#include "engine_sct.h" #include #include int main(int argc, char* argv[]) { ENGINE* e = NULL; enum_certs_s* certs_found = NULL; ENGINE_load_dynamic(); e = ENGINE_by_id("dynamic"); int res; // Parameters to set for the dynamic loader res = ENGINE_ctrl_cmd_string(e, "SO_PATH", "/home/carsten/engine_securetoken/libengine_securetoken.so", 0); res = ENGINE_ctrl_cmd_string(e, "ID", "securetoken", 0); res = ENGINE_ctrl_cmd_string(e, "LIST_ADD", "1", 0); // Now actually load the SecureToken engine. res = ENGINE_ctrl_cmd_string(e, "LOAD", NULL, 0); // Following control commands go to the SecureToken engine rather than the dynamic loader res = ENGINE_init(e); res = ENGINE_ctrl_cmd(e, "ENUM_CERTS", 0, &certs_found, NULL, 0); printf("Found %d certificates.\n", certs_found->num_certs); enum_cert_s* selected_cert = NULL; for(int i=0;inum_certs;i++) { printf("Certificate %d:\n", i); printf(" Name: %s\n", certs_found->certificate[i].cert->name); if(certs_found->certificate[i].id == NULL) printf(" No key.\n"); else { printf(" Key access ID: %s\n", certs_found->certificate[i].id); if(!selected_cert) selected_cert = &certs_found->certificate[i]; } } EVP_PKEY* pk_pub = ENGINE_load_public_key(e, selected_cert->id, NULL, NULL); RSA* pubkey = EVP_PKEY_get1_RSA(pk_pub); const char* source = "Dies ist ein geheimer Testtext zum Verschlüsseln\n"; int srclen = strlen(source)+1; unsigned char cipherbuf[srclen*2048]; int ciphlen = RSA_public_encrypt(srclen, (const unsigned char *) source, cipherbuf, pubkey, RSA_PKCS1_PADDING); EVP_PKEY_free(pk_pub); RSA_free(pubkey); EVP_PKEY* pk_priv = ENGINE_load_private_key(e, selected_cert->id, NULL, NULL); RSA* privkey = EVP_PKEY_get1_RSA(pk_priv); char plainbuf[srclen*2]; int plainlen = RSA_private_decrypt(ciphlen, cipherbuf, (unsigned char *) plainbuf, privkey, RSA_PKCS1_PADDING); EVP_PKEY_free(pk_priv); RSA_free(privkey); if(srclen != plainlen || strcmp(source, plainbuf)) printf("Unterschied in Ver/Entschlüsselung"); else printf("%s",plainbuf); res = ENGINE_finish(e); ENGINE_cleanup(); return 0; }