dongwo5110 2019-07-26 15:05
浏览 288
已采纳

将配置文件用于OpenSSL的EVP API

Background

When using OpenSSL via the command-line, I am able to change the default engine by setting my openssl.cnf (see Sample code below). I now want to change the default engine while using the EVP API, ideally by changing a config file.

The larger context is that I am using a Go wrapper around EVP, which supports neither setting the engine globally nor setting the engine for signing/verifying (the only operations I care about). I am investigating options (e.g. using cgo to set the engine globally or forking the library) involving code changes, but it would be ideal if I could avoid them.

Issue

EVP does not seem to read the config file and I can't find/understand documentation online on whether this is possible or not. Is the configuration file automatically loaded (and I'm just doing it wrong?) or do I need to do something like call OPENSSL_INIT_LOAD_CONFIG?

Sample code

openssl_conf = openssl_def

[openssl_def]
engines = engine_section

[engine_section]
pkcs11 = pkcs11_section

[pkcs11_section]
engine_id = pkcs11
dynamic_path = /usr/local/Cellar/engine_pkcs11/0.1.8/lib/engines/engine_pkcs11.so
MODULE_PATH = /usr/local/Cellar/opensc/0.19.0/lib/pkcs11/opensc-pkcs11.so
PIN = "123456"
init = 0
$ openssl engine
(rdrand) Intel RDRAND engine
(dynamic) Dynamic engine loading support
(pkcs11) pkcs11 engine
  • 写回答

1条回答 默认 最新

  • duanjuebin2519 2019-07-26 19:00
    关注

    Assuming you are using OpenSSL 1.1.0 or later then try inserting the following at the beginning of your program (before you do any other OpenSSL call):

        OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CONFIG, NULL);
    
    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥15 笔记本上移动热点开关状态查询
  • ¥70 类鸟群Boids——仿真鸟群避障的相关问题
  • ¥15 CFEDEM自带算例错误,如何解决?
  • ¥15 有没有会使用flac3d软件的家人
  • ¥20 360摄像头无法解绑使用,请教解绑当前账号绑定问题,
  • ¥15 docker实践项目
  • ¥15 利用pthon计算薄膜结构的光导纳
  • ¥15 海康hlss视频流怎么播放
  • ¥15 Paddleocr:out of memory error on GPU
  • ¥30 51单片机C语言数码管驱动单片机为AT89C52