Hi all, I've was able to get the private key from the HSM (added below). Testing it from the commandline shows:
% openssl rsa -noout -check -in /etc/racoon2/Local/refB.pem RSA key ok Next I started from the default Racoon2 source code (20100526a) with NO patches. It now reads the private key from file. It however still fails with same error at "p_sign.c:123"!? Since I know this will be a RSA key I added code after where the file is read as EVP_PKEY (within ifdef): evp = PEM_read_PrivateKey(fp, NULL, NULL, NULL); #ifdef TEST RSA *rsa = EVP_PKEY_get1_RSA(evp); printf("\nRSA modulus: %d\n\n", RSA_size(rsa)); #endif The output is: "RSA modulus: 512" (WTF!) Output from CLI says modulus is: $openssl rsa -text -in /etc/racoon2/Local/refB.pem Private-Key: (4096 bit) : : I also read the file directly with PEM_read_RSAPrivateKey() and also got the modulus as 512. I also tested that the private key and public certificate matches by singing and verifying random data. So the private key must be correct - right? I've added a line to the Racoon2 init function to print the OpenSSL version and the output is: "OpenSSL version: 100020cf". OpenSSL and Racoon2 are both configured with specific parameters to point to "/usr/local/ssl" as the path to OpenSSL. Based on search results, I've added "OpenSSL_add_all_algorithms()" to the init code, but this did not make a difference. The other "add" and "load" stuff was there already. Thanks for all the help so far LJB -----BEGIN RSA PRIVATE KEY----- MIIJKAIBAAKCAgEA5B36X3g6AtbnELtkoKUfAmwAXfFsk8kH0U+vRcuRLQ0VIVHI FTZBIP4Ao68JPBh+fqS3eCtF5Ra1AxSTHH5+QkkN+c5j+iWbvlT55/gtrGz25dyW A+xJ1LyvBuLxgczgCTIdvegMQNlo8r/fm492tXI/X3pMJufdMD8ddpBPc+rD1MbX HcOYuWRdeDic0BepH1cvMnb9nCLz7lHv0j18NFYNYPeB0htu+jzP3EZndVtP3Zt3 C1gdjZf8j4SCI7gGtP/1kQ4lmemLCQhQG7sOgmqrNcX4Xk35sTEfn3ICE6p5vbsB 2hCCKpG8BaLS6jyoXecoXhtsbK4qLtexJdtJmDbKUm1dvFxr5qpes/pcQQR3KxIf 4woZmp24vT08WZHwCsmJd1WZffODBxCcEPn8ZdAABYUTsGlvjTEWnJCr+fJyUz6M K/J85+sCilvOKVWvTldyleFfe7RFNLRPxxx9KeoSszb4lWe3Ic33vn5W8PthEvkY ZwK36K4ripjksb0ROzTvFrhl4hgopnpMN5lu8eQExzktC+wyNbDHN3msy4UsQpou mZq9WfRbvfqOCs/z3hh/bO5efxXhJCTt/5y4fh0qBRjXVCLkZcnaJ0cwaCfF+v/B AHtJ8/Un3Aon7kFvVaaw7eMz6kC4y4mYMN6Zc+oYom9So+3wU1us5ezCr2UCAwEA AQKCAgAWXR4DqAy/5IOor0ZxPV7p5N6wVw/W+Tlr+szrIcbszMCKkLL16Wi/LEex xGI6YwhbsBhQjqV+jRhX4fd+LqSAKRtWpzZD+tXm9fu+EyWfJtuZs2N9pPekBI+A NFWK7SP1otUpngs9fFL+oXLxlEIGDdpKqPm4Qrj7luRzkDhJ2/Uw8gF66Icbfcxw