openssl 재단
3739 단어 OpenSSL
http://stackoverflow.com/questions/7827836/build-openssl-with-just-rsa-and-aes
If you build OpenSSL by running the
config
or Configure
script, you provide no-<cipher>
as an argument to exclude the cipher. Run Configure
with no options to see the available build options. The configuration script converts these arguments into options for the preprocessor. Here's a list of nearly everything you can disable at compile time. First is the configuration-script argument, and then the compiler argument it gets converted to.
Ciphers:
no-idea -DOPENSSL_NO_IDEA
no-aes -DOPENSSL_NO_AES
no-camellia -DOPENSSL_NO_CAMELLIA
no-seed -DOPENSSL_NO_SEED
no-bf -DOPENSSL_NO_BF
no-cast -DOPENSSL_NO_CAST
no-des -DOPENSSL_NO_DES
no-rc2 -DOPENSSL_NO_RC2
no-rc4 -DOPENSSL_NO_RC4
no-rc5 -DOPENSSL_NO_RC5
no-md2 -DOPENSSL_NO_MD2
no-md4 -DOPENSSL_NO_MD4
no-md5 -DOPENSSL_NO_MD5
no-sha -DOPENSSL_NO_SHA
no-ripemd -DOPENSSL_NO_RIPEMD
no-mdc2 -DOPENSSL_NO_MDC2
no-rsa -DOPENSSL_NO_RSA
no-dsa -DOPENSSL_NO_DSA
no-dh -DOPENSSL_NO_DH
no-ec -DOPENSSL_NO_EC
no-ecdsa -DOPENSSL_NO_ECDSA
no-ecdh -DOPENSSL_NO_ECDH
Non-cipher functionality:
no-sock -DOPENSSL_NO_SOCK No socket code.
no-ssl2 -DOPENSSL_NO_SSL2 No SSLv2.
no-ssl3 -DOPENSSL_NO_SSL3 No SSLv3.
no-err -DOPENSSL_NO_ERR No error strings.
no-krb5 -DOPENSSL_NO_KRB5 No Kerberos v5.
no-engine -DOPENSSL_NO_ENGINE No dynamic engines.
no-hw -DOPENSSL_NO_HW No support for external hardware.
Not documented:
no-tlsext -DOPENSSL_NO_TLSEXT
no-cms -DOPENSSL_NO_CMS
no-jpake -DOPENSSL_NO_JPAKE
no-capieng -DOPENSSL_NO_CAPIENG
Note that some things have dependencies. For example, you cannot build the SSL library without ciphers and digest algorithms because the SSL and TLS protocols demand them. So instead of doing
make all
, you want to do make build_crypto
so that it only builds libcrypto.a. Through experimentation, I found (in OpenSSL 0.9.8r) that libcrypto has 2 algorithm dependencies: MD5 for the random-number generator's algorithm (in crypto/rand_lib.c) and SHA-1 for printing certificate hashes (in crypto/asn1/t_x509.c). I'd say these dependencies are oversights by the developers.
This is how I build libcrypto.a with only MD5 and SHA:
./config no-idea no-aes no-camellia no-seed no-bf no-cast no-des no-rc2 no-rc4 no-rc5 \
no-md2 no-md4 no-ripemd no-mdc2 no-rsa no-dsa no-dh no-ec no-ecdsa no-ecdh no-sock \
no-ssl2 no-ssl3 no-err no-krb5 no-engine no-hw
make depend
make build_crypto
I also successfully built it with everything except AES, RSA, SHA, and MD5 as the question asked.
my finally library 1.4M include AES, SHA, and MD5:
./config no-idea no-camellia no-seed no-bf no-cast no-des no-rc2 no-rc4 no-rc5 \
no-md2 no-md4 no-ripemd no-mdc2 no-rsa no-dsa no-dh no-ec no-ecdsa no-ecdh no-sock \
no-ssl2 no-ssl3 no-err no-krb5 no-engine no-hw \
no-cms no-deprecated no-asm no-dso no-ede no-ede3 no-cbc no-cfb no-ofb no-ecb no-base64 \
no-rmd160 no-jpake no-gmp no-psk no-tlsext no-lhash no-stack no-err no-comp
이 내용에 흥미가 있습니까?
현재 기사가 여러분의 문제를 해결하지 못하는 경우 AI 엔진은 머신러닝 분석(스마트 모델이 방금 만들어져 부정확한 경우가 있을 수 있음)을 통해 가장 유사한 기사를 추천합니다:
[오리지널] SSL 기능과 관련된 질문SSL certificate problem git에서 rabbitmq_ 다운로드 예정in_action의 원본 코드를 시험해 보면 다음과 같은 문제가 발생합니다. 네티즌 추천 해결 방법: 1. 셸 환경 변수 설정 2....
텍스트를 자유롭게 공유하거나 복사할 수 있습니다.하지만 이 문서의 URL은 참조 URL로 남겨 두십시오.
CC BY-SA 2.5, CC BY-SA 3.0 및 CC BY-SA 4.0에 따라 라이센스가 부여됩니다.