We have explained quite a bit about using the OpenSSL library. Often, tasks such as certificate management are most easily accomplished with the command-line tool. For other tasks, such as SSL communications, we must flex our knowledge of the API. By this point it should be clear, though we have not explicitly stated it, that the command-line utilities all use various parts of the OpenSSL API, some of which we have not yet discussed in any detail.
In this chapter, we tackle some of the more advanced topics of programming with OpenSSL, including the programmatic interfaces to some features we've discussed only when using the command-line tool. In addition, we'll cover the interface for reading program variables at runtime. Using the details in this chapter, we will investigate how OpenSSL provides for a variety of other tasks, such as creating S/MIME secure email, importing certificates into common web browsers, and hooking into certificates to access public key components for more primitive cryptographic functions.
has a large number of macros for dealing with stacks of typed
objects. The API can perform only a small number of operations on a
stack; however, there are a large number of macros to ensure
type safety for objects on the stacks. For
instance, if we had a stack of
X509 objects and a
generic push method for adding an object to the stack, nothing would
prevent us from accidentally pushing a non-
X509 object onto ...