private key not available for client_cert_cb
George
whippet0 at gmail.com
Fri Dec 18 05:21:00 UTC 2020
Hi,
I'm able to setup the engine now, but as soon as I attempt to
execute the command
ENGINE_set_default(pkey_engine, ENGINE_METHOD_ALL);
,I see all kinds of middleware exceptions being generated:
Exception thrown at 0x773046D2 in GENCom.exe: Microsoft C++ exception:
unsigned long at memory location 0x07FCFA00.
Exception thrown at 0x773046D2 in GENCom.exe: Microsoft C++ exception:
AI::Middleware::CMWException at memory location 0x032FD2D0.
Exception thrown at 0x773046D2 in GENCom.exe: Microsoft C++ exception:
AI::Middleware::CMWException at memory location 0x032FD2D0.
Exception thrown at 0x773046D2 in GENCom.exe: Microsoft C++ exception:
AI::Middleware::CMWException at memory location 0x032FD2D0.
Exception thrown at 0x773046D2 in GENCom.exe: Microsoft C++ exception:
AI::Middleware::CMWException at memory location 0x032FD2D0.
Exception thrown at 0x773046D2 in GENCom.exe: Microsoft C++ exception:
AI::Middleware::CMWException at memory location 0x032FD2D0.
Exception thrown at 0x773046D2 in GENCom.exe: Microsoft C++ exception:
AI::Middleware::CMWException at memory location 0x032FD2D0.
Exception thrown at 0x773046D2 in GENCom.exe: Microsoft C++ exception:
AI::Middleware::CMWException at memory location 0x032FD2D0.
Exception thrown at 0x773046D2 in GENCom.exe: Microsoft C++ exception:
AI::Middleware::CMWException at memory location 0x032FD2D0.
.
.
.
Do you have any idea what is causing these errors? Am I missing
something in the configuration? When I use the OpenSSL command line
debugger, there are no errors:
OpenSSL> engine -t dynamic -pre
"SO_PATH:C:\\Users\\whipp\\junk4\\libp11-libp11-0.4.11\\src\\pkcs11.dll"
-pre ID:pkcs11 -pre LIST_ADD:1 -pre LOAD -pre "MODULE_PATH:C:\Program
Files (x86)\HID Global\ActivClient\\acpkcs211.dll"
(dynamic) Dynamic engine loading support
[Success]:
SO_PATH:C:\\Users\\whipp\\junk4\\libp11-libp11-0.4.11\\src\\pkcs11.dll
[Success]: ID:pkcs11
[Success]: LIST_ADD:1
[Success]: LOAD
[Success]: MODULE_PATH:C:\Program Files (x86)\HID
Global\ActivClient\\acpkcs211.dll
Loaded: (pkcs11) pkcs11 engine
[ available ]
OpenSSL>
Here is what my simplified code looks like:
char* enginePluginLibrary =
"C:\\Users\\whipp\\junk4\\libp11-libp11-0.4.11\\src\\pkcs11.dll";
char* pkcs11MiddlewareLibrary = "C:\\Program Files (x86)\\HID
Global\\ActivClient\\acpkcs211.dll";
ENGINE_load_builtin_engines();
ENGINE_register_all_complete();
ENGINE *pkey_engine = ENGINE_by_id("dynamic");
ENGINE_ctrl_cmd_string(pkey_engine, "SO_PATH", enginePluginLibrary, 0);
ENGINE_ctrl_cmd_string(pkey_engine, "ID", "pkcs11", 0);
ENGINE_ctrl_cmd_string(pkey_engine, "LIST_ADD", "1", 0);
ENGINE_ctrl_cmd_string(pkey_engine, "LOAD", NULL, 0);
ENGINE_ctrl_cmd_string(pkey_engine, "MODULE_PATH",
pkcs11MiddlewareLibrary, 0);
ENGINE_set_default(pkey_engine, ENGINE_METHOD_ALL);
Thanks!
George
On 2020-12-17 8:39 p.m., Jan Just Keijser wrote:
> On 17/12/20 14:55, George wrote:
>> Ok. So I use the libp11 project DLL file for the SO_PATH and my smart
>> card middleware DLL for the MODULE_PATH when setting up the OpenSSL
>> Engine?
>>
>>
> yes just like in the example I posted below.
>
> I would recommend the p11 wiki page to do it using the command line
> first - much easier to test & debug.
>
> JJK
>
More information about the openssl-users
mailing list