Delete key from Gemalto Instant EID IP9?

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

Delete key from Gemalto Instant EID IP9?

Aleksandar Mujadin
Hello,

I'm trying to delete several keys that were used for testing from a
Gemalto Instant EID IP9 card using OpenSC 0.14.0.0 for Windows.

I'm new to OpenSC, these are the steps I followed:

1) pkcs15-tool --dump > d:\test.txt

2) Find the ID of the key I want to delete:

Private RSA Key []
    Object Flags   : [0x3], private, modifiable
    Usage          : [0x200], nonRepudiation
    Access Flags   : [0x18], neverExtract, local
    ModLength      : 1024
    Key ref        : -1 (0xFFFFFFFF)
    Native         : yes
    Path           : 3f0050165b06
    Auth ID        : 02
    ID             :
6c652d65643336323963352d656637652d343164342d396636302d3164393765336437646161313e32

3) Try to delete the key using pkcs15-init:

pkcs15-init -D privkey --id 6c652d6
5643336323963352d656637652d343164342d396636302d3164393765336437646161313e32
-v

Output:

Using reader with a card: Lenovo Integrated Smart Card Reader 0
Connecting to card in reader Lenovo Integrated Smart Card Reader 0...
Using card driver Setec cards.
Found Instant EID IP9
About to delete object(s).
User PIN [identification] required.
Please enter User PIN [identification]: 2015-03-09 17:25:35.430 cannot
lock memo
ry, sensitive data may be paged to disk
Failed to delete object 0: Security status not satisfied
Deleted 0 objects
Failed to delete object(s): Security status not satisfied

I have also tried to specify --auth-id 02 on the command line but that
doesn't help, it never asks for the signing PIN, only for the
identification PIN.

Output from opensc-tool -a:
c:\Program Files\OpenSC Project\OpenSC\tools>opensc-tool -a
Using reader with a card: Lenovo Integrated Smart Card Reader 0
3b:7d:96:00:00:80:31:80:65:b0:a3:11:00:c8:83:00:90:00

>From opensc-tool -n:
c:\Program Files\OpenSC Project\OpenSC\tools>opensc-tool -n
Using reader with a card: Lenovo Integrated Smart Card Reader 0
SetCOS

opensc-tool --info:
c:\Program Files\OpenSC Project\OpenSC\tools>opensc-tool --info
OpenSC 0.14.0 [Microsoft 1600]
Enabled features:pcsc openssl zlib

I've seen some examples where people specify a security officer PIN but
I only have a PIN1, identification and encryption, PIN2, signing and a
PUK code.

Something obvious that I'm missing?

--Thanks

------------------------------------------------------------------------------
Dive into the World of Parallel Programming The Go Parallel Website, sponsored
by Intel and developed in partnership with Slashdot Media, is your hub for all
things parallel software development, from weekly thought leadership blogs to
news, videos, case studies, tutorials and more. Take a look and join the
conversation now. http://goparallel.sourceforge.net/
_______________________________________________
Opensc-devel mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/opensc-devel