Issue in upgrading code related to CAPI Engine for accessing Windows certificate Store(Windows7) (upgrade from 1.0.2p to 1.1.1c)

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

Issue in upgrading code related to CAPI Engine for accessing Windows certificate Store(Windows7) (upgrade from 1.0.2p to 1.1.1c)

manoj upadhyay
Hi All,
I am facinmg issue while upgrading my OpenSSL version from 1.0.2p to 1.1.1c. 
I am facing the issue where "ENGINE_by_id("capi")" is not returning proper pointer. I want to access windows certificate store with certificate and keys. 

Snippet of my working code in 1.0.2p:(This is working fine)
This is working fine and I am able to get the Private key.
--------------------------------------
      ENGINE_load_capi()
      ce = ENGINE_by_id("capi");
      if (NULL == ce)
      {
         ENGINE_cleanup();
         return E_LOAD_FAILED;
      }
      if (!ENGINE_init(ce)||!ENGINE_register_STORE(ce) )
      {
         ENGINE_cleanup();
         ce = NULL;
         return E_INIT_FAILED;
      }  
     (void)ENGINE_ctrl_cmd(ce,"store_flags",0, NULL, NULL, 0);
     (void)ENGINE_ctrl_cmd(ce,"store_name" ,0, (void*)storeName, NULL, 0);
     privateKey  = ENGINE_load_private_key(ce,"certname", 0, 0);


I can see that few CAPI API is deprecated in 1.1.1c, but they can be enabled by following configuration(Based on engine.h)
> "perl Configure debug-VC-WIN64A no-asm enable-capieng no-shared no-dynamic-engine --api=1.0.0"
Code from 1.1.1c:
-------------------


 
      ENGINE_load_capi()
      ce = ENGINE_by_id("capi");   <<================Returning NULL always
      if (NULL == ce)
      {
         ENGINE_cleanup(); 
         return E_LOAD_FAILED;
      }
      if (!ENGINE_init(ce)||!ENGINE_register_complete(ce) ) 
      {
         ENGINE_cleanup(); 
         ce = NULL;
         return E_INIT_FAILED;
      }   
     (void)ENGINE_ctrl_cmd(ce,"store_flags",0, NULL, NULL, 0);
     (void)ENGINE_ctrl_cmd(ce,"store_name" ,0, (void*)storeName, NULL, 0); 
     privateKey  = ENGINE_load_private_key(ce,"certname", 0, 0);


If I change my code to the following way, I get one pointer but when I try to load the private key I get always empty private key. 
> "perl Configure debug-VC-WIN64A no-asm 

Code:
  int rc = 0;
  ENGINE_load_builtin_engines();
  ce= ENGINE_by_id("dynamic"); <<==============Engine Pointer with no valid data
  rc = ENGINE_ctrl_cmd_string(ce, "SO_PATH", "c://mylib//capi.dll", 0); if (! rc) return ERROR_RC;
  rc=  ENGINE_ctrl_cmd_string(ce, "LOAD", NULL, 0); if (! rc) return ERROR_RC;
  rc = ENGINE_register_complete(ce); if (! rc) return ERROR_RC;
  rc = ERR_load_ENGINE_strings(); if (! rc) return ERROR_RC;
 
      if (NULL == ce)
      {
         ENGINE_cleanup();
         return LOAD_E_FAILED;
      }
        if (!ENGINE_init(ce))
      {
         ENGINE_cleanup();
         sCapiEngine = NULL;
         return INIT_E_FAILED;
      }
  ENGINE_register_complete(ce); 
  (void)ENGINE_ctrl_cmd(ce,"store_flags",0, NULL, NULL, 0);
  (void)ENGINE_ctrl_cmd(ce,"store_name" ,0, (void*)storeName, NULL, 0); 
  privateKey  = ENGINE_load_private_key(ce,"certname", 0, 0); <<============Always getting NULL Private key.


I am not able to figure out where things are going wrong. 

Is there any way I can get the desired result from Capi for windows cert store? Please help.

Thanks & regards,
Manoj Upadhyay