[openssl-users] Help with using a dynamic engine with SSL_CTX
Brian Watson
bwats9999 at gmail.com
Wed Dec 10 14:25:35 UTC 2014
I didn't call that one, but I'll give it a try. I also read that if someone
subsequently calls ENGINE_load_builtin_engines()that it'll reset things
back to how they were so I'll look at that also.
Thanks,
BW
On Wed, Dec 10, 2014 at 1:06 AM, Dmitry Belyavsky <beldmit at gmail.com> wrote:
> Hello Brian,
>
> Do you call ENGINE_set_RAND function?
>
> On Tue, Dec 9, 2014 at 11:19 PM, Brian Watson <bwats9999 at gmail.com> wrote:
>
>> I thought that's what the following does:
>>
>> ENGINE_set_default(engine, ENGINE_METHOD_RAND).
>>
>> I'm also trying to figure out in rand_lib.c and RAND_get_rand_method()
>> what causes default_RAND_meth to change.
>>
>> Thanks,
>> BW
>>
>> On Tue, Dec 9, 2014 at 1:52 PM, Dmitry Belyavsky <beldmit at gmail.com>
>> wrote:
>>
>>> Hello!
>>>
>>> Do you set your RNG as default when the engine is loaded?
>>>
>>> On Tue, Dec 9, 2014 at 10:44 PM, Brian Watson <bwats9999 at gmail.com>
>>> wrote:
>>>
>>>> Hi,
>>>> I am doing the following:
>>>>
>>>> 1. I have a dynamic engine that I would like to use to produce random
>>>> numbers on Android (aosp).
>>>> 2. I can successfully load the dynamic engine by using the Android
>>>> OpenSSLEngine.getInstance() which takes care of loading the engine and I
>>>> can see that the binding is there via bind_engine and bind_helper via some
>>>> debug prints that I have put in the engine. I follow this up by calling
>>>> ENGINE_set_default() for ENGINE_METHOD_RAND. I am using the Apache Harmony
>>>> jsse library.
>>>> 3. Some time later there is a call to SSL_CTX_new() which starts the
>>>> process of establishing the TLS session, etc.
>>>> 4. I would like to see my random number generator get invoked to
>>>> provide random numbers when needed, but for some reason the ssleay one is
>>>> being called.
>>>> 5. I can open an adb shell and run the openssl command and explicitly
>>>> load the engine via:
>>>>
>>>> openssl engine dynamic –pre SO_PATH:/system/lib/ssl/engines/MyEngine.so
>>>> –pre ID:myengine –pre LOAD. With this I see my random number generator get
>>>> used, but when I try to do this programatically it doesn't get called.
>>>>
>>>>
>>>> I have a couple of questions:
>>>>
>>>>
>>>> 1. Should this work even when using the SSL_CTX... api's?
>>>>
>>>> 2. Am I setting up the engine too soon and then the SSL_CTX.. commands
>>>> clear them out?
>>>>
>>>>
>>>> I've looked around a lot so any help would be greatly appreciated!
>>>>
>>>>
>>>> Thanks,
>>>>
>>>> BW
>>>>
>>>> _______________________________________________
>>>> openssl-users mailing list
>>>> openssl-users at openssl.org
>>>> https://mta.opensslfoundation.net/mailman/listinfo/openssl-users
>>>>
>>>>
>>>
>>>
>>> --
>>> SY, Dmitry Belyavsky
>>>
>>> _______________________________________________
>>> openssl-users mailing list
>>> openssl-users at openssl.org
>>> https://mta.opensslfoundation.net/mailman/listinfo/openssl-users
>>>
>>>
>>
>> _______________________________________________
>> openssl-users mailing list
>> openssl-users at openssl.org
>> https://mta.opensslfoundation.net/mailman/listinfo/openssl-users
>>
>>
>
>
> --
> SY, Dmitry Belyavsky
>
> _______________________________________________
> openssl-users mailing list
> openssl-users at openssl.org
> https://mta.opensslfoundation.net/mailman/listinfo/openssl-users
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.opensslfoundation.net/pipermail/openssl-users/attachments/20141210/93ee2ae1/attachment.html>
More information about the openssl-users
mailing list