Hello, Le 09/03/2012 16:53, evalues evalues a écrit : > Sorry, the id that I use for the second certificate is 10000000
For PKCS#15 the ID is an octet string. In the OpenSC tools the 'id' argument is treated as hexadecimal string. If this string length is odd, the last byte is hexadecimal value of the last character. "12345" -> 0x12,0x34,0x05 In you case the "100" and "1000" will give the same result. Except for one-byte values, nowhere in OpenSC the number is transformed into ID. It's up to you to make this transformation. > > Thank you. Kind regards, Viktor. > > On Fri, Mar 9, 2012 at 4:51 PM, evalues evalues <evalues...@gmail.com > <mailto:evalues...@gmail.com>> wrote: > > Hello, > > I try to add two certificates to the smart card with the command > pkcs15-init -T --store-certificate with the option --id, and I use the id > 1000000 with the first certificate and I use the id 1000000 with the second > certificate. When I try to add the > second certificate I obtain that there is a certificate with the same id > within the smartcard. > > Thank you. > > On Wed, Mar 7, 2012 at 3:59 PM, Douglas E. Engert <deeng...@anl.gov > <mailto:deeng...@anl.gov>> wrote: > > > > On 3/7/2012 7:05 AM, evalues evalues wrote: > > Hello, you are right, I have not explained well the problem, > sorry. > > I have a smartcard with three certificates and each certificate > have a different ID (first certificate have the 55555555 (without dot, all > ids are numbers), second certificate have the id 1000000 and > third certificate have the id 10000000. I use the function > sc_pkcs15_get_objects to obtain the certificates. After that, I print the id > of each certificate and I obtain the same value 16000 for the > ids 1000000 and 10000000. I use %lu for print this values. > > > Will not work. the ID may be up to 255 bytes long. > You have to treat it as as an array of unsigned char. > the endian of the machine would also effect the output > if you tried to use %lu. > > > Is there a function sc_pkcs15_id_to_hex_string? > > sc_pkcs15_print_id > > Look at tools/pkcs15-tool.c in the print_cert_info routine. > > > Thank you. > > > On Wed, Mar 7, 2012 at 12:02 AM, Douglas E. Engert > <deeng...@anl.gov <mailto:deeng...@anl.gov> <mailto:deeng...@anl.gov > <mailto:deeng...@anl.gov>>> wrote: > > > > On 3/5/2012 10:45 AM, evalues evalues wrote: > > Hello, > > > > how data is stored in this structure? I have been testing > with numerical data and I think that the data are converted to hexadecimal in > pairs and from right to left. For example, if I have the > number > > 55.555.555 is converted into 85 85 85 85. It is a problem > when the number ends in zero, because, if I have the number 1.000.000 is > converted to16 0 0 0 and if I have the number 10.000.000 is > converted > > to the same value (16000). Due to this, for two objects > with identifiers 1.000.000 and 10.000.000, in opensc they are converted to > the same identifier 16 0 0 0. I don't know if I have interpreted > > something bad or if really exist this error in opensc. > > You did not say how you were providing 55.555.555 > > It looks like the routine you are using is only looking at hex > digits and ignoring the "."s, and the fact that 1.000.000 has > an > odd number of digits. > > One place where it is created is in src/tools/pkcs15-tool.c: > sc_pkcs15_hex_string_to_id(opt_auth_id, &auth_id) > > sc_pkcs15_id has an octet string and a length. > (The octet string could be printable.) > > So depending on the tool you are trying to use, you can > pass in the hex characters, and let it convert it, > > 31:2e:30:30:30:2e:30:30:30 would be your 1.000.000 > 31:30:2e:30:30:30:2e:30:30:30 would be 10.000.000 > or if you are writing your own code, copy the > asci characters and set the length. > > > > > Thank you. > > > > > > _______________________________________________ > > opensc-devel mailing list > > opensc-devel@lists.opensc-project.org > <mailto:opensc-devel@lists.opensc-project.org> > <mailto:opensc-devel@lists.opensc-project.org > <mailto:opensc-devel@lists.opensc-project.org>> > > http://www.opensc-project.org/mailman/listinfo/opensc-devel > > -- > > Douglas E. Engert <deeng...@anl.gov > <mailto:deeng...@anl.gov> <mailto:deeng...@anl.gov <mailto:deeng...@anl.gov>>> > > Argonne National Laboratory > 9700 South Cass Avenue > Argonne, Illinois 60439 > (630) 252-5444 <tel:%28630%29%20252-5444> > <tel:%28630%29%20252-5444> > _______________________________________________ > opensc-devel mailing list > opensc-devel@lists.opensc-project.org > <mailto:opensc-devel@lists.opensc-project.org> > <mailto:opensc-devel@lists.opensc-project.org > <mailto:opensc-devel@lists.opensc-project.org>> > http://www.opensc-project.org/mailman/listinfo/opensc-devel > > > > -- > > Douglas E. Engert <deeng...@anl.gov <mailto:deeng...@anl.gov>> > Argonne National Laboratory > 9700 South Cass Avenue > Argonne, Illinois 60439 > (630) 252-5444 <tel:%28630%29%20252-5444> > > > > > _______________________________________________ > opensc-devel mailing list > opensc-devel@lists.opensc-project.org > http://www.opensc-project.org/mailman/listinfo/opensc-devel _______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
