Hum, my first idea it's to add 'sc_pkcs15init_set_callbacks' somewhere in
opensc-pkcs11.dll (in framework-pkcs15.c for example)... but like I'm not a specialist of pkcs11 I'd rather wait to have opinion of someone who know what he do. So for the moment I hope pkcs11 expert to have a look. 'pkcs15-init' provide it's own function to get pin and ask for pin when necessary, for opensc-pkcs11 the pin is given by application so we can't provide function to ask pin. I think we can cache pin at login and call 'sc_pkcs15init_set_callbacks' to set functions to retrieve pin back but what about security and so-pin... François. >-----Message d'origine----- >De : Aventra development [mailto:developm...@aventra.fi] >Envoyé : mercredi 18 novembre 2009 15:13 >À : 'opensc-devel (opensc-devel)' >Cc : François Leblanc >Objet : RE: [opensc-devel] Difference betwen pkcs15-init/pkcs11-tool >generate >key . > >Hi! > >I have the same issue with 0.11.11 version.. just traced the problem to the >same place. >Any ideas what is wrong? > >Regards, >Toni > >> -----Original Message----- >> From: François Leblanc >> >> I try to use more pkcs11-tool since I guess pkcs11 will be the standard >way >> for use opensc >> >> and I can't generate key with pkcs11. I notice that pkcs15-init call >> 'sc_pkcs15init_set_callbacks' >> >> and pkcs11-tool not and is why "do_get_and_verify_secret" fails later. >> >> Does someone use pkcs11-tool to generate key pairs on cards without >so-pin, >> and does it works? >> >> François. _______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
