Hi,
I just tried out engine_pkcs11. It doesn't work like described in the
Quickstart-Document.
I get the error shown below.
My sytem components are:
- RHEL4
- openssl-0.9.7a
- opensc-0.10.0
- libp11-0.1.1
Any suggestions how I could make it work?
--8<--8<-
OpenSSL> engine -t dynamic
Hello,
the following links to APIs are broken:
http://www.opensc-project.org/doc/libp11/api/index.html
http://www.opensc-project.org/pkcs11-helper/files/pkcs11-helper/doc/api
Although the documentations are in the packages these links should be fixed.
Regards,
Dominik
__
Am Dienstag, den 08.12.2009, 14:49 +0100 schrieb Andreas Jellinghaus:
> Am Dienstag 08 Dezember 2009 13:39:29 schrieb Dominik Fischer:
> > Why do I think it should work: Under RHEL5 it works with the same card and
> > the following software versions: * opensc-0.11.1
>
> do you still have that RHEL5 machine? if you had a debug log from it too,
> that could help in seeing what changed. the interesting parts start with
> the first "C_Sign" line.
Here comes the debug-output from my RHEL5 System.
Regards,
Dominik
ctx.c:695:sc_context_create: ===
> Dominik Fischer wrote:
> >> do you still have that RHEL5 machine? if you had a debug log from it too,
> >> that could help in seeing what changed. the interesting parts start with
> >> the first "C_Sign" line.
> >
> > Here comes the de
I've narrowed the error:
* Installed a fresh Ubuntu Jaunty
* Upgrade the follwing packages to karmic versions:
* linux-kernel
* libccid
* libpcsclite1 / pcscd
Until here all went fine: "pkcs11-tool -l -t" shows no error.
After I've updated libopensc2 from version 0.11.4-5ubuntu1 to
versi
> I've narrowed the error:
> * Installed a fresh Ubuntu Jaunty
> * Upgrade the follwing packages to karmic versions:
>* linux-kernel
>* libccid
>* libpcsclite1 / pcscd
>
> Until here all went fine: "pkcs11-tool -l -t" shows no error.
>
> After I've updated libopensc2 from version 0.11
> running these commands would still help:
> > > openssl dgst -md5 -binary -out digest_file < message_file
> > > pkcs15-crypt -s --md5 --pkcs1 -i digest_file -o signature_file
> > > openssl dgst -verify public_key_file -md5 -signature signature_file \
> > > < message_file
>
> pkcs15-crypt is a
Hi everybody,
after some more testing I can say that the error was introduced
in opensc-0.11.5. After diffing and eliminating files which are
obviously not relevant (.svn, README, Makefile, ...) there
are still 123 files left with differences.
Any hint which files could cause my problem or the ot
Hello Ludovic,
> I remember doing this patch.
> The problem was that the ASN.1 encoder/decoder routines were bogus.
> Negative values and "special" values like 128 were not encoded
> correctly.
>
> I am not really surprised that cards initialized with an old version
> have problems when used with
> please run "opensc-tool -f" and show us the permissions on
> 4401 and 4402, those files should be writeable with pin or so-pin,
> so you will be able to fix the content of those files, if we
> can write a tool for it.
The command is not supported:
$ ./opensc-tool -f
3f00 type: DF, size: 0
sel
Am Montag, den 14.12.2009, 16:03 +0100 schrieb Andreas Jellinghaus:
> Am Montag 14 Dezember 2009 14:28:21 schrieb Martin Paljak:
> > On 14.12.2009, at 15:17, Andreas Jellinghaus wrote:
> > > Hi,
> > >
> > > is there a way to put a version on the card in some structure?
> > > so we can write code th
pwnam()
does not work.)
Please have a look at the patch. If it's OK please include it in further
pam_pkcs11 releases (so I
don't have to patch every new pam_pkcs11 release on my own ;-) ).
Kind regards
Dominik Fischer
---8<-8<
Index: src/m
y improved our error handling on side
of our helpdesk staff. I'm on my way to make it match the current
trunk version.
Thanks!
Dominik Fischer
Index: src/mappers/pwent_mapper.c
===
--- src/mappers/pwent_mapper.c (Revision 489)
ettext before. I hope I've done it right.
There's one more patch here addressing a problem with "card_only": I get asked
for a
username if no smartcard is present. Even if "card_only" is true. I've
(somewhat brutal)
changed this. I need some time to make it nice and
Anfang der weitergeleiteten E-Mail:
> Von: "Dominik Fischer"
> Datum: 21. März 2011 15:43:02 MEZ
> An: "Ludovic Rousseau"
> Betreff: Re: [opensc-devel] [pam_pkcs11] improved error messages
>
>
>>>>> (I'm not sure if the mailing
Hello,
did you create the hashlinks to your certificates?
Kind regards,
Dominik Fischer
Am 05.04.2011 um 11:00 schrieb Jean-Michel Pouré - GOOZE:
> Dear friends,
>
> I am still having problems configuring pam PKCS#11 with OpenSC.
>
> CAcert root certificates:
> http://ww
17 matches
Mail list logo
