[prev in list] [next in list] [prev in thread] [next in thread]
List: openssl-users
Subject: Re: steps to use a dynamic engine from an application
From: Geoff Thorpe <geoff () openssl ! org>
Date: 2005-11-30 5:10:08
Message-ID: 200511300010.09050.geoff () geoffthorpe ! net
[Download RAW message or body]
Hi there,
On November 29, 2005 03:05 pm, Anil Gunturu wrote:
> I am just wondering about the steps to use a dynamic engine. Can
> somebody verify this:
> e = ENGINE_by_id("dynamic");
> if (!e) {
> return RC_ERROR;
> }
> if ((!ENGINE_ctrl_cmd_string(e, "SO_PATH", so_path, 0)) ||
> (!ENGINE_ctrl_cmd_string(e, "ID", "ATHENA", 0)) ||
> (!ENGINE_ctrl_cmd_string(e, "LOAD", NULL, 0)))
> {
> ENGINE_free(e);
> return RC_ERROR;
> }
All of that should be equivalent to ENGINE_by_id("athena") if the engine
has the appropriate name/path and you're using a recent version of
openssl. But if that works for you, cool.
> if (!ENGINE_init(e)) {
> ENGINE_free(e);
> return RC_ERROR;
> }
>
> ENGINE_set_default_RSA(e);
>
> Also, when do I need to call ENGINE_finish() and ENGINE_free()?
Up until you call ENGINE_init() all you have is a *structural* reference,
the engine may not be able to do anything (eg. if it's for hardware you
don't have) but it lets you manipulate it. This reference should be
released by ENGINE_free(). If ENGINE_init() succeeds, you have a
*functional* reference as well, which is released by ENGINE_finish(). In
your case, you've got one of each kind of reference so you'd need to
release both.
However, ENGINE_set_default_RSA() will attempt to initialise the engine if
it's not already initialised anyway (it can't be a default unless it's
*working*). So don't bother trying to initialise it, then you only need
to call ENGINE_free() once you're done. You need to check the return
value of ENGINE_set_default_RSA() though if you want to know if it
succeeded.
BTW, your application needs to call ENGINE_cleanup() when closing down, as
this releases any/all internal references. Eg. ENGINE_set_default_RSA()
causes an internal functional reference to be kept internally to prevent
the engine from deinitialising/unloading.
Cheers,
Geoff
--
Geoff Thorpe
geoff@openssl.org
http://www.openssl.org/
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majordomo@openssl.org
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic