Here you go:
C:\Program Files\OpenVPN\share\openvpn-win32\config>pkcs15-tool
--list-keys
Using reader with a card: O2Micro CCID SC Reader 0
Private RSA Key [Private Key]
Object Flags : [0x3], private, modifiable
Usage : [0x4], sign
Access Flags : [0x1D], sensitive, alwaysSensitive,
neverExtract, local
ModLength : 2048
Key ref : 0 (0x0)
Native : yes
Path : 3f0050154b0130450012
Auth ID : 01
ID : 45
C:\Program Files\OpenVPN\share\openvpn-win32\config>pkcs15-tool
--list-certificates
Using reader with a card: O2Micro CCID SC Reader 0
X.509 Certificate [Certificate]
Object Flags : [0x2], modifiable
Authority : no
Path : 3f0050154545
ID : 45
Encoded serial : 02 01 02
C:\Program Files\OpenVPN\share\openvpn-win32\config>
On Fri, 30 Sep 2011 18:45:31 +0300, Alon Bar-Lev
<alon.bar...@gmail.com> wrote:
> ---
> 2011-09-30 12:05:15.330 [opensc-pkcs11]
> iso7816.c:103:iso7816_check_sw: Command incompatible with file
> structure
> 2011-09-30 12:05:15.330 [opensc-pkcs11]
> card-flex.c:1067:cryptoflex_compute_signature: Card returned error:
> -1200 (Card command failed)
> 2011-09-30 12:05:15.330 [opensc-pkcs11] sec.c:56:sc_compute_signature:
> returning with: -1200 (Card command failed)
> 2011-09-30 12:05:15.330 [opensc-pkcs11] card.c:330:sc_unlock: called
> 2011-09-30 12:05:15.330 [opensc-pkcs11]
> pkcs15-sec.c:380:sc_pkcs15_compute_signature: sc_compute_signature()
> failed: -1200 (Card command failed)
> 2011-09-30 12:05:15.330 [opensc-pkcs11] card.c:330:sc_unlock: called
> 2011-09-30 12:05:15.330 [opensc-pkcs11] reader-pcsc.c:548:pcsc_unlock: called
> 2011-09-30 12:05:15.330 [opensc-pkcs11]
> framework-pkcs15.c:2721:pkcs15_prkey_sign: Sign complete. Result
> -1200.
> 2011-09-30 12:05:15.330 [opensc-pkcs11]
> misc.c:59:sc_to_cryptoki_error_common: libopensc return value: -1200
> (Card command failed)
> 2011-09-30 12:05:15.330 [opensc-pkcs11] pkcs11-object.c:635:C_Sign:
> C_Sign() = CKR_GENERAL_ERROR
> ---
>
> What I also need is dump of the card content.
>
> Paste the output of
> pkcs15-tool --list-keys
> pkcs15-tool --list-certificates
>
> On Fri, Sep 30, 2011 at 1:16 PM, <busin...@reebs.org> wrote:
>> Here is the log with verb 255 and the associated OpenVPN log verb 255.
>>
>> Rgrds
>>
>> On Thu, 29 Sep 2011 22:42:35 +0300, Alon Bar-Lev
>> <alon.bar...@gmail.com> wrote:
>>> It should be opensc.conf somewhere that is pointed by registry.
>>> See the installation script.
>>>
>>> On Thu, Sep 29, 2011 at 10:34 PM, <busin...@reebs.org> wrote:
>>>> Ok I will do this, however how would I enable this log using the Builds
>>>> you provided?!
>>>>
>>>> Strange is also that while the first attempt, it asks twice for the
>>>> PIN, for the second and following connection attempts (I aborded here
>>>> not to loose start of log because of buffer limitations) it asks only
>>>> once...
>>>>
>>>> On Thu, 29 Sep 2011 21:13:52 +0300, Alon Bar-Lev
>>>> <alon.bar...@gmail.com> wrote:
>>>>> This is strange.
>>>>> The signature just fails
>>>>> I need opensc logs.
>>>>>
>>>>> It returns CKR_GENERAL_ERROR when tries to sign.
>>>>>
>>>>> On Thu, Sep 29, 2011 at 12:25 PM, <busin...@reebs.org> wrote:
>>>>>> So finally I managed to get the log. For some reasons today it worked
>>>>>> from command line allthough it did not in GUI. Probably some delay
>>>>>> caused by management interface which is interferring with OpenVPN when
>>>>>> log ammount is high...
>>>>>>
>>>>>> Anyway here is the file _(had to paste it from command prompt), hope
>>>>>> that helps!
>>>>>>
>>>>>> On Thu, 29 Sep 2011 11:00:57 +0300, Alon Bar-Lev
>>>>>> <alon.bar...@gmail.com> wrote:
>>>>>>> Well,
>>>>>>> I need log to be able to help.
