Thanks Dmitry and Matthias, I solved, as suggested the problem was not openssl, but libp11 I had compiled with version 1.1 of libcrypto instead version 3.
Antonio Il giorno dom 6 gen 2019 alle ore 23:53 Dr. Matthias St. Pierre < matthias.st.pie...@ncp-e.com> ha scritto: > Antonio, > > > > did you debug the preinstalled openssl app or have you tried to debug your > own version, built with a debug configuration? > > > > You get the best results in the debugger if you use the > `debug-linux-x86_64` config target and > after building (you only need to run `make`, not `make install`) run it in > the debugger directly from the source > > directory as follows: > > > > util/shlib_wrap.sh gdb apps/openssl cms -sign -signer cert.pem - > inkey 101 -keyform engine -engine pkcs11 > > > > If you can reproduce the crash with your debug version, please post a > backtrace of the call stack when it’s stopped > > at the segmentation fault. > > > > HTH, > > Matthias > > > > *Von:* openssl-users <openssl-users-boun...@openssl.org> *Im Auftrag von > *Antonio > Iacono > *Gesendet:* Sonntag, 6. Januar 2019 19:55 > *An:* openssl-users@openssl.org > *Betreff:* [openssl-users] Possible bug in crypto/engine > > > > Hi, > > > > I sign a text file with: > > openssl cms -sign -signer cert.pem -inkey 01 -keyform engine -engine > pkcs11 > > in openssl.cnf > > [pkcs11_section] > engine_id = pkcs11 > dynamic_path = /path/pkcs11.so > MODULE_PATH = /path/opensc-pkcs11.so > > everything works well but if I write a wrong key, es. -inkey 101, this is > gdb result: > > > > PKCS11_get_private_key returned NULL > cannot load signing key file from engine > 140737353990592:error:26096080:engine > routines:ENGINE_load_private_key:failed loading private > key:crypto/engine/eng_pkey.c:78: > unable to load signing key file > Program received signal SIGSEGV, Segmentation fault. > __GI___pthread_rwlock_wrlock (rwlock=0x0) at pthread_rwlock_wrlock.c:27 > 27 pthread_rwlock_wrlock.c: No *such* file or directory > > > > I realized that the error is probably here: > > crypto/engine/eng_lib.c line 93 > > if (e->destroy) > e->destroy(e); > > CRYPTO_free_ex_data(CRYPTO_EX_INDEX_ENGINE, e, &e->ex_data); > > if I comment these lines openssl does not crash > > > > I do not know engine well and I do not know what these two lines do, if > anyone has any suggestions I can do some tests > > > > Thanks, > > Antonio Iacono > -- > openssl-users mailing list > To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users >
-- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
