Am Dienstag, den 13.03.2007, 22:17 +0100 schrieb Andreas Jellinghaus: > Am Dienstag, 13. März 2007 17:40 schrieb Simon Eisenmann: > > i today recieved the PINs for my ne D-TRUST 2048 Bit signature card > > which seems to use Siemens CardOS 4.3B. I can read the certificates and > > keys from the card using opensc tools perfectly. > > > > Though there is a problem when creating a signature (opensc svn trunk). > > a) which version of trunk exactly? what card reader are you using? > we did some changes recently that might break things - but I think > it only affects cards that can only do t=0 with some readers, so it shouldn't > be a problem for you.
The trunk revision is r3128 (checked out yesterday) and the card reader
is an SCM SPR 532 (ccid) using openct 0.6.8 as middleware. I also tested
with SCR333 which gives the same result.
> so my wild guess is: can that key be used for both signing and decryption
> (check with pkcs11-tool or pkcs15-tool) ?
There are two keys on this card.
# pkcs15-tool -k
Private RSA Key [D-TRUST Authentication Key]
Com. Flags : 1
Usage : [0x26], decrypt, sign, unwrap
Access Flags: [0x0]
ModLength : 2048
Key ref : 1
Native : yes
Path : 3f00501550724b01
Auth ID : 01
ID : 029b765eeb64c1c12e9584b9c782d0dc
Private RSA Key [SigG Signature Key]
Com. Flags : 1
Usage : [0x204], sign, nonRepudiation
Access Flags: [0x0]
ModLength : 2048
Key ref : 2
Native : yes
Path : 3f001fff
Auth ID : 04
ID : 000102030405060708090a0b0c0d0e0f
I have been using the second key.
Best regards,
Simon
--
Simon Eisenmann
[ mailto:[EMAIL PROTECTED] ]
[ struktur AG | Kronenstraße 22a | D-70173 Stuttgart ]
[ T. +49.711.896656.68 | F.+49.711.89665610 ]
[ http://www.struktur.de | mailto:[EMAIL PROTECTED] ]
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
