Breadcrumbs

Decrypt Sender´s Message (Linux)

  1. Decrypt the encryptedsignedmessage.txt using the receiver’s private key

›_ Console

 
# openssl cms -engine pkcs11 -decrypt -in encryptedsignedmessage.txt - inkey "pkcs11:token=SSLCert1;object=ReceiverKey" -keyform engine -out decryptedsignedmessage.txt
tmp90yvt0pg.jpg

Figure 32: Openssl decrypt command output

Here SSLCert1 is the token label and ReceiverKey is the key on the HSM. Provide Cryptouser PIN when prompted.

Using ECC key, only sign and verify operations can be performed with OpenSSL3.Encryption and decryption operation are not supported in this version for ECC Key.