Intel® Software Guard Extensions (Intel® SGX)
Discussion board focused on hardware-based isolation and memory encryption to provide extended code protection in solutions.

"unable to load public key" error on openssl1.1.1f

keiji_niwa
Novice
2,235 Views

Hi all
I try to perform encryption using the public key obtained using eHSM-KMS getpublickey API.
However, in my environment, the encryption fails with "unable to load Public key". my environment using openssl1.1.1f.

Encryption succeeds in other environments. This environment uses openssl3.0.2.

What causes encryption to fail with an "unable to load public key" error in openssl1.1.1f environment?

Regards,
keiji_niwa

0 Kudos
1 Solution
keiji_niwa
Novice
1,987 Views

This is a correction.
pkcs#11 is wrong
The correct name is pkcs#8.

View solution in original post

0 Kudos
5 Replies
Iffa_Intel
Moderator
2,123 Views

Hi,


could you clarify if there is a specific reason you are using OpenSSL 1.1.1?



Cordially,

Iffa


0 Kudos
keiji_niwa
Novice
2,111 Views

Hi,
eHSM-KMS supports OpenSSL1.1.1.

eHSM-KMS in our environment also uses OpenSSL1.1.1.

Therefore, we decided to use OpenSSL1.1.1 for encryption.

thank you.

0 Kudos
keiji_niwa
Novice
1,987 Views

hi all.
I was able to resolve the issue by changing the public key format to pkck#11.
thank you.

0 Kudos
keiji_niwa
Novice
1,988 Views

This is a correction.
pkcs#11 is wrong
The correct name is pkcs#8.

0 Kudos
Sahira_Intel
Moderator
1,919 Views

Hi,

I recommend opening a ticket in the official EHSM Github: https://github.com/intel/ehsm/issues


Sincerely,

Sahira


0 Kudos
Reply