ENGINE_set_default() and ciphers/digests

Thu, 03 Nov 2011 05:57:07 -0700 

I have an ENGINE that implements many of the same algorithms that OpenSSL
already supports. It supports asymmetric key algorithms like RSA, DSA, ECDSA.
It supports symmetric key algorithms like AES, DES, RC2, RC4. It supports
digest algorithms like MD5, SHA1, SHA256, etc.

If I register my engine with ENGINE_add() but do not use ENGINE_set_default()
then I had expected that the OpenSSL builtin implementations would be used and
not my engine implementations. This appears to be the case for the asymmetric
key algorithms. However, the digests and symmetric key algorithms of my engine
are always being used even though they are not enabled as default. As soon as I
register my engine with ENGINE_add() then my digests and symmetric key
algorithms become the default. This seems very odd to me. I would have expected
that my digests and symmetric key algorithms would only be enabled as default
by using ENGINE_set_default() with ENGINE_METHOD_CIPHERS|ENGINE_METHOD_DIGESTS.

Is what I am observing the correct behavior of OpenSSL?

FYI: I have been testing with OpenSSL 1.0.0d & 1.0.0e

--
Robert Dugal    Team Lead SSL & PKI Group
Certicom Corp.  A Subsidiary of Research In Motion
                      4701 Tahoe Blvd., Building A
                      Mississauga, ON
                      L4W 0B5

[email protected]
direct          +1.289.261.4148
mobile          +1.416.276.8062
main            +1.905.507.4220
fax                     +1.905.507.4230
www.certicom.com


---------------------------------------------------------------------
This transmission (including any attachments) may contain confidential 
information, privileged material (including material protected by the 
solicitor-client or other applicable privileges), or constitute non-public 
information. Any use of this information by anyone other than the intended 
recipient is prohibited. If you have received this transmission in error, 
please immediately reply to the sender and delete this information from your 
system. Use, dissemination, distribution, or reproduction of this transmission 
by unintended recipients is not authorized and may be unlawful.
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       [email protected]
Automated List Manager                           [email protected]

Reply via email to