1 Reply by am

(9 replies, posted in wolfCrypt)

Hey Hayden, thanks for the help so far.

I'm attempting to add wolfEngine to nginx, as you mentioned in the webinar that it's confirmed supported. I load libwolfengine dynamically in nginx/src/core/nginx.c's main() function and see wolfEngine logs when running nginx such as

...
wolfEngine Entering we_ec_cleanup
wolfEngine Leaving we_ec_cleanup, return 1
wolfEngine Entering we_digests
wolfEngine Leaving we_digests, return 1
wolfEngine Entering we_sha_init
Initializing wolfCrypt wc_HashAlg structure: 0x7f92be70a3d0
wolfEngine Leaving we_sha_init, return 1
wolfEngine Entering we_digest_update
wolfEngine Leaving we_digest_update, return 1
wolfEngine Entering we_digest_final
Message Digest
wolfEngine Leaving we_digest_final, return 1
wolfEngine Entering we_digest_cleanup
wolfEngine Leaving we_digest_cleanup, return 1
...

However, in nginx/src/event/ngx_event_accept.c's ngx_event_accept() function I don't see any wolfEngine debug logs. I've even explicitly added some RAND_bytes() calls that should trigger wolfEngine debug logs, but there's none. I also try loading libwolfengine in ngx_event_accept() the same way I did in main(), but despite ENGINE_by_id, ENGINE_init, ENGINE_set_default, and ENGINE_ctrl_cmd all returning 1 indicating a success, no debug logs are shown.

How can I verify wolfEngine is working properly for nginx, and why aren't wolfEngine debug logs showing up in the nginx event loop?

Go to forum: wolfCrypt

2 Reply by am

(9 replies, posted in wolfCrypt)

Hey Hayden, thanks for the reply, the examples folder you linked was really helpful. The two C files you included are working as expected, which is also great. Just checking though, and maybe it is a bit too hopeful, is there any way to have OpenSSL default to using wolfEngine without writing any additional code, even without having to add 

OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS |
                    OPENSSL_INIT_ADD_ALL_DIGESTS |
                    OPENSSL_INIT_LOAD_CONFIG, NULL);

?

Go to forum: wolfCrypt

3 Reply by am

(9 replies, posted in wolfCrypt)

Hi Hayden,

I have a couple questions about using wolfEngine from a config file.

I've set my /usr/local/ssl/openssl.cnf with the following:

openssl_conf = openssl_init

[ openssl_init ]
oid_section             = new_oids
engines = engine_section

[ engine_section ]
wolfSSL = wolfssl_section

[ wolfssl_section ]
engine_id = libwolfengine
dynamic_path = /usr/local/lib/engines-1.1/libwolfengine.dylib
init = 1
enable_debug = 1
default_algorithms = ALL

Now this appears to work on the command line, as when I run "openssl engine" it prints multiple lines regarding wolfEngine, and running "openssl aes" commands on the CL also indicates that wolfEngine is being used.

However, when running this code:

int main() {
    printf("Hello, World!\n");

    ENGINE *e;
    ENGINE_load_builtin_engines();
    e = ENGINE_by_id("libwolfengine");
    ENGINE_init(e);
    //ENGINE_set_default(e, ENGINE_METHOD_ALL); // so far wolfEngine only outputs logs if this is set

    //ENGINE_finish(e);
    //ENGINE_free(e);

    // print wolfEngine logs
    ENGINE_ctrl_cmd(e, "enable_debug", 1, NULL, NULL, 0);

    unsigned char buffer[128];
    if (1 != RAND_bytes(buffer, sizeof(buffer))) {
        fprintf(stderr, "error with RAND_bytes\n");
    }

    printf("Made it to end\n");
    
    return 0;
}

It doesn't indicate that wolfEngine is being used unless I uncomment "ENGINE_set_default". But my questions are:

1. Is there a way to use wolfEngine without calling any ENGINE functions? For example, if I called RAND_bytes in my code without using any ENGINE calls, it would use wolfEngine. I would like to be able to use my existing OpenSSL code and not have to add to it.
2. if yes to 1, how can I verify OpenSSL is delegating the function calls to wolfEngine?

Thank you smile

Go to forum: wolfCrypt

4 Reply by am

(9 replies, posted in wolfCrypt)

Hey Hayden, thanks for the reply.

Things are working well now and we have wolfEngine working 2 separate ways with openssl.cnf and ENGINE_load_wolfengine() smile

Go to forum: wolfCrypt

5 Topic by am

(9 replies, posted in wolfCrypt)

Hi all,

I have an existing application that uses OpenSSL and would like to use wolfEngine on top of it. I'm working on Mac OSX and have followed the instructions in https://github.com/wolfSSL/wolfEngine as well as watched the wolfEngine webinar at https://www.youtube.com/watch?v=ini0rKfk3mY. I ran 

make check

successfully but aside from that, I'm not sure if installation of wolfEngine worked correctly, as I don't see any .so files in .libs/.

Assuming this is normal though and wolfEngine is correctly installed, what is the process of then using it as an engine for OpenSSL? I would like to perform the sanity check shown at 16:00 in the webinar but I'm not sure where the shared object resides after wolfEngine installation.

Thank you for any help!

Go to forum: wolfCrypt