Bug 49535 - Failed to set 'dynamic' engine
Summary: Failed to set 'dynamic' engine
Status: NEW
Alias: None
Product: Sisyphus
Classification: Development
Component: osslsigncode (show other bugs)
Version: unstable
Hardware: x86_64 Linux
: P5 normal
Assignee: Николай Костригин
QA Contact: qa-sisyphus
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2024-02-27 20:31 MSK by Aleksandr Sysoev
Modified: 2024-02-27 20:31 MSK (History)
1 user (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Aleksandr Sysoev 2024-02-27 20:31:50 MSK 
workstation-10.1-x86-64 обновленный до sisyphus
Версия: osslsigncode-2.7-alt1.x86_64

Попытаться подписать .efi файл:
$ osslsigncode sign \
-pkcs11engine /usr/lib64/openssl/engines-1.1/libpkcs11.so \
-pkcs11module /usr/lib64/librtpkcs11ecp.so \
-certs ./SIGN_KEY.pub \
-key 42 \
-t http://timestamp.sectigo.com \
-n "Test Sign File" \
-i "https://www.basealt.ru/" \
-pass 12345678 \
-in elilo.efi \
-out sign_elilo.efi


Ожидаемый результат:
$ osslsigncode sign -pkcs11engine /usr/lib64/openssl/engines-1.1/libpkcs11.so -pkcs11module /usr/lib64/librtpkcs11ecp.so -certs ./SIGN_KEY.pub -key 42 -t http://timestamp.sectigo.com -n "Test Sign File" -i "https://www.basealt.ru/" -pass 12345678 -in elilo.efi -out sign_elilo.efi
Engine "pkcs11" set.
Succeeded

Реальный результат:
$ osslsigncode sign -pkcs11engine /usr/lib64/openssl/engines-1.1/libpkcs11.so -pkcs11module /usr/lib64/librtpkcs11ecp.so -certs ./SIGN_KEY.pub -key 42 -t http://timestamp.sectigo.com -n "Test Sign File" -i "https://www.basealt.ru/" -pass 12345678 -in elilo.efi -out sign_elilo.efi
bad engine id
Failed to set 'dynamic' engine
Failed to read key or certificates
140287324608576:error:260B606D:engine routines:dynamic_load:init failed:crypto/engine/eng_dyn.c:507:
Failed

См. так-же: https://github.com/mtrojnar/osslsigncode/issues/180