Bug 49535

Summary: Failed to set 'dynamic' engine
Product: Sisyphus Reporter: Aleksandr Sysoev <sysoevas>
Component: osslsigncodeAssignee: Николай Костригин <nickel>
Status: NEW --- QA Contact: qa-sisyphus
Severity: normal    
Priority: P5 CC: nickel
Version: unstable   
Hardware: x86_64   
OS: Linux   

Description Aleksandr Sysoev 2024-02-27 20:31:50 MSK 
workstation-10.1-x86-64 обновленный до sisyphus
Версия: osslsigncode-2.7-alt1.x86_64

Попытаться подписать .efi файл:
$ osslsigncode sign \
-pkcs11engine /usr/lib64/openssl/engines-1.1/libpkcs11.so \
-pkcs11module /usr/lib64/librtpkcs11ecp.so \
-certs ./SIGN_KEY.pub \
-key 42 \
-t http://timestamp.sectigo.com \
-n "Test Sign File" \
-i "https://www.basealt.ru/" \
-pass 12345678 \
-in elilo.efi \
-out sign_elilo.efi


Ожидаемый результат:
$ osslsigncode sign -pkcs11engine /usr/lib64/openssl/engines-1.1/libpkcs11.so -pkcs11module /usr/lib64/librtpkcs11ecp.so -certs ./SIGN_KEY.pub -key 42 -t http://timestamp.sectigo.com -n "Test Sign File" -i "https://www.basealt.ru/" -pass 12345678 -in elilo.efi -out sign_elilo.efi
Engine "pkcs11" set.
Succeeded

Реальный результат:
$ osslsigncode sign -pkcs11engine /usr/lib64/openssl/engines-1.1/libpkcs11.so -pkcs11module /usr/lib64/librtpkcs11ecp.so -certs ./SIGN_KEY.pub -key 42 -t http://timestamp.sectigo.com -n "Test Sign File" -i "https://www.basealt.ru/" -pass 12345678 -in elilo.efi -out sign_elilo.efi
bad engine id
Failed to set 'dynamic' engine
Failed to read key or certificates
140287324608576:error:260B606D:engine routines:dynamic_load:init failed:crypto/engine/eng_dyn.c:507:
Failed

См. так-же: https://github.com/mtrojnar/osslsigncode/issues/180