Just an update, when i generate the key inside the card, the result of "pkcs11-tool --test --login " is better: result2.txt i'll see if it changes the authentication
2009/10/4 gilles Bernabé <gilles.bern...@gmail.com> > Hi, > > Ok thanks João, > i think peter understood, > here's the two screens: > when i load the cert on the card :[1] , this time it's OID2.5.0.10 > when i load the cert in the browser using a ".p12": [2] > > only the second issue is a success. > > Yes i have initialized the pins like in [3] , with the command : > opensc-tool -s 00:A4:04:00:06:A0:00:00:00:01:01 -s > B0:2A:00:00:38:08:4D:75:73:63:6C:65:30:30:04:01:08:30:30:30:30:30:30:30:30:08:30:30:30:30:30:30:30:30:05:02:08:30:30:30:30:30:30:30:30:08:30:30:30:30:30:30:30:30:00:00:17:70:00:02:01and > > > then : > pkcs15-init -EC -p pkcs15+onepin > > result of " pkcs11-tool --test --login " is in result.txt > > i realized there was the source code i was looking for: [4] , first i'll > read this big thread, and try to compile the cardlet with ant, i think it > should help me to get a better result.txt, i was working with an old .ijc of > [3]... > i'll also take a more recent Opensc version, i have the 0.11.4 of the > synaptic in ubuntu. > i'll give you some news , thanks > > Gilles > > [1]: http://img202.imageshack.us/img202/6841/screen1q.jpg > [2]: http://img242.imageshack.us/img242/9206/screen2s.jpg > [3]: http://www.opensc-project.org/opensc/wiki/Cyberflex > [4]: http://lists.drizzle.com/pipermail/muscle/2009-May/007644.html > > > 2009/10/4 João Poupino <joao.poup...@ist.utl.pt> > > Hi, >> >> On Oct 4, 2009, at 14:21, Peter Stuge wrote: >> >> > João Poupino wrote: >> >>> i've got "OID.2.5.4.0" on the card and just "O" (for organisation) >> >>> when i load it in the webbrowser in format pkcs12, but the values >> >>> associated to this field organisation are the same and all the rest >> >>> is the same. >> >> >> >> I don't think I understood this cleary, could you please clarify? >> >> >> >> What certificate attributes and values to you see on the card? >> >> What certificate attributes and values do you see when you load it >> >> in firefox? >> > >> > As I understand it, the one certificate is shown completely correctly >> > when using a .p12 and it also functions correctly, but when the >> > certificate is on the card Firefox does not display the O part of the >> > DN, and instead the numeric OID 2.5.4.0 (with the correct organization >> > data). I don't know what that numeric OID actually means, if anything. >> > >> > My guess was an error in producing or parsing ASN.1. >> > >> Ok, got it. All else being equal, the O attribute is different. >> According to [1], 2.5.4.0 is just "objectClass". Organization should >> be 2.5.4.10. >> >> [1] - http://www.oid-info.com/ >> >> > It would be helpful to display the certificate attributes also using >> > something other than Firefox/NSS, e.g. the OpenSSL engine or via p11. >> > >> > >> > //Peter >> > _______________________________________________ >> > opensc-devel mailing list >> > opensc-devel@lists.opensc-project.org >> > http://www.opensc-project.org/mailman/listinfo/opensc-devel >> >> _______________________________________________ >> opensc-devel mailing list >> opensc-devel@lists.opensc-project.org >> http://www.opensc-project.org/mailman/listinfo/opensc-devel >> > >
o...@admin1-laptop:~/JavaCard_SDK2# pkcs11-tool --test --login Please enter User PIN: C_SeedRandom() and C_GenerateRandom(): not implemented Digests: all 4 digest functions seem to work MD5: OK SHA-1: OK RIPEMD160: OK Signatures (currently only RSA signatures) testing key 0 (Private Key) all 4 signature functions seem to work testing signature mechanisms: RSA-X-509: OK RSA-PKCS: OK SHA1-RSA-PKCS: OK MD5-RSA-PKCS: OK RIPEMD160-RSA-PKCS: OK Verify (currently only for RSA): testing key 0 (Private Key) RSA-X-509: OK RSA-PKCS: OK SHA1-RSA-PKCS: OK MD5-RSA-PKCS: OK RIPEMD160-RSA-PKCS: OK Key unwrap (RSA) testing key 0 (Private Key) -- can't be used to unwrap, skipping Decryption (RSA) testing key 0 (Private Key) -- can't be used to decrypt, skipping Testing card detection Please press return to continue, x to exit: Available slots: Slot 0 SCM SDI 010 00 00 token label: MUSCLE (User PIN) token manuf: Identity Alliance token model: PKCS #15 SCard token flags: rng, login required, PIN initialized, token initialized serial num : 0000 Slot 1 (empty) Slot 2 (empty) Slot 3 (empty) Slot 4 (empty) Slot 5 (empty) Slot 6 (empty) Slot 7 (empty)
_______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel