On April 19, 2005 06:40 am, [EMAIL PROTECTED] wrote: > the issue with LD_LIBRARY_PATH appears to be void as there is NO > libubsec.so on the filesystem. its simply not made. where can > I get it from??? (on Redhat and Fedora Core < 3 this file > appears in the mystical 'hycrypto' package)
The "ENGINE" in openssl is little more than a shim to the user-space libraries that support the hardware - this is not part of openssl or any openssl distribution (that I'm aware of), it is provided by the vendor just as the kernel-drivers and associated bits-n-bobs are provided by the vendor. Openssl's "engine" was originally compiled internally to openssl, but more recently it has been possible to build them as external libraries - this is probably what you see in the fedora package. In this way, the openssl shim is *also* external and so can be shipped by vendors (or distributions) at the same time as their proprietary user-space libraries and APIs. This doesn't change the fact that the openssl engine knows nothing about the syscall interface or software environment of the hardware. It merely converts the API language openssl speaks into whatever interface the hardware's libraries use. So the library the ubsec engine is trying to load is the *vendor* library, the one that actually causes the real actions to happen. The library shipped in fedora was probably just a shared-library version of the ubsec engine, but it should *also* have needed to load the vendor library to work. Whether that vendor library would work ok with the engine shim at a version-compatibility level is another thing - it probably should but no promises. However you need to find that library, and then convince openssl of how to find it too. If you got fedora running with the card at some point, then it must have had the vendor libraries installed and in some location where it could find them. Or it ships with the hardware support packaged-in somehow. Or have I misunderstood something. BTW, someone mentioned in another post that the "/dev/crypto" engine might work on Free/OpenBSD if the kernel has a built-in driver, but that might only provide access to cipher/hash functionality - I doubt public-key crypto stuff goes through /dev/crypto. I should check, but I don't recall seeing this get added. Cheers, Geoff -- Geoff Thorpe [EMAIL PROTECTED] http://www.geoffthorpe.net/ Greedy Genghis George, Guru of God and Guns. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [email protected] Automated List Manager [EMAIL PROTECTED]
