好吧,我是 openssl 引擎的新手。我已经实现了一个 rsa 引擎。当我通过以下命令使用环境变量加载它时,它可以工作。
openssl engine -t -c rsaa-engine
openssl rsautl -encrypt -in msg.txt -pubin -inkey pubkey-B.pem -engine rsaa-engine -out cip.bin
引擎的 C 代码是:
static const char *engine_rsa_id = "myengine";
static const char *engine_rsa_name = "RSAX";
static RSA_METHOD struct_rsa = {
NULL,
NULL,
NULL,
NULL,
NULL,
NULL,
NULL,
NULL,
NULL,
RSA_FLAG_CACHE_PUBLIC | RSA_FLAG_CACHE_PRIVATE,
NULL,
NULL,
NULL
};
static int bind (ENGINE * e, const char *id)
{
const RSA_METHOD *meth1;
if (!ENGINE_set_id (e, engine_rsa_id) ||
!ENGINE_set_name (e, engine_rsa_name) ||
!ENGINE_set_RSA (e, &struct_rsa))
return 0;
meth1 = RSA_PKCS1_SSLeay ();
e_rsax_rsa.rsa_pub_enc = eng_rsa_pub_enc;
e_rsax_rsa.rsa_pub_dec = eng_rsa_pub_dec;
e_rsax_rsa.rsa_priv_enc = eng_rsa_priv_enc;
e_rsax_rsa.rsa_priv_dec = eng_rsa_priv_dec;
e_rsax_rsa.bn_mod_exp = meth1->bn_mod_exp;
e_rsax_rsa.finish = meth1->finish;
return 1;
}
IMPLEMENT_DYNAMIC_BIND_FN (bind)
IMPLEMENT_DYNAMIC_CHECK_FN ()
我在使用配置文件加载引擎时遇到问题。在openssl.conf文件中我添加了这个:
openssl_conf = openssl_init
[ openssl_init ]
engines = engine_section
[engine_section]
rsaa-engine = rsaa_section
[rsaa_section]
engine_id =rsaa-engine
dynamic_path =/usr/lib/powerpc-linux-gnu/openssl-1.0.0/engines/librsaa-engine.so
#dynamic_path =/home/engines/engine-rsa/librsaa-engine.so (symlink to this location basically)
default_algorithms = RSA
我在配置文件中添加了这些行但是当我尝试使用以下命令加密或解密时
openssl rsautl -encrypt -in msg.txt -pubin -inkey pubkey-B.pem -out cip.bin
我收到以下错误
Error configuring OpenSSL
4159182024:error:260AC089:engine routines:INT_CTRL_HELPER:invalid cmd name:eng_ctrl.c:131:
4159182024:error:260AB089:engine routines:ENGINE_ctrl_cmd_string:invalid cmd name:eng_ctrl.c:311:
4159182024:error:260BC066:engine routines:INT_ENGINE_CONFIGURE:engine configuration error:eng_cnf.c:191:section=rsaa_section, name=HOME, value=.
4159182024:error:0E07606D:configuration file routines:MODULE_RUN:module initialization error:conf_mod.c:223:module=engines, value=engine_section, retcode=-1