the internals of initialization and setting default algorithms. Once that's done any operation which uses the appropriate cryptographic algorithms are handled by the configured hardware transparently. ALL applications should use the auto configuration option if at all possible. However it is fairly new so many do not. The point is that if and when new features are added to ENGINE (and other parts of OpenSSL) an auto config aware application will be able to use many of them automatically. If you don't use auto config you'll have to update your application to handle new features as they are added. The purpose of ctrls is to allow ENGINE specific ctrl commands: for example configuration commands. An example would be the location of any additional libraries to load. In your particular case you need to use the "chil" ENGINE for ncipher cards. You can use the 'openssl' command line utility to test it. For example: openssl speed -engine chil rsa1024 Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Funding needed! Details on homepage. Homepage: http://www.drh-consultancy.demon.co.uk ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]