Need help with Feitian PKI Card in Mac Os X

classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

Need help with Feitian PKI Card in Mac Os X

Bernardo Höhl-2
Hello list,


I have:

sh-3.2# opensc-tool -i
opensc 0.12.0 [gcc  4.2.1 (Apple Inc. build 5664)]
Enabled features: zlib readline openssl pcsc(/System/Library/Frameworks/PCSC.framework/PCSC)


It seems that I have the card seen by my system:

sh-3.2# opensc-tool --list-readers
# Detected readers (pcsc)
Nr.  Card  Features  Name
0    Yes             OmniKey CardMan 3121 00 00

sh-3.2# opensc-tool --reader 0 --name
entersafe

sh-3.2# opensc-tool --atr
Using reader with a card: OmniKey CardMan 3121 00 00
3b:9f:95:81:31:fe:9f:00:65:46:53:05:30:06:71:df:00:00:00:81:61:12:c4

Now I try to make some use of it, need to import a .pfx certificate into it.
Then I try:

sh-3.2# pkcs15-init --store-private-key USINA.pfx --format pkcs12 --auth-id 01 --pin xxxxxxxx
Using reader with a card: OmniKey CardMan 3121 00 00
error:23076071:PKCS12 routines:PKCS12_parse:mac verify failure
Please enter passphrase to unlock secret key: 
Importing 4 certificates:
  0: /C=BR/O=ICP-Brasil/OU=Autoridade Certificadora SERPROACF/OU=PRONOVA/OU=Pessoa Juridica A1/L=QUEIMADOS/ST=RJ/CN=USINA BRASILEIRA DE CRISTOBALITA LTDA:73264202000114
  1: /C=BR/O=ICP-Brasil/OU=Instituto Nacional de Tecnologia da Informacao - ITI/CN=Autoridade Certificadora Raiz Brasileira v1
  2: /C=BR/O=ICP-Brasil/CN=Autoridade Certificadora SERPRO v2
  3: /C=BR/O=ICP-Brasil/OU=Servico Federal de Processamento de Dados - SERPRO/OU=CSPB-1/CN=Autoridade Certificadora do SERPRO Final v2
Failed to store private key: Not supported


I am completely lost from this point onwards. Can someone help me?

Thanks!


Bernardo Höhl
Rio de Janeiro 
Brazil





_______________________________________________
opensc-user mailing list
[hidden email]
http://www.opensc-project.org/mailman/listinfo/opensc-user
Reply | Threaded
Open this post in threaded view
|

Re: Need help with Feitian PKI Card in Mac Os X

Jean-Michel Pouré - GOOZE
Le samedi 09 avril 2011 à 18:21 -0300, Bernardo Höhl a écrit :
> I am completely lost from this point onwards. Can someone help me?

I had once the same problem importing a Certificate from the French
government with OpenSC 0.12.0. This problem disappeared when using
OpenSC svn compiled with latest OpenSSL 1.0.

Can you try:
http://www.opensc-project.org/downloads/nightly/mac/

Kind regards,
--
                  Jean-Michel Pouré - Gooze - http://www.gooze.eu

_______________________________________________
opensc-user mailing list
[hidden email]
http://www.opensc-project.org/mailman/listinfo/opensc-user
Reply | Threaded
Open this post in threaded view
|

Re: Need help with Feitian PKI Card in Mac Os X

Jean-Michel Pouré - GOOZE
In reply to this post by Bernardo Höhl-2
Le samedi 09 avril 2011 à 18:21 -0300, Bernardo Höhl a écrit :
> I am completely lost from this point onwards. Can someone help me?

I had once the same problem importing a Certificate from the French
government with OpenSC 0.12.0. This problem disappeared when using
OpenSC svn compiled with latest OpenSSL 1.0.

OpenSC svn version also fixes a card space issue.

Can you try:
http://www.opensc-project.org/downloads/nightly/mac/

Kind regards,
--
                  Jean-Michel Pouré - Gooze - http://www.gooze.eu


_______________________________________________
opensc-user mailing list
[hidden email]
http://www.opensc-project.org/mailman/listinfo/opensc-user
Reply | Threaded
Open this post in threaded view
|

Re: Need help with Feitian PKI Card in Mac Os X

Bernardo Höhl-2
In reply to this post by Bernardo Höhl-2
Thanks a lot dear Jean-Michel.

Now it works.

Tokend too. I can use the PKI Card under Safari and Keychain Access shows it too.

Thank you my friend.


Bernardo

===================
On 10.04.2011, at 3:39 AM, Jean-Michel Pouré - GOOZE wrote:

> Le samedi 09 avril 2011 à 18:21 -0300, Bernardo Höhl a écrit :
>> Failed to store private key: Not supported
>
> Please note that OpenSC default card space was not well used.
> http://www.gooze.eu/howto/smartcard-quickstarter-guide/tuning-smartcard-file-system
>
> This was fixed in OpenSC svn revision.
> But you will need to reformat your card.
>
> Kind regards,
> --
>                  Jean-Michel Pouré - Gooze - http://www.gooze.eu
>

_______________________________________________
opensc-user mailing list
[hidden email]
http://www.opensc-project.org/mailman/listinfo/opensc-user