Issue in upgrading code related to CAPI Engine for accessing Windows certificate Store(Windows7) (upgrade from 1.0.2p to 1.1.1c)

2019-09-30 Thread manoj upadhyay 
Hi All,
I am facinmg issue while upgrading my OpenSSL version from 1.0.2p to 1.1.1c.
I am facing the issue where "ENGINE_by_id("capi")" is not returning proper 
pointer. I want to access windows certificate store with certificate and keys.

Snippet of my working code in 1.0.2p:(This is working fine)
This is working fine and I am able to get the Private key.
--
  ENGINE_load_capi()
  ce = ENGINE_by_id("capi");
  if (NULL == ce)
  {
 ENGINE_cleanup();
 return E_LOAD_FAILED;
  }
  if (!ENGINE_init(ce)||!ENGINE_register_STORE(ce) )
  {
 ENGINE_cleanup();
 ce = NULL;
 return E_INIT_FAILED;
  }
 (void)ENGINE_ctrl_cmd(ce,"store_flags",0, NULL, NULL, 0);
 (void)ENGINE_ctrl_cmd(ce,"store_name" ,0, (void*)storeName, NULL, 0);
 privateKey  = ENGINE_load_private_key(ce,"certname", 0, 0);


I can see that few CAPI API is deprecated in 1.1.1c, but they can be enabled by 
following configuration(Based on engine.h)
> "perl Configure debug-VC-WIN64A no-asm enable-capieng no-shared 
> no-dynamic-engine --api=1.0.0"
Code from 1.1.1c:
---



  ENGINE_load_capi()
  ce = ENGINE_by_id("capi");   <<Returning NULL always
  if (NULL == ce)
  {
 ENGINE_cleanup();
 return E_LOAD_FAILED;
  }
  if (!ENGINE_init(ce)||!ENGINE_register_complete(ce) )
  {
 ENGINE_cleanup();
 ce = NULL;
 return E_INIT_FAILED;
  }
 (void)ENGINE_ctrl_cmd(ce,"store_flags",0, NULL, NULL, 0);
 (void)ENGINE_ctrl_cmd(ce,"store_name" ,0, (void*)storeName, NULL, 0);
 privateKey  = ENGINE_load_private_key(ce,"certname", 0, 0);


If I change my code to the following way, I get one pointer but when I try to 
load the private key I get always empty private key.
> "perl Configure debug-VC-WIN64A no-asm

Code:
  int rc = 0;
  ENGINE_load_builtin_engines();
  ce= ENGINE_by_id("dynamic"); <<==Engine Pointer with no valid data
  rc = ENGINE_ctrl_cmd_string(ce, "SO_PATH", "c://mylib//capi.dll", 0); if (! 
rc) return ERROR_RC;
  rc=  ENGINE_ctrl_cmd_string(ce, "LOAD", NULL, 0); if (! rc) return ERROR_RC;
  rc = ENGINE_register_complete(ce); if (! rc) return ERROR_RC;
  rc = ERR_load_ENGINE_strings(); if (! rc) return ERROR_RC;

  if (NULL == ce)
  {
 ENGINE_cleanup();
 return LOAD_E_FAILED;
  }
if (!ENGINE_init(ce))
  {
 ENGINE_cleanup();
 sCapiEngine = NULL;
 return INIT_E_FAILED;
  }
  ENGINE_register_complete(ce);
  (void)ENGINE_ctrl_cmd(ce,"store_flags",0, NULL, NULL, 0);
  (void)ENGINE_ctrl_cmd(ce,"store_name" ,0, (void*)storeName, NULL, 0);
  privateKey  = ENGINE_load_private_key(ce,"certname", 0, 0); 
<<====Always getting NULL Private key.


I am not able to figure out where things are going wrong.

Is there any way I can get the desired result from Capi for windows cert store? 
Please help.

