Re: [opensc-devel] CA key on card: how?

2011-02-21 Thread NdK
On 19/02/2011 10:52, Martin Paljak wrote: XCA worked with OpenSC quite OK IIRC, you might want to try it as well. Done. All I get from XCA, when loading /usr/lib/opensc-pkcs11.so is: -8-- The following error occured: Successfully loaded PKCS#11 library: /usr/lib/opensc-pkcs11.so SUCCESS:

Re: [opensc-devel] CA key on card: how?

2011-02-21 Thread Christian Hohnstaedt
On Mon, Feb 21, 2011 at 01:23:48PM +0100, NdK wrote: On 19/02/2011 10:52, Martin Paljak wrote: XCA worked with OpenSC quite OK IIRC, you might want to try it as well. Done. All I get from XCA, when loading /usr/lib/opensc-pkcs11.so is: -8-- The following error occured: Successfully loaded

[opensc-devel] Reading PKCS15 PIN max attempt number

2011-02-21 Thread Brian Thomas
Greetings: Is it possible to read the configured max number of incorrect PIN attempts configured on a PKCS15 smart card programmatically? We are experiencing an issue with the ATHENA ASE smartcard for Windows OS login. This particular card does not apparently return a LOCKED flag when the

Re: [opensc-devel] Reading PKCS15 PIN max attempt number

2011-02-21 Thread Andreas Jellinghaus
not sure about athena, but many cards return the number of tries left, when you try to VERIFY a PIN. so if the PIN is wrong, the lower byte or nibble of the return code could be the number of tries left, and you can generate a messagebox from that. Good Luck! Regards, Andreas

[opensc-devel] PKCS#11 C_DeriveKey for ECDH1_COFACTOR_DERVIVE for PIV cards

2011-02-21 Thread Douglas E. Engert
I would like to C_DeriveKey support to OpenSC, to the derivation capabilities of a smartcard. Although RSA can do key derivation, I am interested in CKM_ECDH1_COFACTOR_DERIVE which is supported in the newer PIV cards. (There is also some EDDH support in NSS to use with Thunderbird for encrypted

Re: [opensc-devel] Implement PIN retries in entersafe driver

2011-02-21 Thread Xiaoshuo Wu
On Sun, 20 Feb 2011 18:57:14 +0800, Martin Paljak mar...@martinpaljak.net wrote: Hello, On Feb 20, 2011, at 10:59 AM, Jean-Michel Pouré - GOOZE wrote: Le vendredi 18 février 2011 à 13:59 +0800, Xiaoshuo Wu a écrit : I've added SC_PIN_CMD_GET_INFO handling in entersafe_pin_cmd(),

[opensc-devel] Tuned entersafe.profile

2011-02-21 Thread Xiaoshuo Wu
Hi, I modified entersafe.profile, increased some index files' size, now it supports up to 9 RSA + X.509 certificates. here is the patch: Index: src/pkcs15init/entersafe.profile === --- src/pkcs15init/entersafe.profile(revision

Re: [opensc-devel] PKCS#11 C_DeriveKey for ECDH1_COFACTOR_DERVIVE for PIV cards

2011-02-21 Thread Martin Paljak
Hello, On Feb 21, 2011, at 10:23 PM, Douglas E. Engert wrote: I would like to C_DeriveKey support to OpenSC, to the derivation capabilities of a smartcard. Although RSA can do key derivation, I am interested in CKM_ECDH1_COFACTOR_DERIVE which is supported in the newer PIV cards. (There is

Re: [opensc-devel] Reading PKCS15 PIN max attempt number

2011-02-21 Thread Toni Sjoblom - Aventra
Hi, -Original Message- From: opensc-devel-boun...@lists.opensc-project.org [mailto:opensc-devel-boun...@lists.opensc-project.org] On Behalf Of Andreas Jellinghaus not sure about athena, but many cards return the number of tries left, when you try to VERIFY a PIN. so if the PIN is

Re: [opensc-devel] Reading PKCS15 PIN max attempt number

2011-02-21 Thread Martin Paljak
On Feb 22, 2011, at 9:20 AM, Toni Sjoblom - Aventra wrote: Hi, -Original Message- From: opensc-devel-boun...@lists.opensc-project.org [mailto:opensc-devel-boun...@lists.opensc-project.org] On Behalf Of Andreas Jellinghaus not sure about athena, but many cards return the number