Description of problem: openssl ships without padlock module for VIA C3 hardware encryption, etc. Version-Release number of selected component (if applicable): 0.9.8a How reproducible: openssl engine padlock Steps to Reproduce: 1.# openssl engine padlock Actual results: 2108:error:25066067:DSO support routines:DLFCN_LOAD:could not load the shared library:dso_dlfcn.c:162:filename(/usr/lib/openssl/engines/libpadlock.so): /usr/lib/openssl/engines/libpadlock.so: cannot open shared object file: No such file or directory 2108:error:25070067:DSO support routines:DSO_load:could not load the shared library:dso_lib.c:244: 2108:error:260B6084:engine routines:DYNAMIC_LOAD:dso not found:eng_dyn.c:450: 2108:error:2606A074:engine routines:ENGINE_by_id:no such engine:eng_list.c:415:id=padlock Expected results: $ openssl engine padlock (padlock) VIA PadLock (RNG, ACE) Additional info:
Gone? It was never there. It is not included in the upstream sources. -> Enhancement request.
No. It is in the 0.9.8 sources. See crypto/engine under the openssl build tree, etc. It just does not show up in the functionality of the rpm
See also http://www.linuxjournal.com/article/8042 and http://www.logix.cz/michal/devel/padlock/ where it says: Since 2004-08-02 the OpenSSL CVS has the PadLock engine in it. There is no need for the separate patch anymore.
Ah, the reason why it doesn't work is that the openssl sources now disable static engines as they were moved to separate shared libraries. However the padlock support wasn't moved. So the engine code is still included but it is not initialized in ENGINE_load_builtin_engines(). If you call openssl library from an executable you can add ENGINE_load_padlock() call and it should initialize it. If you just use the openssl utility you will have to wait for an updated package.
Thanks for the explanation! Will the patch at http://www.logix.cz/michal/devel/padlock/openssh-3.8p1-engines.diff also work well enough?
It will not suffice. You have to call ENGINE_load_padlock() after ENGINE_load_builtin_engines().