Libeay32.lib missing crypto engines
Hi Openssl-Dev Team, This is Rajesh Kumar from CISCO. We are using the Openssl libraries in our project in the Win 32 enviroment. We were using 0.9.8l version of the library earlier. We are now trying to migrate to 1.0.0a version. While building the 1.0.0a version we found that few crypto-engines are not built as part of libeay32.lib. They are built separately as dll's. In the 0.9.8l version we could see the same getting built as part of the libeay32.lib. Below is the difference highlighted, 0.9.8l version export functions from the libeay32.lib: 3218_ENGINE_load_4758cca 3210_ENGINE_load_aep 3130_ENGINE_load_atalla 2708_ENGINE_load_builtin_engines 3075_ENGINE_load_chil 2617_ENGINE_load_cryptodev 3027_ENGINE_load_cswift 2547_ENGINE_load_dynamic 3055_ENGINE_load_nuron 2657_ENGINE_load_openssl 3532_ENGINE_load_padlock 2498_ENGINE_load_private_key 2479_ENGINE_load_public_key 4046_ENGINE_load_ssl_client_cert 3211_ENGINE_load_sureware 2636_ENGINE_load_ubsec 1.0.0a version: 2475_ENGINE_init 2708_ENGINE_load_builtin_engines 2617_ENGINE_load_cryptodev 2547_ENGINE_load_dynamic 2657_ENGINE_load_openssl 2498_ENGINE_load_private_key 2479_ENGINE_load_public_key 4046_ENGINE_load_ssl_client_cert 2515_ENGINE_new Now we would like to know if there is any way to get the engines as part of the library file itself like the 0.9.8l version? We have our code directly referring to the ENGINE_load_ functions, due to which the linker errors are seen while using the 1.0.0a version. I tried to tweak around the no_static_engine variable in the perl file, but it did not help me much. Could you please help me out with this as this is very critical for our product security. Please let me know if you need any further information. With regards, Rajesh Kumar R
Re: Libeay32.lib missing crypto engines
On Mon, Jul 26, 2010, Rajesh Kumar wrote: This is Rajesh Kumar from CISCO. We are using the Openssl libraries in our project in the Win 32 enviroment. We were using 0.9.8l version of the library earlier. We are now trying to migrate to 1.0.0a version. While building the 1.0.0a version we found that few crypto-engines are not built as part of libeay32.lib. They are built separately as dll's. In the 0.9.8l version we could see the same getting built as part of the libeay32.lib. Try the option enable-static-engine on the command line to Configure, make sure you rebuild the makefile, clean and recompile. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
NIST SP 800-90 recommended RNGs
Are there any plans on implementing any of NIST SP 800-90 (http://csrc.nist.gov/publications/nistpubs/800-90/SP800-90revised_March2007.pdf) recommended RNGs, for example CTR_DRBG in OpenSSL? __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
Re: Libeay32.lib missing crypto engines
On Mon, Jul 26, 2010, Rajesh Kumar wrote: We have our code directly referring to the ENGINE_load_ functions, due to which the linker errors are seen while using the 1.0.0a version. Why do you do that instead of loading them all or referring to individual named ENGINEs? Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
Re: NIST SP 800-90 recommended RNGs
The OpenSSL team has FIPS compliant SP800-90 PRNG code already. The SP800-90 PRNG's are fairly greedy however so a re-write of the seed source is probably needed as well - and that's a tough problem. Peter From: Kriloff kril...@gmail.com To: openssl-dev@openssl.org Date: 27/07/2010 12:06 AM Subject:NIST SP 800-90 recommended RNGs Sent by:owner-openssl-...@openssl.org Are there any plans on implementing any of NIST SP 800-90 ( http://csrc.nist.gov/publications/nistpubs/800-90/SP800-90revised_March2007.pdf ) recommended RNGs, for example CTR_DRBG in OpenSSL? __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
RE: NIST SP 800-90 recommended RNGs
Which OpenSSL version is the SP800-90 PRNG code in? Is it there in the CVS branch and not released yet? -Original Message- From: owner-openssl-...@openssl.org [mailto:owner-openssl-...@openssl.org] On Behalf Of Peter Waltenberg Sent: Monday, July 26, 2010 3:26 PM To: openssl-dev@openssl.org Subject: Re: NIST SP 800-90 recommended RNGs The OpenSSL team has FIPS compliant SP800-90 PRNG code already. The SP800-90 PRNG's are fairly greedy however so a re-write of the seed source is probably needed as well - and that's a tough problem. Peter From: Kriloff kril...@gmail.com To: openssl-dev@openssl.org Date: 27/07/2010 12:06 AM Subject:NIST SP 800-90 recommended RNGs Sent by:owner-openssl-...@openssl.org Are there any plans on implementing any of NIST SP 800-90 ( http://csrc.nist.gov/publications/nistpubs/800-90/SP800-90revised_March2 007.pdf ) recommended RNGs, for example CTR_DRBG in OpenSSL? __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org