ODP: CSR creation using pkcs11 dynamic engine

Piotr Lobacz piotr.lobacz at softgent.com
Tue Jun 1 15:18:56 UTC 2021

Hi Selva,
btw. i have found one issue in libp11 package https://github.com/OpenSC/libp11/issues/304 and i have used 0.4.10 i will check firstly with 0.4.11 and give you answer.

Od: Selva Nair <selva.nair at gmail.com>
Wysłane: wtorek, 1 czerwca 2021 17:15
Do: Piotr Lobacz <piotr.lobacz at softgent.com>
DW: openssl-users at openssl.org <openssl-users at openssl.org>
Temat: Re: CSR creation using pkcs11 dynamic engine

Hi Piotr,

On Tue, Jun 1, 2021 at 10:57 AM Piotr Lobacz <piotr.lobacz at softgent.com<mailto:piotr.lobacz at softgent.com>> wrote:
i have managed to find the engine method static EVP_PKEY *load_privkey(ENGINE *engine, const char *s_key_id, UI_METHOD *ui_method, void *callback_data) in libp11 package. I have also made a printf callback and i see the output that method is being called, but the problem is that i think i need to set this flag RSA_FLAG_EXT_PKEY in EVP_PKEY object which i don't know how to do is it even possible?

The flag on the key is always set by libp11 (look for RSA_set_key in p11_rsa.c). What it doesn't set is any flags on the method -- which you wanted to satisfy dotnet. For testing you could add it -- look for PKCS11_get_rsa_method in the same file.


Softgent Sp. z o.o., Budowlanych 31d, 80-298 Gdansk, POLAND

KRS: 0000674406, NIP: 9581679801, REGON: 367090912


Sąd Rejonowy Gdańsk-Północ w Gdańsku, VII Wydział Gospodarczy Krajowego Rejestru Sądowego

KRS 0000674406, Kapitał zakładowy: 25 000,00 zł wpłacony w całości.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-users/attachments/20210601/934969a8/attachment.html>

More information about the openssl-users mailing list