Writing an ENGINE for OpenSSL-1.1.1 and 3.0

Blumenthal, Uri - 0553 - MITLL uri at ll.mit.edu
Sat Nov 30 23:58:00 UTC 2019 

In preparation for writing a new engine that supports message digest and asymmetric crypto (sign and decrypt), I am trying to port the existing simple/demo engines from the Engine Corner examples (thanks, Richard!).

The fork of https://github.com/engine-corner/Lesson-2-A-digest.git that compiles and runs correctly (apparently) on OpenSSL-1.1.1 is https://github.com/mouse07410/Lesson-2-A-digest.git .

But no matter what, I was unable to make either of these two repos to run successfully with OpenSSL-3.0 (master), even though the latter repo at least seems to compile correctly, and answers “Available”. Here’s what I’m getting (for both versions I built the sample “emd5”engine and copied to the appropriate subdir of the lib/;  “openssl3” is an alias that points OPENSSL_CONF at the correct file, and invokes the correct OpenSSL-3.0 “openssl” binary, as it’s not on the main path):


$ penssl version

OpenSSL 1.1.1d  10 Sep 2019

$ openssl engine -t -c emd5

(emd5) A simple md5 engine for demonstration purposes

 [MD5]

     [ available ]

$ echo "shoot" | openssl dgst -md5 -engine emd5

engine "emd5" set.

(stdin)= 61a08703a6a4c774cad650afaedd9c10

$ echo "shoot" | openssl dgst -md5

(stdin)= 61a08703a6a4c774cad650afaedd9c10

$

$ openssl3 version

OpenSSL 3.0.0-dev xx XXX xxxx (Library: OpenSSL 3.0.0-dev xx XXX xxxx)

$ openssl3 engine -t -vv -c emd5

(emd5) A simple md5 engine for demonstration purposes

 [MD5]

     [ available ]

$ echo "shoot" | openssl3 dgst -md5

MD5(stdin)= 61a08703a6a4c774cad650afaedd9c10

$ echo "shoot" | openssl3 dgst -md5 -engine emd5

engine "emd5" set.

Error setting digest

C0:05:98:0C:01:00:00:00:error:digital envelope routines:EVP_DigestInit_ex:initialization error:crypto/evp/digest.c:224:

$


Something must be missing from the configuration/setup – but what…? Help would be greatly appreciated!

Thanks!
—
Regards,
Uri

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20191130/b7801de4/attachment.html>

More information about the openssl-users mailing list