Hello everyone, Currently, I'm having some trouble with usage of starcos spk 2.4 cards and opensc. I used to have no problem, and I don't know where exactly the problem is.
Here what's happening: I have an aplicattion that use's pkcs15-init to initialize cards and then it codes directly against PKCS#11 API (and opensc-pkcs11.so module) to use the card (generete keys, sign, etc). I have no problems with the initialization (I use system calls): #pkcs15-init -C (ok) #pkcs15-init --store-pin --auth-id 01 --label some-label (ok) And then, if I try to generate keys through PKCS#11 API (with C_GenerateKeyPair), I get CKR_GENERAL_ERROR. The weird thing is that everything used to work in the past =p. Also, if I try to generate keys using pkcs11-tool, I get the same error. For example, if I do: #pkcs11-tool --login -k (error: PKCS11 function C_GenerateKeyPair failed: rv = CKR_GENERAL_ERROR (0x5)) On the other side, if I use pkcs15-init to generate a key pair: #pkcs15-init -G rsa/1024 --auth-id ff --label "My Private Key" --public-key-label "My Public Key" It does generate the key-pair. However, if I try to do something with pkcs11-tool, with the generated key, like #pkcs11-tool --sign -i i_file -o signature I get the following erros: Please enter User PIN: Using signature algorithm RSA-PKCS [opensc-pkcs11] iso7816.c:99:iso7816_check_sw: Security status not satisfied [opensc-pkcs11] card-starcos.c:1136:starcos_set_security_env: returning with: Security status not satisfied [opensc-pkcs11] sec.c:67:sc_set_security_env: returning with: Security status not satisfied [opensc-pkcs11] pkcs15-sec.c:267:sc_pkcs15_compute_signature: sc_set_security_env() failed: Security status not satisfied [opensc-pkcs11] iso7816.c:99:iso7816_check_sw: Security status not satisfied [opensc-pkcs11] card-starcos.c:1136:starcos_set_security_env: returning with: Security status not satisfied [opensc-pkcs11] sec.c:67:sc_set_security_env: returning with: Security status not satisfied [opensc-pkcs11] pkcs15-sec.c:267:sc_pkcs15_compute_signature: sc_set_security_env() failed: Security status not satisfied error: PKCS11 function C_SignFinal failed: rv = CKR_USER_NOT_LOGGED_IN (0x101) It appears to be a problem with opensc-pkcs11 module and starcos spk 2.4, because when using pkcs15 tools directly, no errors are prone. I can't tell exactly what my system were when it used to work, but it was 1 or 2 versions back of ubuntu 32-bit and that time repository versions of opensc and pcscd (installed via apt-get) Now I'm using ubuntu 10.10 32-bit and current versions of opensc and pcscd repository versions, which are 0.11.13-1ubuntu2.1 for opensc and 0.11.13-1ubuntu2.1 for pcscd. best regards. Felipe Menegola Blauth
_______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
