Hi all,
I have followed chapter 5 of the book "Network security with OpenSSL"
in order to code a simple SSL/TLS client and server (in Xubuntu14.04
with OpenSSL1.0.1h). The client/server code worked fine.
Then, I modified the initialization function to take into
consideration cryptodev engine and use kernel crypto API, as follows:
void init_tls(void)
{
#if (USE_CRYPTODEV == 1)
ENGINE_load_cryptodev();
if (!(engine = ENGINE_by_id("cryptodev")))
printf("error: engine cryptodev init failure\n");
else if (!ENGINE_set_default(engine,
ENGINE_METHOD_CIPHERS|ENGINE_METHOD_DIGESTS))
printf("error: uploading cryptodev algorithms\n");
else
printf("note: cryptodev engine successfully uploaded\n");
#endif
if (!setup_thread() || !SSL_library_init()) {
printf("error: OpenSSL init failure\n");
return;
}
SSL_load_error_strings();
}
The function init_tls() is called at the begging of client and server
main() functions. At execution, the client and server succeed in
loading cryptodev engine. However, I get the following errors:
1) ./client:
** error in SSL_connect(): error:00000000:lib(0):func(0):reason(0)
2) ./server:
** error in SSL_accept(): error:0606B06E:digital envelope
routines:EVP_SignFinal:wrong public key type:p_sign.c:127
Do you have any idea why cryptodev makes this error appear in the server side.
Thanks in advance for your help,
Best regards,
Aymen
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
