oh, and can you run pkcs15-tool --dump? I wonder: how many PIN objects are there?
if you have for example a super user (soPIN) and a normal user (PIN), then using the onepin variant of opensc-pkcs11.so won't work properly I guess. also it would explain, why you get those errors: if you log in with PIN and try to create a new object, but soPIN is required to do that, then of course you get an error. if that is the case, and opensc throws CKR_USER_ALREADY_LOGGED_IN that is propably the wrong return code, and doesn't reflect the situation correctly. and I wonder: can you show us a pkcs11-spy log file of your tokentool application with that commercial pkcs#11 library? how does it behave? would be nice so we can easily compare side to side. both tokentool pkcs11-spy.txt files refer onepin-opensc-pkcs11.so, but do different things. did you run tokentool with different parameters to create those? can you run both with opensc-pkcs11.so (no onepin) and with the commercial lib for reference? Thanks, Andreas _______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
