[openssl-users] ED25519 key with openssl engine

Paras Shah (parashah) parashah at cisco.com
Mon Sep 17 22:58:01 UTC 2018


I had the same doubt. I have x-posed this question on the opensc mailing list as well.

On 9/17/18, 3:37 PM, "openssl-users on behalf of Matt Caswell" <openssl-users-bounces at openssl.org on behalf of matt at openssl.org> wrote:

    Perhaps the pkcs11 engine does not support ed25519 keys?
    
    Matt
    
    On 17/09/18 22:05, Paras Shah (parashah) via openssl-users wrote:
    > I get the following error when I try to access the ed25519 key stored in
    > SoftHSM via the openssl engine interface using engine_pkcs11.
    > 
    >  
    > 
    > []:~$ openssl pkey -in
    > "pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=6a160d52b750862f;token=token%202.5.0-rc1;id=%22%22;object=ed25519%20leaf%20key;type=private"
    > -inform ENGINE -engine pkcs11 -text
    > 
    > engine "pkcs11" set.
    > 
    > Enter PKCS#11 token PIN for token 2.5.0-rc1:
    > 
    > Key not found.
    > 
    > PKCS11_get_private_key returned NULL
    > 
    > cannot load key from engine
    > 
    > 140736065815424:error:80067065:pkcs11 engine:ctx_load_privkey:object not
    > found:eng_back.c:862:
    > 
    > 140736065815424:error:26096080:engine
    > routines:ENGINE_load_private_key:failed loading private
    > key:crypto/engine/eng_pkey.c:78:
    > 
    > unable to load key
    > 
    >  
    > 
    >  
    > 
    > The openssl version used above is 1.1.1. which supports the ed25519
    > keys. The softhsm is v2.5.0-rc1 which also support the ed25519 keys.
    > 
    >  
    > 
    >  
    > 
    > -- 
    > 
    > Paras
    > 
    > 
    > 
    -- 
    openssl-users mailing list
    To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
    



More information about the openssl-users mailing list