I have to use a certain engine for openSSL.
Regardless of what it does, how is a particular engine activated and dynamically loaded?
Lets say I have built an engine libxxx.so as a shared object and put it in the proper directory (/usr/lib/engines).
Where is the proper point to tell openSSL what engine it should load and how is that done? I found from https://wiki.openssl.org/index.php/Creating_an_OpenSSL_Engine_to_use_indigenous_ECDH_ECDSA_and_HASH_Algorithms that it should be somehow like
ENGINE *my_engine = ENGINE_by_id("xxx");
but there is almost no docu about.
From How to use private key on a PKCS#11 module instead of perivate key file for mutual-authentication in OpenSSL? I found:
if (!(e = ENGINE_by_id("dynamic")))
if (!ENGINE_ctrl_cmd_string(e, "SO_PATH", "dstu", 0))
if (!ENGINE_ctrl_cmd_string(e, "LIST_ADD", "2", 0))
if (!ENGINE_ctrl_cmd_string(e, "LOAD", NULL, 0))
e = ENGINE_by_id("pkcs11_engine");
res = ENGINE_init(e);
if (!ENGINE_set_default(e, ENGINE_METHOD_ALL))
What are the control commands for and why are they not used in the first example? OK, SO_PATH tells a path, but what about the others?
Where should this code be placed? I use openSSL as a library and there is no main, like in the example. Is ENGINE_load_builtin_engines automatically called at startup and needs to be modified when I want to use a given engine as default?
I further know, there is a config file where engines can be specified in engine sections. Can I use this config file to specify my engine xxx as the default engine, so that I don't need the code above to load the specific engine? I'm not sure if the config file is read automatically when using openSSL programatically.