[openssl-users] Guidance on proper usage of OpenSSL_add_all_digests

Jeffrey Walton noloader at gmail.com
Wed Mar 2 19:10:15 UTC 2016


> Finally, for the crypto components, like SHA... I don't believe they
> need explicit initialization unless you are doing something like
> changing the default implementation from software to an engine. The
> SSL part of the library allows you to explicitly add selected
> algorithms to control what algorithms are used in that portion of the
> library.

My bad.. "Library Initialization | libcrypto Initialization"
(http://wiki.openssl.org/index.php/Library_Initialization#libcrypto_Initialization)
sates you can use either OpenSSL_add_all_ciphers,
OPENSSL_add_all_algorithms_noconf, or you can pick what you want when
initializing crypto portion of the library.

For picking what you want:

    void MyLIB_init_crypto(void)
    {
        EVP_add_cipher(EVP_sha1());
    }

The earlier still holds true. Initialize and install lock on the
primary thread. And take care when using static C++ objects.

Jeff


More information about the openssl-users mailing list