On Tue, 2010-11-02 at 20:10 +0000, Mr Dash Four wrote: > >> Your assumption was wrong! > >> > > > > Which command and parameters do you use to write the objects to the > > card? I'm using the current version from trunk, and there the behaviour > > is different. > > > 1. Generate a key file. I used: > - dd if=/dev/random of=~/master-key bs=1 count=2048 > - dd if=~/master-key of=~/key256 bs=1 count=256 > - dd if=~/master-key of=~/key512 bs=1 count=512 seek=256 > - dd if=~/master-key of=/key1k bs=1 count=1024 seek=768
For what kind of algorithm are these keys? They are very large. > 2. Copy key files to token: > [z...@test1 ~]$pkcs15-init -W ~/key256 --application-name LUKS256 > --auth-id 01 > (at the prompt specify and verify your PIN - it should be your auth-id > 01 PIN) > > [z...@test1 ~]$pkcs15-init -W ~/key1k --application-name LUKS1k --auth-id 02 > (at the prompt specify and verify your PIN - it should be your auth-id > 02 PIN) > > [z...@test1 ~]$pkcs15-init -W ~/key512 --application-name LUKS-Pub OK, I'm using almost the same command: pkcs15-init -W CIAInfo.bin --application-id "1.2.3" -l "MyObject" -a 01 > > Therefore it is possible, that I'm using the wrong parameters to create > > objects or something has changed in the trunk version. Anyway, all my > > objects are readable without pin-verification. > > > I am using the version I've downloaded and compiled as per your kind > instructions. I think I downloaded it from the main OpenSC project site > (though from what I remember the links were messed up somewhat and even > though the link on the page was telling me that I am downloading the > newest version the actual .tar.gz file was for a version, which was 2 or > 3 revisions old so I had to go directly to the ftp server to do it). You are using the latest official release, which is 0.11.13 (opensc-explorer states that). But development goes on in a version called trunk. Someday in the future, trunk will become the next official release. For your purpose using 0.11.13 is fine. But if you want to test trunk, then execute: svn co http://www.opensc-project.org/svn/opensc/trunk opensc _______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
