OpenSSL › OpenSSL - User

Using config to load a shared object engine

_‹ Previous Topic Next Topic _›

Classic

List

Threaded

3 messages Options

shpedoikal (Bugzilla)

Using config to load a shared object engine

Hi,

I've been playing with 0.9.8 and have gotten my engine to load as a
.so from the engines directory, which is excellent.

Now I'm trying to use the config feature to find and load this
engine and I'm not having much luck. Here's my config file:

---- openssl.cnf ----
openssl_init = init_section

[ init_section ]

engines = engines_section

[ engines_section ]

tpm = tpm_engine_section

[ tpm_engine_section ]

engine_id = tpm
dynamic_path = /usr/local/ssl/lib/engines/libtpm.so
default_algorithms = ALL
init = 1
----

and test program:

---- test.c ----
#define OPENSSL_LOAD_CONF 1

#include <stdio.h>

#include <openssl/engine.h>
#include <openssl/conf.h>

int main(void)
{
RSA *rsa = NULL;

OpenSSL_add_all_algorithms();

rsa = RSA_new();
RSA_free(rsa);

return 0;
}
----

In tracing through, I can see that the engine pointer isn't getting
assigned in the new RSA object. Is there anything I'm missing here?

Thanks,
Kent
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [hidden email]
Automated List Manager [hidden email]

Nils Larsch

Re: Using config to load a shared object engine

Kent Yoder wrote:

> Hi,
>
> I've been playing with 0.9.8 and have gotten my engine to load as a
> .so from the engines directory, which is excellent.
>
> Now I'm trying to use the config feature to find and load this
> engine and I'm not having much luck. Here's my config file:
>
> ---- openssl.cnf ----
> openssl_init = init_section
>
> [ init_section ]
>
> engines = engines_section
>
> [ engines_section ]
>
> tpm = tpm_engine_section
>
> [ tpm_engine_section ]
>
> engine_id = tpm
> dynamic_path = /usr/local/ssl/lib/engines/libtpm.so
> default_algorithms = ALL
> init = 1

try something like this (mutatis mutandis of course), note: the
openssl_conf value is the important one.

openssl_conf = openssl_def

[openssl_def]
engines = engine_section

[engine_section]

foo = pkcs11_section

[pkcs11_section]

dynamic_path = /home/nils/lib/opensc/engine_pkcs11.so
engine_id = pkcs11

Nils
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [hidden email]
Automated List Manager [hidden email]

shpedoikal (Bugzilla)

Re: Using config to load a shared object engine

BINGO... thanks Nils...

Looks like dynamic_path and engine_id are somewhat interchangable;
having either finds my .so.

Kent

On 6/3/05, Nils Larsch <[hidden email]> wrote:

> Kent Yoder wrote:
> > Hi,
> >
> > I've been playing with 0.9.8 and have gotten my engine to load as a
> > .so from the engines directory, which is excellent.
> >
> > Now I'm trying to use the config feature to find and load this
> > engine and I'm not having much luck. Here's my config file:
> >
> > ---- openssl.cnf ----
> > openssl_init = init_section
> >
> > [ init_section ]
> >
> > engines = engines_section
> >
> > [ engines_section ]
> >
> > tpm = tpm_engine_section
> >
> > [ tpm_engine_section ]
> >
> > engine_id = tpm
> > dynamic_path = /usr/local/ssl/lib/engines/libtpm.so
> > default_algorithms = ALL
> > init = 1
>
> try something like this (mutatis mutandis of course), note: the
> openssl_conf value is the important one.
>
> openssl_conf = openssl_def
>
> [openssl_def]
> engines = engine_section
>
> [engine_section]
>
> foo = pkcs11_section
>
> [pkcs11_section]
>
> dynamic_path = /home/nils/lib/opensc/engine_pkcs11.so
> engine_id = pkcs11
>
> Nils
> ______________________________________________________________________
> OpenSSL Project http://www.openssl.org
> User Support Mailing List [hidden email]
> Automated List Manager [hidden email]
>

______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [hidden email]
Automated List Manager [hidden email]