Hi All, I am facinmg issue while upgrading my OpenSSL version from 1.0.2p to 1.1.1c. I am facing the issue where "ENGINE_by_id("capi")" is not returning proper pointer. I want to access windows certificate store with certificate and keys.
Snippet of my working code in 1.0.2p:(This is working fine) This is working fine and I am able to get the Private key. -------------------------------------- ENGINE_load_capi() ce = ENGINE_by_id("capi"); if (NULL == ce) { ENGINE_cleanup(); return E_LOAD_FAILED; } if (!ENGINE_init(ce)||!ENGINE_register_STORE(ce) ) { ENGINE_cleanup(); ce = NULL; return E_INIT_FAILED; } (void)ENGINE_ctrl_cmd(ce,"store_flags",0, NULL, NULL, 0); (void)ENGINE_ctrl_cmd(ce,"store_name" ,0, (void*)storeName, NULL, 0); privateKey = ENGINE_load_private_key(ce,"certname", 0, 0); I can see that few CAPI API is deprecated in 1.1.1c, but they can be enabled by following configuration(Based on engine.h) > "perl Configure debug-VC-WIN64A no-asm enable-capieng no-shared > no-dynamic-engine --api=1.0.0" Code from 1.1.1c: ------------------- ENGINE_load_capi() ce = ENGINE_by_id("capi"); <<================Returning NULL always if (NULL == ce) { ENGINE_cleanup(); return E_LOAD_FAILED; } if (!ENGINE_init(ce)||!ENGINE_register_complete(ce) ) { ENGINE_cleanup(); ce = NULL; return E_INIT_FAILED; } (void)ENGINE_ctrl_cmd(ce,"store_flags",0, NULL, NULL, 0); (void)ENGINE_ctrl_cmd(ce,"store_name" ,0, (void*)storeName, NULL, 0); privateKey = ENGINE_load_private_key(ce,"certname", 0, 0); If I change my code to the following way, I get one pointer but when I try to load the private key I get always empty private key. > "perl Configure debug-VC-WIN64A no-asm Code: int rc = 0; ENGINE_load_builtin_engines(); ce= ENGINE_by_id("dynamic"); <<==============Engine Pointer with no valid data rc = ENGINE_ctrl_cmd_string(ce, "SO_PATH", "c://mylib//capi.dll", 0); if (! rc) return ERROR_RC; rc= ENGINE_ctrl_cmd_string(ce, "LOAD", NULL, 0); if (! rc) return ERROR_RC; rc = ENGINE_register_complete(ce); if (! rc) return ERROR_RC; rc = ERR_load_ENGINE_strings(); if (! rc) return ERROR_RC; if (NULL == ce) { ENGINE_cleanup(); return LOAD_E_FAILED; } if (!ENGINE_init(ce)) { ENGINE_cleanup(); sCapiEngine = NULL; return INIT_E_FAILED; } ENGINE_register_complete(ce); (void)ENGINE_ctrl_cmd(ce,"store_flags",0, NULL, NULL, 0); (void)ENGINE_ctrl_cmd(ce,"store_name" ,0, (void*)storeName, NULL, 0); privateKey = ENGINE_load_private_key(ce,"certname", 0, 0); <<============Always getting NULL Private key. I am not able to figure out where things are going wrong. Is there any way I can get the desired result from Capi for windows cert store? Please help. Thanks & regards, Manoj Upadhyay