Thanks & regards,
Manoj Upadhyay

Issue Building OpenSSL with "enable-static-engine" for MD & MT Builds for x86

2019-08-08 Thread manoj upadhyay 
Hi All,

I am trying to build OpenSSL  DLLs  for MD and MT for windows on X86 and x64.   
I am building it for Visual studio vs 2017, 2015 and   2013.

When I configure the build using following command on  Visual Studio2015  x86 
command prompt , "namke" is throwing error But the same is working with Visual 
studio 2017 (32/64bit) and for Visual Studio 2015 x64.

   perl Configure VC-WIN32 no-asm 
enable-static-engine



While searching for this Issue I came across following
https://github.com/openssl/openssl/issues/560
"INSTALL.WIN configure option `enable-static-engine` appears to be ignored 
#560:"

It seems it was supported viautil/mk1mf in older version of OpenSSSLBut now 
this file ans this flag is removed.

Is there any way to resolve the Issue?
What is the use of this flag "​enable-static-engine"?
Why it was there and why it is removed now?

I will be great if I can get some insight.  Thanks In Advance.

Regards,
Manoj Upadhyay

Issue Building OpenSSL version 1.1.1b using batch files Missing do_win64a/nt.mak/nt-dbg.mak

2019-07-26 Thread manoj upadhyay 
Hi All,

I need help in building the OpenSSL 1.1.1b using the batch files.
I have existing batch files to build OpenSSL  "1.0.2p". It uses following files 
to build OpenSSL.

  1.  ms\do_win64a
  2.  nt.mak
  3.  nt-dbg.mak

But above files are missing from 1.1.1b.  For reference I am adding code 
snippet from my batch file.

Code snippet from Batch file.
 set VERSION=openssl-1.1.1b
 cd %VERSION%
 perl Configure VC-WIN64A no-asm
 call ms\do_win64a
 sed -e s/out32/out64/g ms\nt.mak | sed -e s/tmp32/tmp64/g | sed -e 
s/inc32/inc64/g > ms\nt-64.mak
 nmake -f ms\nt-64.mak clean
 nmake -f ms\nt-64.mak
 
 .
 ...
 cd %VERSION%
 perl util\mk1mf.pl debug no-asm VC-WIN64A >ms\nt-dbg.mak
 sed -e s/out32/out64/g ms\nt-dbg.mak | sed -e s/tmp32/tmp64/g | sed -e 
s/inc32/inc64/g > ms\nt-dbg-64.mak
 nmake -f ms\nt-dbg-64.mak clean
 nmake -f ms\nt-dbg-64.mak

Errors during running Batch scripts: (File Not Found)
 Configuring OpenSSL version 1.1.1b (0x1010102fL) for VC-WIN64A
 Using os-specific seed configuration

 It looks like you don't have either nmake.exe or dmake.exe on your PATH,
 so you will not be able to execute the commands from a Makefile.  You can
 install dmake.exe with the Perl Package Manager by running:

  ppm install dmake

 Creating configdata.pm
 Creating makefile

 **
 ******
 ***   OpenSSL has been successfully configured ***
 ******
 ***   If you encounter a problem while building, please open an***
 ***   issue on GitHub   ***
 ***   and include the output from the following command:   ***
 ******
 ***   perl configdata.pm --dump***
 ******
 ***   (If you are new to OpenSSL, you might want to consult the***
 ***   'Troubleshooting' section in the INSTALL file first) ***
 ******
 **
 'ms\do_win64a' is not recognized as an internal or external command,
operable program or batch file.

 Configuring OpenSSL version 1.1.1b (0x1010102fL) for VC-WIN64A
 sed: can't read ms\nt.mak: No such file or directory

 Microsoft (R) Program Maintenance Utility Version 14.16.27031.1
 Copyright (C) Microsoft Corporation.  All rights reserved.

 NMAKE : fatal error U1073: don't know how to make 'clean'
 Stop.

 Can't open perl script "util\mk1mf.pl": No such file or directory

Please help me in getting these files generated and build the code using the 
batch-files.

P.S: I am able to build the code  using the standard method below.
   perl Configure VC-WIN64A
nmake
nmake test
nmake install