techblog

Controlling an Openssl engine

(No Ratings Yet)

Loading ...

Posted by jad on Apr 12th, 2007

OpenSSL provides a set of engine functions to allow you to access cryptographic modules. I have used these before to access a Sun SCA6000 via pkcs11. In those examples I always assumed the necessary configuration settings were in the openssl config file. However some settings would be better set on the fly. For example, you wouldn’t want the password required to access the keystore to be kept on disk in the config file.

To pass the password (pin) to an engine you can do something like this

 /* Send PIN to engine */
    if(!ENGINE_ctrl_cmd_string(e, "PIN", "nominet1:abc123", 0)){
        printf("Error sending PIN to engine");
        ENGINE_free(e);
        return;
    }

Thanks to Stephen Henson for pointing me in the correct direction.

Cryptography

Highest Rated

Recent .uk phishing activity (8 votes)
VoIP and Emergency Calls - Where is the Caller? (7 votes)
IPv4 Heat Maps (5 votes)
UNBOUND released ! (3 votes)
Spotting 'invisible' null pointer dereferences with Coverity Prevent (3 votes)
Adding charts to Spring web applications with JFreeChart (2 votes)
Anoto pens, Moleskine notebooks and OSX (2 votes)
Loss of .uk nameserver (2 votes)
Implement IronPort servers for anti-spam (1 votes)
SJPhone settings for SIP (1 votes)

Controlling an Openssl engine

Leave a Comment

Recent Posts

Highest Rated

Categories

Archives

Blogroll

Nominet

Meta: