Hi, I am trying to work with the pkcs11_engine from the opensc project and a vendor supplied module and I am running into some problems.
This worked just fine on my SLES 10 SP2 server with an older version of openssl but when I try to get it to work on my SLES 11 server with openssl 0.9.8h it does not work. Here is what happens: OpenSSL> engine dynamic -pre SO_PATH:/usr/lib/engines/engine_pkcs11.so -pre ID:pkcs11 -pre LIST_ADD:1 -pre LOAD -pre MODULE_PATH:/root/.tblive/libtbpkcs11.so (dynamic) Dynamic engine loading support [Success]: SO_PATH:/usr/lib/engines/engine_pkcs11.so [Success]: ID:pkcs11 [Success]: LIST_ADD:1 [Success]: LOAD [Success]: MODULE_PATH:/root/.tblive/libtbpkcs11.so Loaded: (pkcs11) pkcs11 engine OpenSSL> req -engine pkcs11 -new -key slot_0-label_TB_AUTH_KEY -keyform engine -out req.pem -text -x509 -subj "/CN=TrustBearer" unable to load module /root/.tblive/libtbpkcs11.so Segmentation fault or sometimes I get: __pthread_mutex_lock: Assertion `robust || (oldval & 0x40000000) == 0 failed instead of the segfault. I have traced the point where the load module fails to the call: CRYPTOKI_checkerr(PKCS11_F_PKCS11_CTX_LOAD, rv); in libp11 file src/p11_load.c I am not exactly sure what this call is checking but it looks like if rv is not 0 then it waill always fail. Any idea what could be going on? Thanks, Bram Cymet ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