>>>>>>> If th ui canno handle this, try without ui.
>>>>>>> This UI uses the management interface in order to provide the
>>>>>>> passphrase at port 11196.
>>>>>>> You can telnet this port and see management-notes.txt of how to work
>>>>>>> with it.
>>>>>>> Or.. To open a bug within the ui so it be able to enable more logging.
>>>>>>>
>>>>>>> On Wed, Sep 28, 2011 at 7:01 PM, <busin...@reebs.org> wrote:
>>>>>>>> This does not work.
>>>>>>>>
>>>>>>>> If I set Verb above 7 I get following loop under Command Line and GUI:
>>>>>>>>
>>>>>>>> http://imageshack.us/photo/my-images/829/unbenanntrg.jpg/
>>>>>>>>
>>>>>>>> until it fails.
>>>>>>>>
>>>>>>>> If I set "log filename.txt" in the configuration file and run from CLI,
>>>>>>>> it will go up to the point where pin is required but then fail as it
>>>>>>>> cannot get pin from stdin (btw using win32 version on win Xp and card
>>>>>>>> is
>>>>>>>> former Cryptoflex from gemalto):
>>>>>>>>
>>>>>>>>
>>>>>>>> On Wed, 28 Sep 2011 18:30:14 +0300, Alon Bar-Lev
>>>>>>>> <alon.bar...@gmail.com> wrote:
>>>>>>>>> set verb 255 and log to a file.
>>>>>>>>>
>>>>>>>>> On Wed, Sep 28, 2011 at 5:10 PM, <busin...@reebs.org> wrote:
>>>>>>>>>> Yes now download works!!!
>>>>>>>>>>
>>>>>>>>>> However still not able to connect.
>>>>>>>>>>
>>>>>>>>>> I tried both command line and GUI. Same issue:
>>>>>>>>>>
>>>>>>>>>> 1- After it ask for PIN and I enter PIN it immediately asks for the
>>>>>>>>>> PIN
>>>>>>>>>> again
>>>>>>>>>> 2- It then tries to connect, but nothing happens
>>>>>>>>>> 3- After 60 seconde it times out
>>>>>>>>>> 4- Start another connection attempt
>>>>>>>>>> 5- It asks for PIN and after I enter it it immediately fails and back
>>>>>>>>>> to point no. 4 until I break
>>>>>>>>>>
>>>>>>>>>> Last working version is 009, 010 and 011 have very same issue.
>>>>>>>>>>
>>>>>>>>>> Here is the command line LOG (short form):
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> On Wed, 28 Sep 2011 16:04:24 +0300, Alon Bar-Lev
>>>>>>>>>> <alon.bar...@gmail.com> wrote:
>>>>>>>>>>> Now?
>>>>>>>>>>>
>>>>>>>>>>> On Wed, Sep 28, 2011 at 4:01 PM, <busin...@reebs.org> wrote:
>>>>>>>>>>>> Alon,
>>>>>>>>>>>>
>>>>>>>>>>>> I believe there is a permission issue with the new files:
>>>>>>>>>>>>
>>>>>>>>>>>>> Forbidden
>>>>>>>>>>>>>
>>>>>>>>>>>>> You don't have permission to access
>>>>>>>>>>>>> /downloads/users/alonbl/build/opensc-
>>>>>>>>>>>>> i686-w64-mingw32-011-engine_pkcs11.tar.bz2 on this server.
>>>>>>>>>>>>
>>>>>>>>>>>> Regards,
>>>>>>>>>>>>
>>>>>>>>>>>> On Wed, 28 Sep 2011 15:40:00 +0300, Alon Bar-Lev
>>>>>>>>>>>> <alon.bar...@gmail.com> wrote:
>>>>>>>>>>>>> Use build-011
>>>>>>>>>>>>>
>>>>>>>>>>>>> On Wed, Sep 28, 2011 at 1:39 PM, <busin...@reebs.org> wrote:
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> Hi All,
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> any clue what is wrong?! :(
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> Rgds
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> On Sun, 25 Sep 2011 18:38:39 +0200, <busin...@reebs.org> wrote:
>>>>>>>>>>>>>> > Hello All,
>>>>>>>>>>>>>> >
>>>>>>>>>>>>>> > Currently I am having troubles to get the latest build (32bit)
>>>>>>>>>>>>>> > of
>>>>>>>>>>>>>> > prebuild OpenVPN/OpenSC/OpenSSL to work alltogether. These are
>>>>>>>>>>>>>> > found
>>>>>>>>>>>>>> > here:
>>>>>>>>>>>> ....
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>
>>>>
>>>>
>>
_______________________________________________
opensc-devel mailing list
opensc-devel@lists.opensc-project.org
http://www.opensc-project.org/mailman/listinfo/opensc-devel
