Just an update, when i generate the key inside the card, the result of
"pkcs11-tool --test --login " is better:
result2.txt
i'll see if it changes the authentication
2009/10/4 gilles Bernabé <gilles.bern...@gmail.com>
> Hi,
>
> Ok thanks João,
> i think peter understood,
> here's the two screens:
> when i load the cert on the card :[1] , this time it's OID2.5.0.10
> when i load the cert in the browser using a ".p12": [2]
>
> only the second issue is a success.
>
> Yes i have initialized the pins like in [3] , with the command :
> opensc-tool -s 00:A4:04:00:06:A0:00:00:00:01:01 -s
> B0:2A:00:00:38:08:4D:75:73:63:6C:65:30:30:04:01:08:30:30:30:30:30:30:30:30:08:30:30:30:30:30:30:30:30:05:02:08:30:30:30:30:30:30:30:30:08:30:30:30:30:30:30:30:30:00:00:17:70:00:02:01and
>
>
> then :
> pkcs15-init -EC -p pkcs15+onepin
>
> result of " pkcs11-tool --test --login " is in result.txt
>
> i realized there was the source code i was looking for: [4] , first i'll
> read this big thread, and try to compile the cardlet with ant, i think it
> should help me to get a better result.txt, i was working with an old .ijc of
> [3]...
> i'll also take a more recent Opensc version, i have the 0.11.4 of the
> synaptic in ubuntu.
> i'll give you some news , thanks
>
> Gilles
>
> [1]: http://img202.imageshack.us/img202/6841/screen1q.jpg
> [2]: http://img242.imageshack.us/img242/9206/screen2s.jpg
> [3]: http://www.opensc-project.org/opensc/wiki/Cyberflex
> [4]: http://lists.drizzle.com/pipermail/muscle/2009-May/007644.html
>
>
> 2009/10/4 João Poupino <joao.poup...@ist.utl.pt>
>
> Hi,
>>
>> On Oct 4, 2009, at 14:21, Peter Stuge wrote:
>>
>> > João Poupino wrote:
>> >>> i've got "OID.2.5.4.0" on the card and just "O" (for organisation)
>> >>> when i load it in the webbrowser in format pkcs12, but the values
>> >>> associated to this field organisation are the same and all the rest
>> >>> is the same.
>> >>
>> >> I don't think I understood this cleary, could you please clarify?
>> >>
>> >> What certificate attributes and values to you see on the card?
>> >> What certificate attributes and values do you see when you load it
>> >> in firefox?
>> >
>> > As I understand it, the one certificate is shown completely correctly
>> > when using a .p12 and it also functions correctly, but when the
>> > certificate is on the card Firefox does not display the O part of the
>> > DN, and instead the numeric OID 2.5.4.0 (with the correct organization
>> > data). I don't know what that numeric OID actually means, if anything.
>> >
>> > My guess was an error in producing or parsing ASN.1.
>> >
>> Ok, got it. All else being equal, the O attribute is different.
>> According to [1], 2.5.4.0 is just "objectClass". Organization should
>> be 2.5.4.10.
>>
>> [1] - http://www.oid-info.com/
>>
>> > It would be helpful to display the certificate attributes also using
>> > something other than Firefox/NSS, e.g. the OpenSSL engine or via p11.
>> >
>> >
>> > //Peter
>> > _______________________________________________
>> > opensc-devel mailing list
>> > opensc-devel@lists.opensc-project.org
>> > http://www.opensc-project.org/mailman/listinfo/opensc-devel
>>
>> _______________________________________________
>> opensc-devel mailing list
>> opensc-devel@lists.opensc-project.org
>> http://www.opensc-project.org/mailman/listinfo/opensc-devel
>>
>
>
o...@admin1-laptop:~/JavaCard_SDK2# pkcs11-tool --test --login
Please enter User PIN:
C_SeedRandom() and C_GenerateRandom():
not implemented
Digests:
all 4 digest functions seem to work
MD5: OK
SHA-1: OK
RIPEMD160: OK
Signatures (currently only RSA signatures)
testing key 0 (Private Key)
all 4 signature functions seem to work
testing signature mechanisms:
RSA-X-509: OK
RSA-PKCS: OK
SHA1-RSA-PKCS: OK
MD5-RSA-PKCS: OK
RIPEMD160-RSA-PKCS: OK
Verify (currently only for RSA):
testing key 0 (Private Key)
RSA-X-509: OK
RSA-PKCS: OK
SHA1-RSA-PKCS: OK
MD5-RSA-PKCS: OK
RIPEMD160-RSA-PKCS: OK
Key unwrap (RSA)
testing key 0 (Private Key) -- can't be used to unwrap, skipping
Decryption (RSA)
testing key 0 (Private Key) -- can't be used to decrypt, skipping
Testing card detection
Please press return to continue, x to exit:
Available slots:
Slot 0 SCM SDI 010 00 00
token label: MUSCLE (User PIN)
token manuf: Identity Alliance
token model: PKCS #15 SCard
token flags: rng, login required, PIN initialized, token initialized
serial num : 0000
Slot 1 (empty)
Slot 2 (empty)
Slot 3 (empty)
Slot 4 (empty)
Slot 5 (empty)
Slot 6 (empty)
Slot 7 (empty)
_______________________________________________
opensc-devel mailing list
opensc-devel@lists.opensc-project.org
http://www.opensc-project.org/mailman/listinfo/opensc-devel
