>> Your assumption was wrong! >> > > Which command and parameters do you use to write the objects to the > card? I'm using the current version from trunk, and there the behaviour > is different. > 1. Generate a key file. I used: - dd if=/dev/random of=~/master-key bs=1 count=2048 - dd if=~/master-key of=~/key256 bs=1 count=256 - dd if=~/master-key of=~/key512 bs=1 count=512 seek=256 - dd if=~/master-key of=/key1k bs=1 count=1024 seek=768
2. Copy key files to token: [z...@test1 ~]$pkcs15-init -W ~/key256 --application-name LUKS256 --auth-id 01 (at the prompt specify and verify your PIN - it should be your auth-id 01 PIN) [z...@test1 ~]$pkcs15-init -W ~/key1k --application-name LUKS1k --auth-id 02 (at the prompt specify and verify your PIN - it should be your auth-id 02 PIN) [z...@test1 ~]$pkcs15-init -W ~/key512 --application-name LUKS-Pub 3. Enjoy! The first two keys are private, the last one is public and readily viewable. The above assumes that auth-id 01 and 02 already exist. > Therefore it is possible, that I'm using the wrong parameters to create > objects or something has changed in the trunk version. Anyway, all my > objects are readable without pin-verification. > I am using the version I've downloaded and compiled as per your kind instructions. I think I downloaded it from the main OpenSC project site (though from what I remember the links were messed up somewhat and even though the link on the page was telling me that I am downloading the newest version the actual .tar.gz file was for a version, which was 2 or 3 revisions old so I had to go directly to the ftp server to do it). _______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
