How to load a custom OpenSSL engine automatically?

Shariful Alam dipto181 at gmail.com
Tue Apr 6 05:50:47 UTC 2021


Hello,
I have a custom OpenSSL engine for experiment purposes. I'm trying to load
my engine automatically. I intend to use my custom engine instead of the
default OpenSSL engine. I have installed *OpenSSL 1.1.1c *from the source
code with,

*./config --prefix=/opt/openssl -DOPENSSL_LOAD_CONF
--openssldir=/opt/openssl/ssl *

configuration. And add the following lines to my *openssl.cnf,*

openssl_conf = openssl_def

[openssl_def]
engines = engine_section

[engine_section]
rsa-engine-new = rsa_section

[rsa_section]
engine_id = rsa-engine-new
#dynamic_path = /opt/openssl/lib/engines-1.1/rsa-engine-new.so  <--
Uncomment this line cause segmentation fault

after this, when I try to list available engine, I get the following error,

ss at ss:/usr/local/lib$ openssl engine
rsa-engine-new
(rdrand) Intel RDRAND engine
(dynamic) Dynamic engine loading support
(rsa-engine-new) engine for testing 1
140659701942016:error:260AB089:engine
routines:ENGINE_ctrl_cmd_string:invalid cmd
name:crypto/engine/eng_ctrl.c:255:
140659701942016:error:260BC066:engine routines:int_engine_configure:engine
configuration error:crypto/engine/eng_cnf.c:141:section=rsa_section,
name=oid_section, value=new_oids
140659701942016:error:0E07606D:configuration file
routines:module_run:module initialization
error:crypto/conf/conf_mod.c:177:module=engines, value=engine_section,
retcode=-1


My engine is loading automatically and it is used as a default engine, but
why I'm seeing those errors? And how can I fix it?

Sincerely,
Shariful Alam
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-users/attachments/20210405/c662253f/attachment-0001.html>


More information about the openssl-users mailing list