Intel® Software Guard Extensions (Intel® SGX)
Discussion board focused on hardware-based isolation and memory encryption to provide extended code protection in solutions.
1540 Discussions

"unable to load public key" error on openssl1.1.1f

keiji_niwa
Novice
‎09-26-2023 02:19 AM
2,258 Views
Solved Jump to solution

Hi all
I try to perform encryption using the public key obtained using eHSM-KMS getpublickey API.
However, in my environment, the encryption fails with "unable to load Public key". my environment using openssl1.1.1f.

Encryption succeeds in other environments. This environment uses openssl3.0.2.

What causes encryption to fail with an "unable to load public key" error in openssl1.1.1f environment?

Regards,
keiji_niwa

0 Kudos
1 Solution
keiji_niwa
Novice
‎10-20-2023 12:58 AM
2,010 Views
Solved Jump to solution
In response to keiji_niwa

This is a correction.
pkcs#11 is wrong
The correct name is pkcs#8.

View solution in original post

In response to keiji_niwa
0 Kudos
Copy link

Link Copied

5 Replies
Iffa_Intel
Moderator
‎10-03-2023 07:23 PM
2,146 Views
Solved Jump to solution

Hi,


could you clarify if there is a specific reason you are using OpenSSL 1.1.1?



Cordially,

Iffa


0 Kudos
Copy link
keiji_niwa
Novice
‎10-04-2023 03:15 AM
2,134 Views
Solved Jump to solution
In response to Iffa_Intel

Hi,
eHSM-KMS supports OpenSSL1.1.1.

eHSM-KMS in our environment also uses OpenSSL1.1.1.

Therefore, we decided to use OpenSSL1.1.1 for encryption.

thank you.

In response to Iffa_Intel
0 Kudos
Copy link
keiji_niwa
Novice
‎10-20-2023 12:54 AM
2,010 Views
Solved Jump to solution

hi all.
I was able to resolve the issue by changing the public key format to pkck#11.
thank you.

0 Kudos
Copy link
keiji_niwa
Novice
‎10-20-2023 12:58 AM
2,011 Views
Solved Jump to solution
In response to keiji_niwa

This is a correction.
pkcs#11 is wrong
The correct name is pkcs#8.

In response to keiji_niwa
0 Kudos
Copy link
Sahira_Intel
Moderator
‎10-24-2023 12:30 PM
1,942 Views
Solved Jump to solution

Hi,

I recommend opening a ticket in the official EHSM Github: https://github.com/intel/ehsm/issues


Sincerely,

Sahira


0 Kudos
Copy link
Reply

Community support is provided Monday to Friday. Other contact methods are available here.

Intel does not verify all solutions, including but not limited to any file transfers that may appear in this community. Accordingly, Intel disclaims all express and implied warranties, including without limitation, the implied warranties of merchantability, fitness for a particular purpose, and non-infringement, as well as any warranty arising from course of performance, course of dealing, or usage in trade.

For more complete information about compiler optimizations, see our Optimization Notice.