Greetings!
I'm experimenting with a CardContact HSM, and I'm finding some
peculiar results when trying to install multiple certificates on the
token. Loading three certificates onto the token seemed to work, but
when I went to remove them, things fell apart.
I think that the crux of the problem is that pkcs11-tool shows only one object:
$ tool="pkcs11-tool --module opensc-pkcs11.so --login --pin 648219"
$ $tool -O
Using slot 1 with a present token (0x1)
Private Key Object; RSA
label: Foo2A
ID: 0f48886a19793c9e
Usage: decrypt, sign, unwrap
But the pkcs15-tool shows quite a few more:
$ pkcs15-tool -D
[...]
Private RSA Key [Foo2A]
Object Flags : [0x3], private, modifiable
Usage : [0x2E], decrypt, sign, signRecover, unwrap
Access Flags : [0x1D], sensitive, alwaysSensitive,
neverExtract, local
ModLength : 2048
Key ref : 1 (0x1)
Native : yes
Path : e82b0601040181c31f0201::
Auth ID : 01
ID : 0f48886a19793c9e
GUID : {be6fda39-699a-d073-68e5-9629a54eafff}
X.509 Certificate [Bar Intermediate Certificate (2013)]
Object Flags : [0x2], modifiable
Authority : no
Path : e82b0601040181c31f0201::ca01
ID : 02
GUID : {55f338e7-137c-67e9-a6db-9135ca0aa884}
X.509 Certificate [Certificate]
Object Flags : [0x2], modifiable
Authority : no
Path : e82b0601040181c31f0201::ca02
ID : 03
GUID : {f89468b8-6674-1c8a-b01e-1a244eaaaf54}
X.509 Certificate [Foo2A (2013)]
Object Flags : [0x2], modifiable
Authority : no
Path : e82b0601040181c31f0201::ca03
ID : 03
GUID : {f89468b8-6674-1c8a-b01e-1a244eaaaf54}
Encoded serial : 02 01 01
I tried modifying the tools, but I found myself in pkcs15-tool without
a way to discover the correct sc_profile object,...
Thanks
Tony
_______________________________________________
opensc-devel mailing list
[email protected]
http://www.opensc-project.org/mailman/listinfo/opensc-devel
