On 2/7/23, 13:52, "Richard Levitte" <levitte@xxxxxxxxxxx> wrote: > On Tue, 07 Feb 2023 04:23:01 +0100,Blumenthal, Uri - 0553 - MITLL wrote: > > > Here’s what I have in “openssl.cnf” (relevant excerpt): > > In the [pkcs11_sect], there's this suspicious line: > > > pkcs11-module-allow-export > > That might cause the configuration parsing to fail. Unfortunately, > the errors are silenced. Alas, removing that line seemed to have no effect, similar to attempt to use other ways of identifying the key: Decrypt CMS message in file /tmp/derive.1143.text.cms... openssl cms -decrypt -aes256 -binary -inform PEM -in /tmp/derive.1143.text.cms -out /tmp/derive.1143.text.dec -inkey "pkcs11:id=%03;object-type=private" Could not open file or uri for loading signing key from pkcs11:id=%03;object-type=private 40F6064DF87F0000:error:16000069:STORE routines:ossl_store_get0_loader_int:unregistered scheme:crypto/store/store_register.c:237:scheme=file 40F6064DF87F0000:error:80000002:system library:file_open:No such file or directory:providers/implementations/storemgmt/file_store.c:267:calling stat(pkcs11:id=%03;object-type=private) 40F6064DF87F0000:error:16000069:STORE routines:ossl_store_get0_loader_int:unregistered scheme:crypto/store/store_register.c:237:scheme=pkcs11 40F6064DF87F0000:error:1608010C:STORE routines:inner_loader_fetch:unsupported:crypto/store/store_meth.c:383:No store loader found. For standard store loaders you need at least one of the default or base providers available. Did you forget to load them? Info: Global default library context, Scheme (pkcs11 : 0), Properties (<null>) FAILED to create decrypted file /tmp/derive.1143.text.dec There is a disconnect between what OpenSSL (or this provider) expects, and what it finds in URI. Help...?
Attachment:
smime.p7s
Description: S/MIME cryptographic signature
