Stack Overflow
Stack Overflow

Questions tagged [openssl-engine]

62 questions
0
votes
0 answers

How does Openssl determine the key encryption algorithm?

I am new to OpenSSL and learning to use it. When I generate the private Keys using below command "openssl genpkey -out fd2.key -algorithm RSA -pkeyopt rsa_keygen_bits:2048 -aes-256-cbc" , I am using aes-256-cbc as key encryption algorithm. It asks…
Raghu
  • 3
  • 1
0
votes
0 answers

OpenSSL 3.0 missing structures definition

While migrating from OpenSSL 1.0.2 to 3.0 code compilation is failing reason being most of the structures are not defined in latest header file. specifies undefined struct/union 'x509_st' specifies undefined struct/union 'X509_crl_st' specifies…
Priyanka Chauhan
  • 41
  • 2
0
votes
0 answers

overriding ECDSA_do_sign in openssl 1.1.1

For an existing implementation I have to support the following "openssl pkeyutl" signing execution flows: [openssl 1.0.2k CLI] --> [engine] --> [backendSigningSystem] [openssl 1.1.1  CLI] --> [engine] --> [backendSigningSystem] In each case I use…
WayneTabor
  • 11
  • 4
0
votes
1 answer

OpenSSL application ignores default engine specified in openssl.cnf

I'm trying to configure OpenSSL so that all OpenSSL applications on my device use a custom engine. I have the following in my openssl.cnf file: config_diagnostics = 1 openssl_conf = openssl_def [ openssl_def ] engines = engine_section […
Mitch Lindgren
  • 2,120
  • 1
  • 18
  • 36
0
votes
1 answer

How to setup OCSP server for Private CA and has few queries

I have generated my private Root CA and then Intermediate CA which is being used for signing certificates rather than directly RootCA. Now I want to setup OCSP server hence have certain queries. Since I am using Intermediate CA, shall I use Int CA…
Blason R
  • 5
  • 2
0
votes
1 answer

How to use OpenSSL command line to operate(signature, for example) after loading OpenSSL engine?

I wrote a self-defined OpenSSL engine and engine tester in ubuntu 20.4. And the OpenSSL version is 1.1.1. The goal is to use engine in TLS session, and the first step is to use command line to sign a digest. The reference website…
coolddd
  • 11
  • 2
0
votes
1 answer

Loading OpenSSL custom engine via openssl.conf file shows error

I have a simple openssl engine that I want to load into OpenSSL via openssl.conf file. I have install openssl-1.1.1c from source using the following configuration setting, ./config --prefix=/opt/openssl -DOPENSSL_LOAD_CONF…
user45698746
  • 305
  • 2
  • 13
0
votes
1 answer

Error while call to function EVP_DigestSignFinal

I'm trying to implement ECDSA with custome engine and I'm facing error at this line EVP_DigestSignFinal(mdctx, sig, slen)).Can anyone please guide me. Engine part --> EVP_PKEY_meth_set_sign(dasync_ec, dasync_ec_signinit, …
Asif Sayyad
  • 23
  • 6
0
votes
1 answer

Using configuration file for OpenSSL's EVP API

Background When using OpenSSL via the command-line, I am able to change the default engine by setting my openssl.cnf (see Sample code below). I now want to change the default engine while using the EVP API, ideally by changing a config file. The…
dinnerPlaht
  • 25
  • 3
0
votes
0 answers

Why am I not getting the decrypted data when my input text size is less than 16 bytes using openssl EVP_OpenInit() api function?

I am trying to encrypt and Decrypt file using EVP apis. I am getting correct result when size is greater or equal to 16 bytes only. Here is my codes for the above stated problem. #include #include #include…
Sumit Jha
  • 9
  • 6
0
votes
1 answer

sslscan.c:94:25: fatal error: openssl/err.h: No such file or directory compilation terminated. #163

I am need to install sslscan tool for ssl scanning (from here) in ubuntu virtual machine (virtualbox). Following their installation instructions provided here, I installed openssl-chacha from here. Note that I am aware that this fork of openssl…
None
  • 281
  • 1
  • 6
  • 16
0
votes
1 answer

How to set issuer name to x509_req type object

I am trying to sign an existing csr using a CA certificate's private key. So i am planning to use X509_req_sign() API. I have created a x509_req object by reading the csr file. I have also extracted the subject name out of the CA certificate. But I…
Shrikant Dhapke
  • 1
  • 2
0
votes
1 answer

BIO_set_fp() crashes on Windows

I have the following OpenSSL code: BIO* out = BIO_new(BIO_s_file()); // BIO_new_fp(stdout, BIO_NOCLOSE); if (out == NULL) { CNGerr(CNG_F_CNG_CTRL, CNG_R_FILE_OPEN_ERROR); return 0; } BIO_set_fp(out, stdout, BIO_NOCLOSE); // Program exits…
Wheatley
  • 153
  • 1
  • 12
0
votes
1 answer

Testing a custom openSSL engine from the command line

Quick question: How can I verify the functionality of a custom openSSL engine I'm writing from the command line? Right now I am following along with this great tutorial, and am successfully able to exercise the engine (which returns a digest value…
asmvolatile
  • 522
  • 5
  • 22
0
votes
2 answers

Configure Apache server to use specific OpenSSL Engine

I have a working OpenSSL RSA engine (i.e. a .so file) and an Apache server configured in SSL mode. How can I make Apache use RSA implementation from my RSA engine? In other words: Where do I put the engine (.so file), how do I modify the openssl.cnf…
Dani Grosu
  • 544
  • 1
  • 4
  • 22
1 2 3
4
5