OpenSSL dynamic engine loading shows error
Shariful Alam
dipto181 at gmail.com
Thu Aug 26 06:06:48 UTC 2021
Hello,
I have a simple rsa engine code (from engines/e_dasync.c). My code
compiles. Command "*$openssl engine -t -c*" shows the following,
openssl engine -t -c
(rdrand) Intel RDRAND engine
[RAND]
[ available ]
(dynamic) Dynamic engine loading support
[ unavailable ]
(dasync) Dummy Async engine support
[RSA]
[ available ]
I also modify *openssl.cnf* configuration as following to load this engine,
openssl_conf = openssl_def
[openssl_def]
engines = engine_section
[engine_section]
rsa-engine-new = rsa_section
[rsa_section]
engine_id = rsa-engine-new
Then when I run the command "$*openssl engine*", I get the following error,
$openssl engine
(rdrand) Intel RDRAND engine
(dynamic) Dynamic engine loading support
(dasync) Dummy Async engine support
139633213376256:error:260AB089:engine
routines:ENGINE_ctrl_cmd_string:invalid cmd
name:crypto/engine/eng_ctrl.c:255:
139633213376256:error:260BC066:engine routines:int_engine_configure:engine
configuration error:crypto/engine/eng_cnf.c:141:section=rsa_section,
name=oid_section, value=new_oids
139633213376256:error:0E07606D:configuration file
routines:module_run:module initialization
error:crypto/conf/conf_mod.c:177:module=engines, value=engine_section,
retcode=-1
Any help why is this happening? How can I fix this?
My goal is to use my OpenSSL engine with Apache for mod_ssl. Do I have to
compile my engine with the OpenSSL source code to do that?
Here is the complete source code of my sample engine,
==============================================
#include <stdio.h>
#include <string.h>
#include <openssl/engine.h>
#include <openssl/sha.h>
#include <openssl/aes.h>
#include <openssl/rsa.h>
#include <openssl/evp.h>
#include <openssl/async.h>
#include <openssl/bn.h>
#include <openssl/crypto.h>
#include <openssl/ssl.h>
#include <openssl/modes.h>
/* Engine Id and Name */
static const char *engine_dasync_id = "dasync";
static const char *engine_dasync_name = "Dummy Async engine support";
static int dasync_pub_enc(int flen, const unsigned char *from,
unsigned char *to, RSA *rsa, int padding) {
printf("dasync_pub_enc\n");
return 0;
}
static int dasync_pub_dec(int flen, const unsigned char *from,
unsigned char *to, RSA *rsa, int padding) {
printf("dasync_pub_dec\n");
return 0;
}
static int dasync_rsa_priv_enc(int flen, const unsigned char *from,
unsigned char *to, RSA *rsa, int padding){
printf("dasync_rsa_priv_enc\n");
return 0;
}
static int dasync_rsa_priv_dec(int flen, const unsigned char *from,
unsigned char *to, RSA *rsa, int padding){
printf("dasync_rsa_priv_dec\n");
return 0;
}
static RSA_METHOD *dasync_rsa_method = NULL;
static int bind_dasync(ENGINE *e){
/* Setup RSA_METHOD */
if ((dasync_rsa_method = RSA_meth_new("Dummy Async RSA method", 0)) ==
NULL
|| RSA_meth_set_pub_enc(dasync_rsa_method, dasync_pub_enc) == 0
|| RSA_meth_set_pub_dec(dasync_rsa_method, dasync_pub_dec) == 0
|| RSA_meth_set_priv_enc(dasync_rsa_method, dasync_rsa_priv_enc) ==
0
|| RSA_meth_set_priv_dec(dasync_rsa_method, dasync_rsa_priv_dec) ==
0
) {
return 0;
}
/* Ensure the dasync error handling is set up */
if (!ENGINE_set_id(e, engine_dasync_id)
|| !ENGINE_set_name(e, engine_dasync_name)
|| !ENGINE_set_RSA(e, dasync_rsa_method)
) {
return 0;
}
return 1;
}
static int bind_helper(ENGINE *e, const char *id){
if (!bind_dasync(e)){
printf("2_Error: Inside Bind helper\n");
return 0;
}
return 1;
}
IMPLEMENT_DYNAMIC_BIND_FN(bind_helper)
IMPLEMENT_DYNAMIC_CHECK_FN()
=============================================
Thanks,
Shariful
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-users/attachments/20210826/7143cb0c/attachment-0001.html>
More information about the openssl-users
mailing list