Think abt this - if those two lines are all you ever need to get an engine working with openssl - how are you going to tell the engine abt your smart card pin callback, etc. etc.
You'll be needing ENGINE_ctrl_* to do all the magic.
Edward Chan wrote:
Are there docs on this? I was just going by the example in "Network Security with OpenSSL". It looked so simple.
ENGINE* e = ENGINE_by_id("ubsec"); ENGINE_set_default(e, ENGINE_METHOD_ALL);
And that is the way it looks in most other examples I've seen. Apache, Stunnel, etc. If someone could point me to some decent docs and examples, I'll be forever in your debt.
Thanks, Ed
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Thursday, April 07, 2005 5:42 PM
To: openssl-users@openssl.org
Subject: Re: Use of Engines
Hi Edward,
I am guesing that you need to call ENGINE_ctrl() to set the right parameters. These are control commands and each engine has a set of these; to see what control commands are available for the ubsec engine:
$ openssl engine ubsec -vvvv
Or you could just look into the ubsec engine codes for the definitions.
-Tan Eng Ten
Edward Chan wrote:
Is it required to call ENGINE_init()?
Or is this sufficient
ENGINE* e = ENGINE_by_id(id); ENGINE_set_default(e, ENGINE_METHOD_ALL);
I have looked in various code, and I mostly see the latter. But in the stunnel code, I see them doing
ENGINE* e = ENGINE_by_id(id); ENGINE_init(e); ENGINE_set_default(e, ENGINE_METHOD_ALL);
Also, I tried using a card from nCipher. But when I specify ENGINE_METHOD_ALL, it seems to be failing in the call to ENGINE_set_default_RSA(). When I dig deeper, it looks like it is trying to load ubsec.dll which is missing. I've installed all the drivers that came with the card. Does that mean OpenSSL
does not support that card?
Or does it mean the card doesn't support RSA operations? What am I doing wrong?
Thanks, Ed
______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
