Wolfgang Glas wrote: ...
The first problem I have been faced with is, taht I could not present both the user and the SO PIN to the toekn using C_Login. I cirumvented this by applying the attached patch to opensc.
not sure if I really understand what you are trying to do but according to pkcs11 is not allowed to have a SO and a RW USER session simultaneously so if you need both session types you need to login as a user then logout and login as the SO user ...
But presenting both PINs to the token didn't cure all my problems, because afterwards the key generation fails with either CKR_USER_NOT_LOGGED_IN (logfile: opensc-0.11.2-pre3-keygen.log) of CKR_GENRAL_ERROR (logfile: opensc-0.11.2-pre3-keygen2.log) Needless to say, that pkcs15-init -G rsa/2048 -a 45 -a 1 -u digitalSignature,nonRepudiation -l privkey01 --public-key-label pubkey01 --so-pin=xxxxxxxx --pin=xxxxxxxx works flawlessly using my CardOS4.3b card.
that's because pkcs15-init caches the PINs (and doesn't use pkcs11) ;-)
What draws my attention to is, that pkcs15-init asks me for the SO PIN, the user PIN and once again for the SO PIN. So it might be a problem as simple as being able to present the SO PIN to the token again inside the implmentation of C_Login(). Does anybody have a good ides how to fix this problem ?
change the profile ? Cheers, Nils _______________________________________________ opensc-devel mailing list [email protected] http://www.opensc-project.org/mailman/listinfo/opensc-devel
