Hello, Le 21/07/2012 06:37, Nguyễn Hồng Quân a écrit : > I want to generate key in Firefox with my OpenPGP card. The OpenPGP card > need Admin PIN (SO PIN) to do that. However, I didn't see dialog box to > ask for this PIN, so the generation fails. > > So, is there a way to ask for SO PIN via PKCS#11? > If yes, how should the code of card support be changed?
I have no solution, PIN callbacks is not supported by PKCS#11 framework (in the manner as it's supported by pkcs15-init tool). PKCS#11 framework do not create slot for SoPIN. In theory, with PKCS#11 you could generate the key. If SoPIN is presented by emulator as a 'normal' second PIN (without 'so-pin' flag), and if the PKCS#11 module is configured to create slot for every present PIN (default configuration), you could open session to corresponding slot and generate the key. But to use this key (I guess that in your case SoPIN do not give the right to use new key) you have to open session with the second, normal 'UserPIN' slot. So it's probably not usable in Firefox. Kind wishes, Viktor. _______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
