-
Type:
Bug
-
Status: Closed
-
Priority:
Minor
-
Resolution: Fixed
-
Affects Version/s: SoftHSM 2.0.0a2
-
Fix Version/s: SoftHSM 2.x develop
-
Component/s: PKCS#11 Interface
-
Labels:None
-
Environment:
Linux
file-backed object store
openssl crypto backend (version 1.0.1g)
After performing an ECDH, and attempting to print out the derived result, I get the following error:
OSSLEVPSymmetricAlgorithm.cpp(360): EVP_DecryptFinal failed (0x00000000)
P11Attributes.cpp(269): Internal error: failed to decrypt private attribute value
See the attached source file (softhsm2-bug.c) to reproduce the problem. (config.h is also attached for reference.)
Run:
softhsm2-util --init-token --slot 0 --label test --so-pin 1234 --pin 1234
./softhsm2-bug
The problem occurs on line 405 of my source file (call to C_GetAttributeValue).
If I uncomment line 372 of my attached source file, which sets the CKA_PRIVATE attribute to false (thereby avoiding encrypting the object), then the error goes away.
The error originates from OpenSSL (v1.0.1g):
file: evp_enc.c
function: EVP_DecryptFinal_ex
line: 539
reason: EVP_R_BAD_DECRYPT