Re: [opensc-devel] Problems with starcos spk 2.4 and opensc-pkcs11.so

Felipe Blauth Sat, 19 Mar 2011 14:18:29 -0700

You were right Viktor, by using:
#pkcs15-init -G rsa/1024 --auth-id 01 --label "My Private Key"
--public-key-label "My Public Key"
Solved the problem of beeing unable to sign data with the generated keys,
thank you for that.


However, I still can't generate a key pair  neither coding directly against
PKCS#11  API (with opensc-pkcs11.so) nor using pkcs11-tool (I get
CKR_GENERAL_ERROR).

Maybe I need to do something before calling C_GenerateKeyPair?

Regards,

Felipe Blauth.

2011/3/18 Viktor TARASOV <viktor.tara...@opentrust.com>

> On 17.03.2011 16:14, Felipe Blauth wrote:
> > Hello everyone,
> >
> > Currently, I'm having some trouble with usage of starcos spk 2.4 cards
> and opensc. I used to have no problem, and I don't know where exactly the
> problem is.
> >
> > Here what's happening:
> > I have an aplicattion that use's pkcs15-init to initialize cards and then
> it codes directly against PKCS#11 API (and opensc-pkcs11.so module) to use
> the card (generete keys, sign, etc). I have no problems with the
> initialization (I use system calls):
> >
> > #pkcs15-init -C  (ok)
> > #pkcs15-init --store-pin --auth-id 01 --label some-label (ok)
> >
> > And then, if I try to generate keys through PKCS#11 API (with
> C_GenerateKeyPair), I get CKR_GENERAL_ERROR. The weird thing is that
> everything used to work in the past =p.
> > Also, if I try to generate keys using pkcs11-tool, I get the same error.
> For example, if I do:
> > #pkcs11-tool --login -k (error: PKCS11 function C_GenerateKeyPair failed:
> rv = CKR_GENERAL_ERROR (0x5))
> >
> > On the other side, if I use pkcs15-init to generate a key pair:
> > #pkcs15-init -G rsa/1024 --auth-id ff --label "My Private Key"
> --public-key-label "My Public Key"
> > It does generate the key-pair. However, if I try to do something with
> pkcs11-tool, with the generated key, like
>
> A bit strange, you are generating key with the reference to SOPIN
> ('--auth-id FF') .
> You have created User PIN with the reference '--auth-id 01' and you should
> use this one.
>
>
>
> > #pkcs11-tool --sign -i i_file -o signature
> > I get the following erros:
> ...
> > error: PKCS11 function C_SignFinal failed: rv = CKR_USER_NOT_LOGGED_IN
> (0x101)
>
> Probably can be explained by the fact that the private key do not
> references the 'User PIN' authentication object.
>
> If problem persists, please, send us the logs with the debug level > 8 .
>
> Kind wishes,
> Viktor.
>
> >
> > _______________________________________________
> > opensc-devel mailing list
> > opensc-devel@lists.opensc-project.org
> > http://www.opensc-project.org/mailman/listinfo/opensc-devel
>
>
> --
> Viktor Tarasov  <viktor.tara...@opentrust.com>
>
> _______________________________________________
> opensc-devel mailing list
> opensc-devel@lists.opensc-project.org
> http://www.opensc-project.org/mailman/listinfo/opensc-devel
>

_______________________________________________
opensc-devel mailing list
opensc-devel@lists.opensc-project.org
http://www.opensc-project.org/mailman/listinfo/opensc-devel

Re: [opensc-devel] Problems with starcos spk 2.4 and opensc-pkcs11.so

Reply via email to