Рутокен ЭЦП создать пару ГОСТ-2012 в ключе и запрос PKCS#10
Добрый день. Сначала решил попробовать по инструкции OpenSSL ГОСТ - Сценарии применения - Генерация ключевой пары ГОСТ Р 34.10-2001:
$openssl genpkey -engine pkcs11_gost -algorithm GOST2001 -pkeyopt key_id:50 -pkeyopt paramset:A -pkeyopt pin:12345678
invalid engine "pkcs11_gost"
140344657991488:error:25066067:DSO support routines:dlfcn_load:could not load the shared library:crypto/dso/dso_dlfcn.c:113:filename(/usr/lib64/engines-1.1/pkcs11_gost.so): /usr/lib64/engines-1.1/pkcs11_gost.so: cannot open shared object file: No such file or directory
140344657991488:error:25070067:DSO support routines:DSO_load:could not load the shared library:crypto/dso/dso_lib.c:161:
140344657991488:error:260B6084:engine routines:dynamic_load:dso not found:crypto/engine/eng_dyn.c:414:
140344657991488:error:2606A074:engine routines:ENGINE_by_id:no such engine:crypto/engine/eng_list.c:341:id=pkcs11_gost
140344657991488:error:25066067:DSO support routines:dlfcn_load:could not load the shared library:crypto/dso/dso_dlfcn.c:113:filename(libpkcs11_gost.so): libpkcs11_gost.so: cannot open shared object file: No such file or directory
140344657991488:error:25070067:DSO support routines:DSO_load:could not load the shared library:crypto/dso/dso_lib.c:161:
140344657991488:error:260B6084:engine routines:dynamic_load:dso not found:crypto/engine/eng_dyn.c:414:
genpkey: Error setting key_id:50 parameter:
О системе:
$cat /etc/fedora-release
Fedora release 28 (Twenty Eight)
$openssl version
OpenSSL 1.1.0h-fips 27 Mar 2018
$openssl engine -v -t -c
(rdrand) Intel RDRAND engine
[RAND]
[ available ]
(dynamic) Dynamic engine loading support
[ unavailable ]
SO_PATH, NO_VCHECK, ID, LIST_ADD, DIR_LOAD, DIR_ADD, LOAD
(gost) Reference implementation of GOST engine
[gost89, gost89-cnt, gost89-cnt-12, gost89-cbc, grasshopper-ecb, grasshopper-cbc, grasshopper-cfb, grasshopper-ofb, grasshopper-ctr, md_gost94, gost-mac, md_gost12_256, md_gost12_512, gost-mac-12, gost2001, gost-mac, gost2012_256, gost2012_512, gost-mac-12]
[ available ]
CRYPT_PARAMS, PBE_PARAMS, GOST_PK_FORMAT
(rtengine) Rutoken engine
[gost89, gost89-cnt, gost89-cnt-12, gost89-cbc, md_gost94, gost-mac, md_gost12_256, md_gost12_512, gost-mac-12, gost2001, gost-mac, gost2012_256, gost2012_512, gost-mac-12]
[ available ]
MODULE_PATH, RAND_TOKEN
$pkcs11-tool --module /usr/lib64/engines-1.1/librtpkcs11ecp.so -T
Available slots:
Slot 0 (0x0): Aktiv Rutoken ECP 00 00
token label :
token manufacturer : Aktiv Co.
token model : Rutoken ECP
token flags : login required, rng, SO PIN to be changed, token initialized, PIN initialized, user PIN to be changed
hardware version : 20.5
firmware version : 23.0
serial num : 324d79b8
pin min/max : 4/32
Подскажите, пожалуйста, в чём может быть причина ошибки?