[openssl-users] Possible bug in crypto/engine

Antonio Iacono antiac at gmail.com
Sun Jan 6 18:54:44 UTC 2019


I sign a text file with:
openssl cms -sign -signer cert.pem -inkey 01 -keyform engine -engine pkcs11
in openssl.cnf
engine_id = pkcs11
dynamic_path = /path/pkcs11.so
MODULE_PATH = /path/opensc-pkcs11.so

everything works well but if I write a wrong key, es. -inkey 101, this is
gdb result:

PKCS11_get_private_key returned NULL
cannot load signing key file from engine
routines:ENGINE_load_private_key:failed loading private
unable to load signing key file
Program received signal SIGSEGV, Segmentation fault.
__GI___pthread_rwlock_wrlock (rwlock=0x0) at pthread_rwlock_wrlock.c:27
27    pthread_rwlock_wrlock.c: No *such* file or directory

I realized that the error is probably here:
crypto/engine/eng_lib.c line 93
if (e->destroy)
CRYPTO_free_ex_data(CRYPTO_EX_INDEX_ENGINE, e, &e->ex_data);
if I comment these lines openssl does not crash

I do not know engine well and I do not know what these two lines do, if
anyone has any suggestions I can do some tests

Antonio Iacono
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20190106/f6a76e1b/attachment.html>

More information about the openssl-users mailing list