<div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div>Hi,</div><div><br></div><div>I sign a text file with:</div><div>openssl cms -sign -signer cert.pem -inkey 01 -keyform engine -engine pkcs11 <br></div><div>in openssl.cnf</div><div>[pkcs11_section]<br>engine_id = pkcs11<br>dynamic_path = /path/pkcs11.so<br>MODULE_PATH = /path/opensc-pkcs11.so<br><span class="gmail-tlid-translation gmail-translation"><span title="" class="gmail-"><br></span></span></div><div><span class="gmail-tlid-translation gmail-translation"><span title="" class="gmail-">everything works well but if I write a wrong key, es. -inkey 101, this is gdb result:<br></span></span></div><div><span class="gmail-tlid-translation gmail-translation"><span title="" class="gmail-"><br></span></span></div><div><span class="gmail-tlid-translation gmail-translation"><span title="" class="gmail-">PKCS11_get_private_key returned NULL<br>cannot load signing key file from engine<br>140737353990592:error:26096080:engine routines:ENGINE_load_private_key:failed loading private key:crypto/engine/eng_pkey.c:78:<br>unable to load signing key file<br>Program received signal SIGSEGV, Segmentation fault.<br>__GI___pthread_rwlock_wrlock (rwlock=0x0) at pthread_rwlock_wrlock.c:27<br>27    pthread_rwlock_wrlock.c: <span class="gmail-st">No <em>such</em> file or directory</span></span></span></div><div><span class="gmail-tlid-translation gmail-translation"><span title="" class="gmail-"><span class="gmail-st"><br></span></span></span></div><div><span class="gmail-tlid-translation gmail-translation"><span title="" class="gmail-"><span class="gmail-st"><span class="gmail-tlid-translation gmail-translation"><span title="" class="gmail-">I realized that the error is probably here:</span></span></span></span></span></div><div><span class="gmail-tlid-translation gmail-translation"><span title="" class="gmail-"><span class="gmail-st"><span class="gmail-tlid-translation gmail-translation"><span title="" class="gmail-">crypto/engine/eng_lib.c line 93</span></span></span></span></span></div><div><span class="gmail-tlid-translation gmail-translation"><span title="" class="gmail-"><span class="gmail-st"><span class="gmail-tlid-translation gmail-translation"><span title="" class="gmail-">if (e->destroy)<br>        e->destroy(e);</span></span></span></span></span></div><div><span class="gmail-tlid-translation gmail-translation"><span title="" class="gmail-"><span class="gmail-st"><span class="gmail-tlid-translation gmail-translation"><span title="" class="gmail-">CRYPTO_free_ex_data(CRYPTO_EX_INDEX_ENGINE, e, &e->ex_data);<br></span></span></span></span></span></div><div><span class="gmail-tlid-translation gmail-translation"><span title="" class="gmail-"><span class="gmail-st"><span class="gmail-tlid-translation gmail-translation"><span title="" class="gmail-"><span class="gmail-tlid-translation gmail-translation"><span title="" class="gmail-">if I comment these lines openssl does not crash</span></span></span></span></span></span></span></div><div><span class="gmail-tlid-translation gmail-translation"><span title="" class="gmail-"><span class="gmail-st"><span class="gmail-tlid-translation gmail-translation"><span title="" class="gmail-"><span class="gmail-tlid-translation gmail-translation"><span title="" class="gmail-"><br></span></span></span></span></span></span></span></div><div><span class="gmail-tlid-translation gmail-translation"><span title="" class="gmail-"><span class="gmail-st"><span class="gmail-tlid-translation gmail-translation"><span title="" class="gmail-"><span class="gmail-tlid-translation gmail-translation"><span title="" class="gmail-"><span class="gmail-tlid-translation gmail-translation"><span title="" class="gmail-">I do not know engine well and I do not know what these two lines do, if anyone has any suggestions I can do some tests</span></span></span></span></span></span></span></span></span></div><div><span class="gmail-tlid-translation gmail-translation"><span title="" class="gmail-"><span class="gmail-st"><br></span></span></span></div><div><span class="gmail-tlid-translation gmail-translation"><span title="" class="gmail-"><span class="gmail-st">Thanks,</span></span></span></div><div><span class="gmail-tlid-translation gmail-translation"><span title="" class="gmail-"><span class="gmail-st">Antonio Iacono<br></span></span></span></div></div></div></div></div></div>