EdTFzdwFt41n/CRm30Jc1emWCfMYSmtrWzh9+bSKkdWq+bgA2F/fEPO9x/i1vfXD uDDuAYeezQ0tGF71VOENlKQN4+vLO1vnnK35yNk21uMLxaiQdwESabgHweCQ/dKa Ftlon2O+OQBLIZMioHyANSMn2/S96RT6qiiJrf8leIsRRVmvNnSGC9ScPfGqZHHc /Rh7zifRIDaoRi1/AB9GLoF01musmvULmv0AW2JOomm7Rxp71kED9pKJN/nrZkLT mftAPBm/4pmrVt28bLQE0sn8JgtSaeP4Z5Y1VV3UHKit8rgY2AdAOCVeHYDeCZwy n4OGeed6GxJIK0NHa9qTlhznPVvK5WB+vzNIqpd4eQPZ3ETX3fXp0CgEymyGQZIY +rXkkR7XHPLcey7iEEdhmUdxXLMffuzvj5s1oOL7JY0rRLG6QoLhwNQX/kmmncZw J24zrGz3KOfQcw1KKTuu/g8iwna3b/PYT15gIhlx1YvdvH34QQKCAQEA9kkoaQGR fC56Uy9X+HrafDBj+JZc5+qM+9NVx9yigc9AS+Hw31eM9g2+ZotairL++X3ExSTP 0zJZQG5Af/oueX7PO7JpYJywMErymKTEjRnSa31RWgNy0SENWztGnshVjoBkC18U fiTKrp/mEC3LEnjWG47NP7XnP6kwlZJf5vXyN0ystJXx4CUUHdKiFZ/+Ji8918jP MADLHIqx6C8wF1nw3rsw7xbfj8hdL2uXc+ccTHaITEM49zf1NY6Y5FlEADmK8PHl nW+KLz4p1FePP3+7j0vgmPPRAzH+26c+2SkBVLG9tZ4nRQFFoXu3DUZ/yR/kcj6d 6iF7WLg4IZ0M1QKCAQEA7R1dNihL7OrY2V/6F9YkWGThTaChfAlY2qoEzjU+tSN9 Oz4T4ErmNRwZne1bZS+KrDVAT2NyuHqP/d8UCH7+4dPUrCtUa2uocR2ZkCB/8YE0 MBwUGLVvEg9p5UzN8oLi5HYgplXuQyKjNKsOXRsFT+asiIaufGeB6SQH3YsO9d1J cnFQ+I7syXIpgNVU4Hwva/A6OMn3F5ctHqSPcefoDrjJvZvuxNv2Q+OkfygOwIVl fG0+cM33TRoHBkgRFsiluxB+HmHvnPruyacnVJr4iMMHoP55o2WFLzLyviCdxWfG esI2UcYp//yGRomJfhH4ryo352AlZK+6XiGxFhsgUQKCAQEAoU+HfUd+r9SNYGC5 ANIOuprDT/XEQk55KxPfsnlLozRIy6rgJpjkheC4ndeWZRQaNvVuZSXYTV9D4BSW gHwv5nntaA9SP+pA6FCeluYMqtKH5Ml++DMcB+fbJK8tcSCMETr8zAnplTmp2zh1 6pDj2mR08DXXL2yIW0UIwl7OG6tpi1jYIau4cfQ3OdVVPk69musEWYp4UdujLT2W ixolKJZLUsdOpLrZkQZOKpoQ5+Quv9I/MZwx+pKXNA4DDEV/aZpG68u0diqxWoIf yanT9GZIRfIP2H6RnsMnR11Cp9/YtE16kTNWSzcrETrDyZksZ2JRMZbbvZdSf+ih Mzr3RQKCAQAoDEabCBFS0ZOQm1pFPmDjIR7AmrnLllSQkhi/r1SJCZZ0NBbtUhkx rS5Scy11mKMGVPQotHZC3EiHq27ZxIFOKRYJgkP+5K8Nc99k7WhOpPDok0V9qt84 oKvVE7TRGfQyfBUlouvcIPSJx75kUVUDWsWXRZAg6OaTNwexDnSXaCmoj6UKZjFu EL8byGxOggsMYwWiY9I9BMaVH1wu8+lI20MPqE+apkAg1UkKRPzA3Yb3jgf2y4LS XewDzpY8T+VWBAIZJZdv3x4HpxjIfGgvySj3syNeSp5FC4jePeoH1nA6eaTtCNg9 KSyQq1gyl9x10V6h0KZgLCIBFhWv0yMRAoIBAE9i9Llefme5ZHDcXiJa7x7d11Et KpHkMfrYwmCCPsZdijwAyN4oBfcfDbfASzSTtcK13qnzwq34xLSe7JgefbR0prws PsFEx1kSZHxPuCl3/L7cZSTJ3ZrNcdHtcqiGHX4zR3AJ8Vy8dB/w9ip3IDE6+/8L dujQ2kWHOYAKoQ7+pV8qzfBSVs07COFm73bz7omasZaHPsGH9cmTbgGZSJiUAo36 jAK27hnXSQzqD2Jtmr95wAVJk2PYxtgsCbGFrE1STj9ZHp1OEoZqAdnlOKQEz1S0 ZfzdAMnD2ntpROVrvEEuLT68oePoXgwlG+1C4njPlpwCb0WlHfCM60RcllU= -----END RSA PRIVATE KEY----- -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev