Re: [opensc-devel] PAM pkcs11 unable to get local issuer certificate

Hello, did you create the hashlinks to your certificates? Kind regards, Dominik Fischer Am 05.04.2011 um 11:00 schrieb Jean-Michel Pouré - GOOZE: Dear friends, I am still having problems configuring pam PKCS#11 with OpenSC. CAcert root certificates: http://www.cacert.org/certs/class3

[opensc-devel] [pam_pkcs11] improved error messages

Anfang der weitergeleiteten E-Mail: Von: Dominik Fischer dom_fisc...@web.de Datum: 21. März 2011 15:43:02 MEZ An: Ludovic Rousseau ludovic.rouss...@gmail.com Betreff: Re: [opensc-devel] [pam_pkcs11] improved error messages (I'm not sure if the mailing list accepts attachments. So I add

Re: [opensc-devel] [pam_pkcs11] pwent_mapper_find_user

our error handling on side of our helpdesk staff. I'm on my way to make it match the current trunk version. Thanks! Dominik Fischer Index: src/mappers/pwent_mapper.c === --- src/mappers/pwent_mapper.c (Revision 489) +++ src/mappers

[opensc-devel] [pam_pkcs11] improved error messages

more patch here addressing a problem with card_only: I get asked for a username if no smartcard is present. Even if card_only is true. I've (somewhat brutal) changed this. I need some time to make it nice and include it in the trunk version. Kind regards, Dominik Fischer (I'm not sure

[opensc-devel] [pam_pkcs11] pwent_mapper_find_user

() does not work.) Please have a look at the patch. If it's OK please include it in further pam_pkcs11 releases (so I don't have to patch every new pam_pkcs11 release on my own ;-) ). Kind regards Dominik Fischer ---8-8 Index: src/mappers/pwent_mapper.c

Re: [opensc-devel] versioning opensc on card format

Am Montag, den 14.12.2009, 16:03 +0100 schrieb Andreas Jellinghaus: Am Montag 14 Dezember 2009 14:28:21 schrieb Martin Paljak: On 14.12.2009, at 15:17, Andreas Jellinghaus wrote: Hi, is there a way to put a version on the card in some structure? so we can write code that sees: *

Re: [opensc-devel] ASN.1 change for integers broke starcos driver

Hello Ludovic, I remember doing this patch. The problem was that the ASN.1 encoder/decoder routines were bogus. Negative values and special values like 128 were not encoded correctly. I am not really surprised that cards initialized with an old version have problems when used with a new

Re: [opensc-devel] ASN.1 change for integers broke starcos driver

please run opensc-tool -f and show us the permissions on 4401 and 4402, those files should be writeable with pin or so-pin, so you will be able to fix the content of those files, if we can write a tool for it. The command is not supported: $ ./opensc-tool -f 3f00 type: DF, size: 0

Re: [opensc-devel] PKCS11 signing does not work on Ubuntu

running these commands would still help: openssl dgst -md5 -binary -out digest_file message_file pkcs15-crypt -s --md5 --pkcs1 -i digest_file -o signature_file openssl dgst -verify public_key_file -md5 -signature signature_file \ message_file pkcs15-crypt is a mid-level

Re: [opensc-devel] PKCS11 signing does not work on Ubuntu

Hi everybody, after some more testing I can say that the error was introduced in opensc-0.11.5. After diffing and eliminating files which are obviously not relevant (.svn, README, Makefile, ...) there are still 123 files left with differences. Any hint which files could cause my problem or the

Re: [opensc-devel] PKCS11 signing does not work on Ubuntu

Dominik Fischer wrote: do you still have that RHEL5 machine? if you had a debug log from it too, that could help in seeing what changed. the interesting parts start with the first C_Sign line. Here comes the debug-output from my RHEL5 System. Without the original command line

Re: [opensc-devel] PKCS11 signing does not work on Ubuntu

I've narrowed the error: * Installed a fresh Ubuntu Jaunty * Upgrade the follwing packages to karmic versions: * linux-kernel * libccid * libpcsclite1 / pcscd Until here all went fine: pkcs11-tool -l -t shows no error. After I've updated libopensc2 from version 0.11.4-5ubuntu1 to

Re: [opensc-devel] PKCS11 signing does not work on Ubuntu

I've narrowed the error: * Installed a fresh Ubuntu Jaunty * Upgrade the follwing packages to karmic versions: * linux-kernel * libccid * libpcsclite1 / pcscd Until here all went fine: pkcs11-tool -l -t shows no error. After I've updated libopensc2 from version 0.11.4-5ubuntu1

Re: [opensc-devel] PKCS11 signing does not work on Ubuntu

Am Dienstag, den 08.12.2009, 14:49 +0100 schrieb Andreas Jellinghaus: Am Dienstag 08 Dezember 2009 13:39:29 schrieb Dominik Fischer: Why do I think it should work: Under RHEL5 it works with the same card and the following software versions: * opensc-0.11.1 * ccid-1.0.1 * pcsc-lite

Re: [opensc-devel] PKCS11 signing does not work on Ubuntu

do you still have that RHEL5 machine? if you had a debug log from it too, that could help in seeing what changed. the interesting parts start with the first C_Sign line. Here comes the debug-output from my RHEL5 System. Regards, Dominik ctx.c:695:sc_context_create:

[opensc-devel] Defect links in wiki

Hello, the following links to APIs are broken: http://www.opensc-project.org/doc/libp11/api/index.html http://www.opensc-project.org/pkcs11-helper/files/pkcs11-helper/doc/api Although the documentations are in the packages these links should be fixed. Regards, Dominik

[opensc-devel] engine_pkcs11: DYNAMIC_LOAD:init failed

Hi, I just tried out engine_pkcs11. It doesn't work like described in the Quickstart-Document. I get the error shown below. My sytem components are: - RHEL4 - openssl-0.9.7a - opensc-0.10.0 - libp11-0.1.1 Any suggestions how I could make it work? --8--8- OpenSSL engine -t dynamic