Hi, First, OpenSSL_add_all_algorithms is just a define that resolves to OPENSSL_add_all_algorithms_noconf (or OPENSSL_add_all_algorithms_conf if you define OPENSSL_LOAD_CONF in your build). It's there on evp.h .
To solve you PKCS#12 problem, all you need is to call OpenSSL_add_all_algorithms at the start of your program. Which means in your case that you should dlsym for OPENSSL_add_all_algorithms_noconf and then call it. I hope this will help. Cheers, -- Mounir IDRASSI IDRIX http://www.idrix.fr > Hello, > > For certain reasons I want to load the OpenSSL libraries at run-time > (rather than at load-time). My application will specifically need to be > able to load a PKCS#12 file, and fiddle around with the data in it. > > The relevant code snippets follows (the code below is just exerts, > and parts where originally taken from apps/apps.c): > > ------------------------ > typedef int (OPENSSLCALLCONV *pfnPKCS12_parse)(PKCS12 *p12, const char > *pass, > EVP_PKEY **pkey, X509 **cert, STACK_OF(X509) **ca); > typedef int (OPENSSLCALLCONV *pfnPKCS12_free)(PKCS12 *p12); > typedef int (OPENSSLCALLCONV *pfnPKCS12_verify_mac)(PKCS12 *p12, > const char *pass, int passlen); > typedef PKCS12 *(OPENSSLCALLCONV *pfnd2i_PKCS12_fp)(FILE *fp, PKCS12 > **p12); > > > pfnPKCS12_parse pkcs12_parse = NULL; > pfnPKCS12_free pkcs12_free = NULL; > pfnPKCS12_verify_mac pkcs12_verify_mac = NULL; > pfnd2i_PKCS12_fp d2i_pkcs12_fp = NULL; > > > main() > { > int ret = 0; > void *lib = NULL; > char *error = NULL; > > lib = dlopen(fname, RTLD_LAZY); > > dlerror(); > > pkcs12_parse = (pfnPKCS12_parse)dlsym(lib, "PKCS12_parse"); > pkcs12_free = (pfnPKCS12_free)dlsym(lib, "PKCS12_free"); > pkcs12_verify_mac = (pfnPKCS12_verify_mac)dlsym(lib, > "PKCS12_verify_mac"); > d2i_pkcs12_fp = (pfnd2i_PKCS12_fp)dlsym(lib, "d2i_PKCS12_fp"); > > > fpp12file = fopen(p12file, "rb"); > if(fpp12file == NULL) > { > printf("Error: Unable to fopen(\"%s\")\n", p12file); > return 1; > } > > load_pkcs12(fpp12file, "P12 test #1", p12password, NULL, NULL, NULL); > > return 0; > } > > > int load_pkcs12(FILE *fp, const char *desc, const char *passwd, > EVP_PKEY **pkey, X509 **cert, STACK_OF(X509) **ca) > { > int len, ret = 0; > PKCS12 *p12; > > p12 = d2i_pkcs12_fp(fp, NULL); > if(p12 == NULL) > { > printf("Error: Unable to load PKCS12 file for \"%s\"\n", desc); > goto die; > } > /* See if an empty password will do */ > if(pkcs12_verify_mac(p12, "", 0) || pkcs12_verify_mac(p12, NULL, 0)) > { > pass = ""; > } > else > { > len = strlen(passwd); > if(!pkcs12_verify_mac(p12, passwd, len)) > { > printf("Mac verify error (wrong password?) in PKCS12 " > "file for %s\n", desc); > goto die; > } > pass = tpass; > } > ret = pkcs12_parse(p12, pass, pkey, cert, ca); > die: > if(p12) > pkcs12_free(p12); > return ret; > } > ------------------------ > > I get the "Mac verify error (wrong password? ..." error. > > My initial guess was that I need to initialize the library in some > manner before I can call functions which perform the verification. A > quick search led me to > http://www.ibm.com/developerworks/linux/library/l-openssl.html, which > stipulates: > > ``/* Initializing OpenSSL */ > > SSL_load_error_strings(); > ERR_load_BIO_strings(); > OpenSSL_add_all_algorithms();'' > > I nm'd my /usr/lib/libcrypto.so, but it doesn't appear to contain any > entry for OpenSSL_add_all_algorithms. It does however have: > 000000000009be20 T OpenSSL_add_all_ciphers > 000000000009bc90 T OpenSSL_add_all_digests > > But I'm beginning to feel that I might be chasing the wrong end here. > Can anyone find an immediate problem with how I'm using the PKCS#12 > functions? > > -- > Kind regards, > Jan Danielsson > > > ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
