I ported OpenSSL a few years back to embedded environments for EtcBin/EbsNet (http://www.ebsnetinc.com/); what I did (among other things) is extend the use of the 'MONOLITH' #define to create a single has-it-all demo application with a telnet-based interface.
Yes, this requires some code changes, but only minimal changes to the actual OpenSSL library, easing its upgrade path when new OpenSSL releases come available. In your case, as you specifically state you won't have any user interaction, you can take option #1 (create an argv[] array in code), while renaming the main() function to something suitable (like the MONOLITH #define does to some apps/ in OpenSSL). OR - which I'd do if the changes have more impact or when the code is for production purposes instead of just demo value - extract the relevant code snippets from the OpenSSL apps\ sources and go from there. Makes for cleaner code, if you plan to add/change the functionality significantly. HTH Ger PS: please note that you may have to port several C run-time library calls in the OpenSSL code proper, depending on the functionality available in your own C run-time library; some preprocessor macros will help here to keep the OpenSSL code intact (and thus easier to upgrade), while rerouting the C run-time library calls to your own functions at compile time. PPS: I won't go into the actual quality of the 'security' offered by such an embedded CA; it depends on many parameters and there have been quite a few discussions about that in the past in these mailing lists. You might wish to check out the mailing list archives if this is important to you. On Wed Jan 11 05:05:10 PST 2006, Amir Yiron <[EMAIL PROTECTED]> wrote: >> Hello, >> >> I need my embedded application to be capable of creating a CA >> and creating SSL certificate. >> My operating system is eCos, which means I don't have shell or >> any scripts, and I can't run utilities (However, I have a file >> system!). >> I can only use a C interface.
