From 9b7dae4572c08d1f056616eb8c14e4d6ac746c35 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Micha=C5=82=20Trojnara?= Date: Mon, 2 Jun 2025 13:59:45 +0200 Subject: [PATCH] Support loading arbitrary engines via ENGINE_by_id() Use ENGINE_by_id() for any engine name that doesn't contain a dot, assuming it's an engine ID. If the name includes a dot (e.g., a file extension), treat it as a path to a dynamic engine module. See #436 for discussion. --- osslsigncode.c | 27 +++++++++------------------ 1 file changed, 9 insertions(+), 18 deletions(-) diff --git a/osslsigncode.c b/osslsigncode.c index 5f7e7a7..2554058 100644 --- a/osslsigncode.c +++ b/osslsigncode.c @@ -4166,21 +4166,6 @@ static ENGINE *engine_dynamic(GLOBAL_OPTIONS *options) return engine; } -/* - * Load a pkcs11 engine - * [in] none - * [returns] pointer to ENGINE - */ -static ENGINE *engine_pkcs11(void) -{ - ENGINE *engine = ENGINE_by_id("pkcs11"); - if (!engine) { - fprintf(stderr, "Failed to find and load 'pkcs11' engine\n"); - return NULL; /* FAILED */ - } - return engine; /* OK */ -} - /* * Load the private key and the signer certificate from a security token * [in, out] options: structure holds the input data @@ -4260,12 +4245,18 @@ static int read_token(GLOBAL_OPTIONS *options, ENGINE *engine) static int engine_load(GLOBAL_OPTIONS *options) { + const char *id = options->p11engine ? options->p11engine : "pkcs11"; ENGINE *engine; - if (options->p11engine) + if (strchr(id, '.')) { + /* Treat strings with a dot as paths to dynamic engine modules */ engine = engine_dynamic(options); - else - engine = engine_pkcs11(); + } else { + /* Treat strings without a dot as engine IDs */ + engine = ENGINE_by_id(id); + if (!engine) + fprintf(stderr, "Failed to find and load '%s' engine\n", id); + } if (!engine) return 0; /* FAILED */ printf("Engine \"%s\" set.\n", ENGINE_get_id(engine));