OpenSSL-1.1 Initial chnages for engine

This is still experimental.
dengert · Jan 14, 2016 · 222ca6a · 222ca6a
1 parent a37c8d0
commit 222ca6a
Show file tree

Hide file tree

Showing 2 changed files with 16 additions and 6 deletions.
diff --git a/src/engine_pkcs11.c b/src/engine_pkcs11.c
@@ -31,6 +31,7 @@
 #include <openssl/crypto.h>
 #include <openssl/objects.h>
 #include <openssl/engine.h>
+#include <openssl/ui.h>
 #include <libp11.h>
 #include "engine_pkcs11.h"
 
@@ -55,7 +56,7 @@ static PKCS11_CTX *ctx;
 static char *pin = NULL;
 static int pin_length = 0;
 
-static int verbose = 0;
+static int verbose = 1; /* TODO reset to 0 after testing */
 
 static char *module = NULL;
 
@@ -182,6 +183,14 @@ int pkcs11_init(ENGINE * engine)
 	if (!mod)
 		mod = DEFAULT_PKCS11_MODULE;
 #endif
+
+	if (!mod) {
+	    mod = getenv("PKCS11_MODULE_PATH");
+	}
+	if (!mod) {
+	    mod = "/opt/smartcard/lib/opensc-pkcs11.so";
+	}
+
 	if (verbose) {
 		fprintf(stderr, "initializing engine\n");
 	}

diff --git a/src/hw_pkcs11.c b/src/hw_pkcs11.c
@@ -192,13 +192,14 @@ static int bind_helper(ENGINE * e)
 	    !ENGINE_set_RSA(e, PKCS11_get_rsa_method()) ||
 #endif
 #ifndef OPENSSL_NO_EC
+#if OPENSSL_VERSION_NUMBER  < 0x10100002L
 #ifndef OPENSSL_NO_ECDSA
-		!ENGINE_set_ECDSA(e, PKCS11_get_ecdsa_method()) ||
-#endif 
-/* TODO add ECDH 
-		!ENGINE_set_ECDH(e, PKCS11_get_ecdh_method()) ||
-*/
+	    !ENGINE_set_ECDSA(e, PKCS11_get_ecdsa_method()) ||
 #endif
+#else
+	    !ENGINE_set_EC(e, PKCS11_get_ec_key_method()) ||
+#endif /* OPENSSL_VERSION_NUMBER */
+#endif /* OPENSSL_NO_EC */
 	    !ENGINE_set_load_pubkey_function(e, pkcs11_load_public_key) ||
 	    !ENGINE_set_load_privkey_function(e, pkcs11_load_private_key)) {
 		return 0;