This was copied and modified from The OpenSC Quickstart. Execute the following commands:
$ openssl OpenSSL> engine -t dynamic -pre SO_PATH:/usr/lib/engines/engine_pkcs11.so \ -pre ID:pkcs11 -pre LIST_ADD:1 -pre LOAD \ -pre MODULE_PATH:/usr/lib/opensc-pkcs11.so OpenSSL> req -engine pkcs11 -new -key id_45 -keyform engine -out req.pem -text OpenSSL> exit $
pkcs12 -in certificate.crt -out certificate.p12 -export -nokeys
Feed the commands below to openssl:
genrsa -out rsa.key 1024 rsa -inform PEM -in rsa.key -pubout -out rsa.pub -outform PEM rand -out data.bin 32 rsautl -encrypt -in data.bin -pubin -inkey rsa.pub -out data.enc -pkcs rsautl -decrypt -in data.enc -keyform PEM -inkey rsa.key -out data.dec -pkcs dgst -sha1 -hex -c data.bin dgst -sha1 -hex -c data.dec exit
Feed the commands below to openssl:
engine -t dynamic -pre SO_PATH:/usr/lib/engines/engine_pkcs11.so -pre ID:pkcs11 -pre LIST_ADD:1 -pre LOAD -pre MODULE_PATH:/usr/lib/opensc-pkcs11.so rsa -inform engine -in id_45 -pubout -out rsa.pub -outform PEM -engine pkcs11 rand -out data.bin 32 rsautl -encrypt -in data.bin -pubin -inkey rsa.pub -out data.enc -pkcs rsautl -decrypt -in data.enc -keyform engine -inkey id_45 -out data.dec -pkcs -engine pkcs11 dgst -sha1 -hex -c data.bin dgst -sha1 -hex -c data.dec exit