dongwo5110 2019-07-26 15:05
浏览 288
已采纳

将配置文件用于OpenSSL的EVP API

Background

When using OpenSSL via the command-line, I am able to change the default engine by setting my openssl.cnf (see Sample code below). I now want to change the default engine while using the EVP API, ideally by changing a config file.

The larger context is that I am using a Go wrapper around EVP, which supports neither setting the engine globally nor setting the engine for signing/verifying (the only operations I care about). I am investigating options (e.g. using cgo to set the engine globally or forking the library) involving code changes, but it would be ideal if I could avoid them.

Issue

EVP does not seem to read the config file and I can't find/understand documentation online on whether this is possible or not. Is the configuration file automatically loaded (and I'm just doing it wrong?) or do I need to do something like call OPENSSL_INIT_LOAD_CONFIG?

Sample code

openssl_conf = openssl_def

[openssl_def]
engines = engine_section

[engine_section]
pkcs11 = pkcs11_section

[pkcs11_section]
engine_id = pkcs11
dynamic_path = /usr/local/Cellar/engine_pkcs11/0.1.8/lib/engines/engine_pkcs11.so
MODULE_PATH = /usr/local/Cellar/opensc/0.19.0/lib/pkcs11/opensc-pkcs11.so
PIN = "123456"
init = 0
$ openssl engine
(rdrand) Intel RDRAND engine
(dynamic) Dynamic engine loading support
(pkcs11) pkcs11 engine
  • 写回答

1条回答 默认 最新

  • duanjuebin2519 2019-07-26 19:00
    关注

    Assuming you are using OpenSSL 1.1.0 or later then try inserting the following at the beginning of your program (before you do any other OpenSSL call):

        OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CONFIG, NULL);
    
    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥15 在获取boss直聘的聊天的时候只能获取到前40条聊天数据
  • ¥20 关于URL获取的参数,无法执行二选一查询
  • ¥15 液位控制,当液位超过高限时常开触点59闭合,直到液位低于低限时,断开
  • ¥15 marlin编译错误,如何解决?
  • ¥15 有偿四位数,节约算法和扫描算法
  • ¥15 VUE项目怎么运行,系统打不开
  • ¥50 pointpillars等目标检测算法怎么融合注意力机制
  • ¥20 Vs code Mac系统 PHP Debug调试环境配置
  • ¥60 大一项目课,微信小程序
  • ¥15 求视频摘要youtube和ovp数据集