Greetings! I'm experimenting with a CardContact HSM, and I'm finding some peculiar results when trying to install multiple certificates on the token. Loading three certificates onto the token seemed to work, but when I went to remove them, things fell apart.
I think that the crux of the problem is that pkcs11-tool shows only one object: $ tool="pkcs11-tool --module opensc-pkcs11.so --login --pin 648219" $ $tool -O Using slot 1 with a present token (0x1) Private Key Object; RSA label: Foo2A ID: 0f48886a19793c9e Usage: decrypt, sign, unwrap But the pkcs15-tool shows quite a few more: $ pkcs15-tool -D [...] Private RSA Key [Foo2A] Object Flags : [0x3], private, modifiable Usage : [0x2E], decrypt, sign, signRecover, unwrap Access Flags : [0x1D], sensitive, alwaysSensitive, neverExtract, local ModLength : 2048 Key ref : 1 (0x1) Native : yes Path : e82b0601040181c31f0201:: Auth ID : 01 ID : 0f48886a19793c9e GUID : {be6fda39-699a-d073-68e5-9629a54eafff} X.509 Certificate [Bar Intermediate Certificate (2013)] Object Flags : [0x2], modifiable Authority : no Path : e82b0601040181c31f0201::ca01 ID : 02 GUID : {55f338e7-137c-67e9-a6db-9135ca0aa884} X.509 Certificate [Certificate] Object Flags : [0x2], modifiable Authority : no Path : e82b0601040181c31f0201::ca02 ID : 03 GUID : {f89468b8-6674-1c8a-b01e-1a244eaaaf54} X.509 Certificate [Foo2A (2013)] Object Flags : [0x2], modifiable Authority : no Path : e82b0601040181c31f0201::ca03 ID : 03 GUID : {f89468b8-6674-1c8a-b01e-1a244eaaaf54} Encoded serial : 02 01 01 I tried modifying the tools, but I found myself in pkcs15-tool without a way to discover the correct sc_profile object,... Thanks Tony _______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel