On Tue, 2010-11-02 at 01:40 +0000, Mr Dash Four wrote: > >> pkcs15-tool -r 1f645352 | grep -v '\-' | base64 -d > > Nope! It does not work even if I add the '-i' option on base64 - it > > generates more data - the resulting file is larger than the key > > itself. Key size is 256 bytes, output (encoded) is 384 bytes. > Got it working in pkcs15-tool as well, though it required a bit of > playing around with it: "pkcs15-tool -R <applicationID/label> -o > /dev/stderr > /dev/null" and then use stderr to gather the actual data. > Redirection to /dev/null was needed as it still shows the data in > 'user-friendly' format.
@ALL: The 'pkcs15-tool' should possibly be changed to output the raw data as its default. That would not be that strange, because the unix command 'cat' does exactly the same. Therefore users should be prepared for it. @MDF: Before making even more effort on storing data objects, you should definitely check if these objects are really private. My assumption is, they are not. $pkcs15-tool -C ... Path: 3f0050153303 (read 3f00/5015/3303) ... $opensc-explorer OpenSC [3F00]> cd 5015 OpenSC [3F00/5015]> cat 3303 ... File dump comes here, without pin verification !!!!! ... OpenSC [3F00/5015]> exit _______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
