[openssl-dev] [crypto engine]: API users try to find separate external library for new engine

Richard Levitte levitte at openssl.org
Wed Feb 3 17:30:29 UTC 2016


In message <DB5PR04MB130223CEE74CBCF28276C1FDEED00 at DB5PR04MB1302.eurprd04.prod.outlook.com> on Wed, 3 Feb 2016 16:34:44 +0000, Catalin Vasile <cata.vasile at nxp.com> said:

cata.vasile> I'm trying to make a new crypto engine.
cata.vasile> 
cata.vasile> Any application that tries to use my custom OpenSSL
cata.vasile> library that includes my engine gives me an error trying
cata.vasile> to find an external library for my new engine (it tries
cata.vasile> to locate /usr/lib/libhwrng.so, where hwrng is my
cata.vasile> engine), although if I run a "grep -R 'hwrng' . " in the
cata.vasile> install folder it finds references in the libcrypto.so .
cata.vasile> 
cata.vasile> I have done a "grep -R 'cryptodev' ." and it is
cata.vasile> referenced the same amount of times and in the same
cata.vasile> files.
cata.vasile> 
cata.vasile> What could I be missing that cryptodev is loaded
cata.vasile> "naturally" (it knows it's inside libcrypto.so), but
cata.vasile> engine hwrng is seen as being something totally external?

So it sounds like you've make your engine part of libcrypto.so instead
of making it a separate dynamic lib, is that correct?

We don't really support that, even if it is possible.  Can I encourage
you to make your engine a separate dynamic lib?  If you want a quick
crash course on how to do that, may I suggest you have a look at the
blog series I started a few months ago?  This blog will tell you the
basics (*very* basic, but does demonstrate the dynamic library solution):

https://www.openssl.org/blog/blog/2015/10/08/engine-building-lesson-1-a-minimum-useless-engine/

Cheers,
Richard

-- 
Richard Levitte         levitte at openssl.org
OpenSSL Project         http://www.openssl.org/~levitte/


More information about the openssl-dev mailing list