Decrypt Sender´s Encrypted Message (Windows) | Utimaco Integration Guides

Decrypt the encryptedsignedmessage.txt using the receiver’s private key

›_ Console

C:\OpenSSL-Win64\bin>openssl cms -engine pkcs11 -decrypt -in C:\localCA\encryptedsignedmessage.txt -inkey "pkcs11:token=SSLCert;object=ReceiverKey" -keyform engine -out C:\localCA\decryptedsignedmessage.txt

Figure 52: Openssl decrypt command output

Here SSLCert is the token label and ReceiverKey is the key on the HSM. Provide Cryptouser PIN when prompted.

Using ECC key, only sign and verify operations can be performed with OpenSSL3.Encryption and decryption operation are not supported in this version for ECC Key.