[xmlsec] PKCS11 - Key not found

Aleksey Sanin aleksey at aleksey.com
Sun Sep 17 12:58:48 PDT 2017

The best approach would be to call RSA_set_flags(rsa, RSA_FLAG_EXT_PKEY)
from your code when you load the key (if you are sure this is a private


On 9/17/17 9:46 AM, Pablo Gabriel Gallardo wrote:
> 2017-09-14 16:11 GMT-03:00 Aleksey Sanin <aleksey at aleksey.com
> <mailto:aleksey at aleksey.com>>:
>     Just a heads up that I've got a report that this change
>     cause problems for other users. I will be rolling it back
>     (and I still don't have a good way to determine RSA key
>     type).
> Hello Aleksey!
> I'm sorry to hear that :(. I depend of that condition to sign xml
> documents with smartkeys.
> I'll investigate to check what else can we do to determine whether an
> EVP_PKEY is private or not. I'm not an OpenSSL expert but I want to help
> with that.
> Regards,
> Pablo G. Gallardo

More information about the xmlsec mailing list