[openssl-users] ED25519 key with openssl engine

Paras Shah (parashah) parashah at cisco.com
Mon Sep 17 21:05:04 UTC 2018

I get the following error when I try to access the ed25519 key stored in SoftHSM via the openssl engine interface using engine_pkcs11.

[]:~$ openssl pkey -in "pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=6a160d52b750862f;token=token%202.5.0-rc1;id=%22%22;object=ed25519%20leaf%20key;type=private" -inform ENGINE -engine pkcs11 -text
engine "pkcs11" set.
Enter PKCS#11 token PIN for token 2.5.0-rc1:
Key not found.
PKCS11_get_private_key returned NULL
cannot load key from engine
140736065815424:error:80067065:pkcs11 engine:ctx_load_privkey:object not found:eng_back.c:862:
140736065815424:error:26096080:engine routines:ENGINE_load_private_key:failed loading private key:crypto/engine/eng_pkey.c:78:
unable to load key

The openssl version used above is 1.1.1. which supports the ed25519 keys. The softhsm is v2.5.0-rc1 which also support the ed25519 keys.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20180917/e7471bbe/attachment.html>

More information about the openssl-users mailing list