It's a custom engine. load privkey is the pointer to function used as argument in the call: ENGINE_set_load_privkey_function (e, load_private_key); This function is called when OpenSSL try to get the command line "key" argument. In that function I assign the RSA private key (get it from hardware, only modulus and public exponent) to the EVP with: EVP_PKEY_assign_RSA (pk, rsa); where pk is EVP_PKEY *pk; and rsa is RSA *rsa; Everything goes well until the load_private_key function ends and returns the EVP_PKEY. When that call ends, OpenSSL throws the error I said before.
2010/6/28 Dr. Stephen Henson <st...@openssl.org> > On Mon, Jun 28, 2010, Nacho lvarez wrote: > > > I think I wrote this mail in a wrong way so I post it again: > > > > Hello, when I run: > > > > openssl dgst -sha1 -sign <id_of_private_key> -keyform engine -out > > <file> -engine <id-engine> <file-with-data> > > > > In OpenSSL 0.9.8 when the load privkey function ends, OpenSSL is > > waiting and do nothing (doesn't invoke rsa_sign), it doesn't do > > anything more. > > In openSSL 1.0.0a when the load privkey function ends, OpenSSL throws > > the next error: > > > > Error setting context > > 3916:error:260C0065:engine routines:ENGINE_get_pkey_meth:unimplemented > > public key method:.\crypto\engine\tb_pkmeth.c:127: > > 3916:error:0609D09C:digital envelope routines:INT_CTX_NEW:unsupported > > algorithm:.\crypto\evp\pmeth_lib.c:161: > > error in dgst > > > > Do I have to do something further define rsa sign function and link it > > in the RSA_METHOD?. > > Thanks again. > > Is this a custom ENGINE or a standard one? > > Which "load privkey" function do you mean? The one in the ENGINE? Are you > assigning the key to an EVP_PKEY correctly? You *must* use > EVP_PKEY_assign_RSA() or similar in 1.0.0 as other structures get > initialised > at the same time. > > Steve. > -- > Dr Stephen N. Henson. OpenSSL project core developer. > Commercial tech support now available see: http://www.openssl.org > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-users@openssl.org > Automated List Manager majord...@openssl.org >