Hi Miklos, I tried LibreOffice with NSS backend and I was able to sign ODT document with the key on the token. I was asked for PIN in GUI.
So the question for the audience is - how to pass PIN to NSS in xmlsec1 cli? The last possible problem can be in KeyName so the other question is - is the described process to guess KeyName from token correct? Regards, Jaromir On Tue, 2021-02-09 at 09:46 +0100, Miklos Vajna wrote: > Hi Jaromir, > > On Mon, Feb 08, 2021 at 10:16:17PM +0100, Jaromir Talir > <[email protected]> wrote: > > good to hear you have succeeded. I played with nss and pkcs11 and > > seems > > like I'm almost there but still not fully. I guess I managed to get > > over task how to find proper keyname but xmlsec1 still cannot find > > the > > key in the token. I suspect that problem may be in PIN code (i.e > > "123456") that needs to be entered and I'm not sure if xmlsec1 "-- > > pwd" > > parameter is used for this. > > To be clear, we only use the library part of xmlsec1, it's invoked by > LibreOffice. Perhaps see if your HW works with LibreOffice (try to > sign > e.g. an ODT file), and if so, track down how your code vs xmlsec1 cli > vs > LibreOffice uses the xmlsec1 library? > > Seeing you're on Linux, I only tried this with the NSS backend of > xmlsec1. > > Regards, > > Miklos _______________________________________________ xmlsec mailing list [email protected] http://www.aleksey.com/mailman/listinfo/xmlsec
