Cryptoflex 32K profile for ≥3 keys+certificates

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

Cryptoflex 32K profile for ≥3 keys+certificates

Gary Gapinski-2
Using OpenSC on Ubuntu 13.04 version 0.12.2-2ubuntu2 with Cryptoflex 32K
v4 card.

Attempting to store several key pairs and certificates. Not having any
success. Routinely end up with "Failed to store private key: File too
small" and "Failed to store private key: Not enough memory on card".

Card initialized using pkcs15-init -T --create-pkcs15 using only
--so-pin, --so-puk, and --label arguments (as well as variations on this
calling out an alternate profile).
One auth-id declared with pkcs15-init -T --store-pin.
Attempt several  pkcs15-init --store-private-key operations. Run out of
memory after two. PKCS11 files crafted to have only key+certificate (no
CA certificates). Have tried the same with more than one declared auth-id.

A few questions:

There is no (obvious) specific profile for this card. I assume that
/usr/share/opensc/pkcs15.profile is used. Is this correct?

I have tried to copy and alter /usr/share/opensc/pkcs15.profile and
specify the altered profile as a -p argument to pkcs15-init
--create-pkcs15. Is this the correct method?

Which profile configuration item adjustments are pertinent to allow for
more than two key pairs and associated certificate to be loaded? I have
tried this with CA certificates included or excluded. Ideally, I'd like
to load the key pair plus certificate plus CA certificates using PKCS11
bundles in typical export form. In my case, more than two.

I'm having a rather difficult time understanding how to lay out the
profile. It seems I've not understood how to accommodate several key
pairs and/or certificates. Importation of a typical PKCS11 bundle
including two CA certificates works, but a second with 3 CA certs fails,
as does an attempt at three keys with a single certificate each.

Regards,

Gary


------------------------------------------------------------------------------
Learn the latest--Visual Studio 2012, SharePoint 2013, SQL 2012, more!
Discover the easy way to master current and previous Microsoft technologies
and advance your career. Get an incredible 1,500+ hours of step-by-step
tutorial videos with LearnDevNow. Subscribe today and save!
http://pubads.g.doubleclick.net/gampad/clk?id=58040911&iu=/4140/ostg.clktrk
_______________________________________________
Opensc-devel mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/opensc-devel