Breadcrumbs

Decrypt Sender's Message

1. Decrypt the encryptedsignedmessage.txt using the receiver’s private key

›_ Console

 
# openssl cms -engine pkcs11 -decrypt -in encryptedsignedmessage.txt - inkey "pkcs11:token=OpensslSlot;object=ReceiverKey" -keyform engine -out decryptedsignedmessage.txt
tmpws4la8dc.jpg

Figure 36: Openssl decrypt command output

Here, OpensslSlot is the token label and ReceiverKey is the key on the HSM. Provide Cryptouser PIN when prompted.