To avoid the following type of issue replace OSSL_PROVIDER_load with OSSL_PROVIDER_try_load():
+ evmctl --engine gost ima_sign --keyid=aabbccdd --provider pkcs11 \ --sigfile --hashalgo sha256 \ --key pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;... \ --xattr-user pkcs11test evmctl ima_sign failed with (1) EVP_DigestInit() failed openssl: error:0308010C:digital envelope routines::unsupported openssl: error:03000086:digital envelope routines::initialization error Signed-off-by: Stefan Berger <[email protected]> --- src/evmctl.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/evmctl.c b/src/evmctl.c index ffe2fc9..3ebda6f 100644 --- a/src/evmctl.c +++ b/src/evmctl.c @@ -3049,7 +3049,7 @@ static char *get_password(void) #if CONFIG_IMA_EVM_PROVIDER static OSSL_PROVIDER *setup_provider(const char *name) { - OSSL_PROVIDER *p = OSSL_PROVIDER_load(NULL, name); + OSSL_PROVIDER *p = OSSL_PROVIDER_try_load(NULL, name, 1); if (!p) { log_err("provider %s isn't available\n", optarg); -- 2.45.0
