All,
I'm trying to get my PIV card to work on a Fedora Core 15 box running opensc:
opensc 0.12.2 [gcc 4.6.0 20110530 (Red Hat 4.6.0-9)]
Enabled features: zlib readline openssl pcsc(libpcsclite.so.1)
I can insert the card, and authenticate to it using my pin. I can add
the device to firefox and "login" but no certs show up. When I run
pkcs15-tool -D -v I get the following output:
Using reader with a card: Generic CCID Reader 00 00
Connecting to card in reader Generic CCID Reader 00 00...
Using card driver PIV-II for multiple cards.
Trying to find a PKCS#15 compatible card...
Found PIV_II!
PKCS#15 Card [PIV_II]:
Version : 0
Serial number : d42610d8210c2d5af08815836858210842108421842610d7e4
Manufacturer ID: piv_II
Flags :
Card has 2 PIN code(s).
PIN [PIV Card Holder pin]
Object Flags : [0x1], private
ID : 01
Flags : [0x22], local, needs-padding
Length : min_len:4, max_len:8, stored_len:8
Pad char : 0xFF
Reference : 128
Type : ascii-numeric
PIN [PIV PUK]
Object Flags : [0x1], private
ID : 02
Flags : [0xE2], local, needs-padding, unblockingPin, soPin
Length : min_len:4, max_len:8, stored_len:8
Pad char : 0xFF
Reference : 129
Type : ascii-numeric
Card has 0 private key(s).
Card has 0 public key(s).
Card has 0 certificate(s).
Reading data object <0>
applicationName: Card Capability Container
Label: Card Capability Container
applicationOID: 2.16.840.1.101.3.7.1.219.0
Path: db00
Data Object (179 bytes): <Removed >
Reading data object <1>
applicationName: Card Holder Unique Identifier
Label: Card Holder Unique Identifier
applicationOID: 2.16.840.1.101.3.7.2.48.0
Path: 3000
Data Object (59 bytes): < removed >
Reading data object <2>
applicationName: Unsigned Card Holder Unique Identifier
Label: Unsigned Card Holder Unique Identifier
applicationOID: 2.16.840.1.101.3.7.2.48.2
Path: 3010
Data object read failed: File not found
Reading data object <3>
applicationName: X.509 Certificate for PIV Authentication
Label: X.509 Certificate for PIV Authentication
applicationOID: 2.16.840.1.101.3.7.2.1.1
Path: 0101
Data object read failed: File not found
Reading data object <4>
applicationName: Cardholder Fingerprints
Label: Cardholder Fingerprints
applicationOID: 2.16.840.1.101.3.7.2.96.16
Path: 6010
Auth ID: 01
Reading data object <5>
applicationName: Printed Information
Label: Printed Information
applicationOID: 2.16.840.1.101.3.7.2.48.1
Path: 3001
Auth ID: 01
Reading data object <6>
applicationName: Cardholder Facial Image
Label: Cardholder Facial Image
applicationOID: 2.16.840.1.101.3.7.2.96.48
Path: 6030
Auth ID: 01
Reading data object <7>
applicationName: X.509 Certificate for Digital Signature
Label: X.509 Certificate for Digital Signature
applicationOID: 2.16.840.1.101.3.7.2.1.0
Path: 0100
Data object read failed: File not found
Reading data object <8>
applicationName: X.509 Certificate for Key Management
Label: X.509 Certificate for Key Management
applicationOID: 2.16.840.1.101.3.7.2.1.2
Path: 0102
Data object read failed: File not found
Reading data object <9>
applicationName: X.509 Certificate for Card Authentication
Label: X.509 Certificate for Card Authentication
applicationOID: 2.16.840.1.101.3.7.2.5.0
Path: 0500
Data object read failed: File not found
Reading data object <10>
applicationName: Security Object
Label: Security Object
applicationOID: 2.16.840.1.101.3.7.2.144.0
Path: 9000
Data Object (12 bytes): < 53 0A BA 06 05 30 01 01 DB 00 FE 00 >
Reading data object <11>
applicationName: Discovery Object
Label: Discovery Object
applicationOID: 2.16.840.1.101.3.7.2.96.80
Path: 6050
Data Object (20 bytes): < 7E 12 4F 0B A0 00 00 03 08 00 00 10 00 01 00
5F 2F 02 40 00 >
Reading data object <12>
applicationName: Cardholder Iris Image
Label: Cardholder Iris Image
applicationOID: 2.16.840.1.101.3.7.2.16.21
Path: 1015
Data object read failed: File not found
Any thoughts as to why the certs aren't loading? I see many "File not
found" errors...
Thanks
Marc
_______________________________________________
opensc-devel mailing list
opensc-devel@lists.opensc-project.org
http://www.opensc-project.org/mailman/listinfo/opensc-devel
