How to dynamically load Crypto Api (capi.dll) in openSSL 1.0.0 Win32 via Indy?
https://stackoverflow.com/questions/7231187
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
I use Indy 10 and I want my http client to use Windows store certificate. I use openssl libraries 1.0.0d which should allow me to load capi.dll, but load always fails.
procedure TIdSSLContext.InitContext(CtxMode: TIdSSLCtxMode);
var FEngine : PENgine;
...
FEngine := f_ENGINE_by_id('dynamic');
status := f_ENGINE_ctrl_cmd_string(FEngine, 'SO_PATH', 'capi', 0);
if status>0 then //never!
begin
status := f_ENGINE_ctrl_cmd_string(FEngine, 'LOAD', nil, 0);
if status>0 then
begin
fContext.client_cert_engine := FEngine;
status := f_ENGINE_set_default(FEngine, ENGINE_METHOD_ALL);
end;
end;
...
any ideas?
thanks
Solution
I managed to make it works. A http server requires a client certificate and the certificate is installed in the windows store.
f_ENGINE_load_builtin_engines;
FCapiEngine := f_ENGINE_by_id('dynamic');
if (FCapiEngine<>nil) then
begin
if (f_ENGINE_ctrl_cmd_string(FCapiEngine, 'SO_PATH', '.\capi.dll', 0)<=0) or
(f_ENGINE_ctrl_cmd_string(FCapiEngine, 'LOAD', nil, 0)<=0) or
(f_ENGINE_init(FCapiEngine)<=0) then
begin
f_ENGINE_free(FCapiEngine);//Structural reference
FCapiEngine := nil;
end;
end;
and the callBack
function client_cert_cb(SSL : PSSL; x509 : PPX509; pkey : PPEVP_PKEY) : TIdC_INT; cdecl;
begin
result := f_ENGINE_load_ssl_client_cert(FCapiEngine,ssl,nil,x509,pkey,nil,nil,nil);
end;
I added also a few methods
fn_ENGINE_load_builtin_engines = 'ENGINE_load_builtin_engines' ;
fn_ENGINE_register_all_complete = 'ENGINE_register_all_complete' ;
fn_ENGINE_cleanup = 'ENGINE_cleanup' ;
fn_ENGINE_by_id = 'ENGINE_by_id' ;
fn_ENGINE_init = 'ENGINE_init' ;
fn_ENGINE_finish = 'ENGINE_finish' ;
fn_ENGINE_set_default = 'ENGINE_set_default' ;
fn_ENGINE_ctrl_cmd_string = 'ENGINE_ctrl_cmd_string' ;
fn_ENGINE_free = 'ENGINE_free' ;
fn_ENGINE_load_ssl_client_cert = 'ENGINE_load_ssl_client_cert' ;
@f_ENGINE_load_builtin_engines := LoadFunctionCLib(fn_ENGINE_load_builtin_engines);
@f_ENGINE_register_all_complete := LoadFunctionCLib(fn_ENGINE_register_all_complete);
@f_ENGINE_cleanup := LoadFunctionCLib(fn_ENGINE_cleanup);
@f_ENGINE_by_id := LoadFunctionCLib(fn_ENGINE_by_id);
@f_ENGINE_init := LoadFunctionCLib(fn_ENGINE_init);
@f_ENGINE_finish := LoadFunctionCLib(fn_ENGINE_finish);
@f_ENGINE_set_default := LoadFunctionCLib(fn_ENGINE_set_default);
@f_ENGINE_ctrl_cmd_string := LoadFunctionCLib(fn_ENGINE_ctrl_cmd_string);
@f_ENGINE_free := LoadFunctionCLib(fn_ENGINE_free);
@f_ENGINE_load_ssl_client_cert := LoadFunctionCLib(fn_ENGINE_load_ssl_client_cert);
f_ENGINE_load_builtin_engines : procedure; cdecl = nil;
f_ENGINE_register_all_complete : procedure; cdecl = nil;
f_ENGINE_cleanup : procedure; cdecl = nil;
f_ENGINE_by_id : function(const id: PAnsiChar): PENGINE; cdecl = nil;
f_ENGINE_init : function(e: PENGINE): Integer; cdecl = nil;
f_ENGINE_finish : function(e: PENGINE): Integer; cdecl = nil;
f_ENGINE_set_default : function(e: PENGINE; flags: Cardinal): Integer; cdecl = nil;
f_ENGINE_ctrl_cmd_string : function(e: PENGINE; const cmd_name: PAnsiChar; const arg: PAnsiChar; cmd_optional: Integer): Integer; cdecl = nil;
f_ENGINE_free : function(e: PENGINE): Integer; cdecl = nil;
f_ENGINE_load_ssl_client_cert : function(e: PENGINE; s : PSSL; ca_dn : PSTACK_OF_X509_NAME; pcert : PPX509; key : PPEVP_PKEY; pother : PPSTACK_OF_X509;ui_method : PUI_METHOD; callback_data:pointer): Integer; cdecl = nil;
Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
