清理动态引擎的正确方法以及它们可以加载两次吗?
我在使用 python 和 M2Crypto 将 PKCS #11 引擎加载为动态引擎时遇到问题。我正在尝试访问 Aladdin USB eToken。
以下是我的 python 代码中的重要步骤:
dynamic = Engine.load_dynamic_engine("pkcs11", "/usr/local/ssl/lib/engines/engine_pkcs11.so")
pkcs11 = Engine.Engine("pkcs11")
pkcs11.ctrl_cmd_string("MODULE_PATH", "/usr/lib/libeTPkcs11.so")
pkcs11.engine_init_custom() # initialize engine with custom M2Crypto patch
# next few steps which I deleted pass password and grab key & cert off token
Engine.cleanup()
第一次运行该方法时效果很好。第二次,加载动态引擎时失败(见下面的错误)。
回溯(最近一次调用最后一次): 文件“”,第 1 行,在 ? 文件“/usr/local/lib/python2.4/site-packages/M2Crypto/Engine.py”,第 98 行,位于 load_dynamic_engine e.ctrl_cmd_string("LOAD", 无) 文件“/usr/local/lib/python2.4/site-packages/M2Crypto/Engine.py”,第 38 行,在 ctrl_cmd_string 中 引发 EngineError(Err.get_error()) M2Crypto.Engine.EngineError:4002:错误:260B606D:引擎例程:DYNAMIC_LOAD:init失败:eng_dyn.c:521:
是否不可能在Python会话中加载引擎两次?我是否缺少某种引擎清理/删除? OpenSSL 文档讨论了 engine_finish() 但我不认为 M2Crypto 提供了这一点。有没有办法判断引擎是否已经加载?
谢谢!
I am having problems loading Engine PKCS #11 as a dynamic engine using python and M2Crypto. I am trying to access an Aladdin USB eToken.
Here are the important steps from my python code:
dynamic = Engine.load_dynamic_engine("pkcs11", "/usr/local/ssl/lib/engines/engine_pkcs11.so")
pkcs11 = Engine.Engine("pkcs11")
pkcs11.ctrl_cmd_string("MODULE_PATH", "/usr/lib/libeTPkcs11.so")
pkcs11.engine_init_custom() # initialize engine with custom M2Crypto patch
# next few steps which I deleted pass password and grab key & cert off token
Engine.cleanup()
This works fine the first time this method gets run. The second time, it fails when loading the dynamic engine (see error below).
Traceback (most recent call last):
File "", line 1, in ?
File "/usr/local/lib/python2.4/site-packages/M2Crypto/Engine.py", line 98, in load_dynamic_engine
e.ctrl_cmd_string("LOAD", None)
File "/usr/local/lib/python2.4/site-packages/M2Crypto/Engine.py", line 38, in ctrl_cmd_string
raise EngineError(Err.get_error())
M2Crypto.Engine.EngineError: 4002:error:260B606D:engine routines:DYNAMIC_LOAD:init failed:eng_dyn.c:521:
Is it impossible to load engines twice in a python session? Am I missing some kind of engine cleanup/deletion? The OpenSSL docs talk about engine_finish() but I don't think M2Crypto offers that. Is there a method to tell if the engine is already loaded?
Thanks!
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
M2Crypto 在 svn 主干版本中确实有 ENGINE_finish 和 ENGINE_free 可用。
Engine类具有init和finish方法,当实例被删除时,它将被free'd 。你能尝试一下吗?如果您发现任何问题,仍有时间在下一个版本中修复它们。M2Crypto does have ENGINE_finish and ENGINE_free available in the svn trunk version. The
Engineclass hasinit, andfinishmethods, and when an instance gets deleted it will befree'd. Can you give that a try? If you see any issues there is still time to fix them for next release.我的 python 代码显示得比评论部分更好。 pkcs11.finish() 方法会导致 M2Crypto 修订版 723 中出现分段错误。
有人可以建议我是否做错了什么或者 M2Crypto 代码是否存在问题?
My python code displayed nicer than it is in the comment section. The pkcs11.finish() method causes a segmentation fault in M2Crypto revision 723.
Anyone have advice on whether I'm doing something wrong or if there is a problem with the M2Crypto code?