> >>> I doubt the OS vendors would bother > >>> to enable an engine by default, testing of the possible > >>> configurations is expensive and the costs of support calls if they > >>> mess up makes autodetecting the engine to use a very unattractive > >>> proposition. > >> > >> One can discuss loading selected engines by default, i.e. you'd > >> have to work to not load it:-) Then it wouldn't be any different, > >> yet provide > > > > I am new to OpenSSL. Can you tell me how to do that? how to use the > > proper engine automatically?
I seem to recall that the cryptodev engine (for use on *BSDs) is loaded by default if HAVE_CRYPTODEV is defined, and if so, the load function will bind the engine at run time if /dev/crypto is alive and well. This means it'll get used by default for those algorithms/modes it supports. Isn't this precisely what you'd want to do for processor-specific enhancements? Enable compilation on platforms that might have your processor by setting the corresponding -D<foo> in Configure, and then have your load function bind the engine only if a run-time check shows you're running on a compatible chip. Cheers, Geoff -- Un terrien, c'est un singe avec des clefs de char... ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]
