Problem writing cert+key to cryptoflex card using pkcs11-tool

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

Problem writing cert+key to cryptoflex card using pkcs11-tool

Geoffrey Elgey-2
G'day,

I'm getting a C_CreateObject failure when I try to write a private key
to a Cyberflex 32K card using pkcs11-tool and opensc-pkcs11.so:

$ pkcs15-init --erase-card -T
$ pkcs15-init --create-pkcs15 -T
$ pkcs15-init --store-pin --auth-id 0 --label "test"

$ pkcs11-tool --module /usr/local/lib/pkcs11/opensc-pkcs11.so --slot 0
--pin 00000000 --write-object user.key.der --type privkey --label "key"
--id 1234

$ pkcs11-tool --module /usr/local/lib/pkcs11/opensc-pkcs11.so --slot 0
--pin 00000000 --write-object user.key.der --type privkey --label "key"
--id 1234

...
pkcs15-lib.c:2669:sc_pkcs15init_authenticate: path=3f0050154b003034, op=3
misc.c:80:sc_to_cryptoki_error: opensc error: Requested object not found
(-1407)
error: PKCS11 function C_CreateObject failed: rv = CKR_GENERAL_ERROR (0x5)

opensc-explorer reveals that directory 3f00/5015/4b00/3034 exists, but
it is empty, which is what I assume caused the "object not found" error:

OpenSC [3F00/5015/4B00/3034]> ls
FileID  Type  Size


Has anyone else had the same problem, or can point to a solution? I'm
using opensc-20050524 on SuSE 9.2

-- Geoff

_______________________________________________
opensc-devel mailing list
[hidden email]
http://www.opensc.org/cgi-bin/mailman/listinfo/opensc-devel
Reply | Threaded
Open this post in threaded view
|

Re: Problem writing cert+key to cryptoflex card using pkcs11-tool [u]

Andreas Jellinghaus-2
On Thursday 09 June 2005 07:14, Geoffrey Elgey wrote:
> G'day,
>
> I'm getting a C_CreateObject failure when I try to write a private key
> to a Cyberflex 32K card using pkcs11-tool and opensc-pkcs11.so:
>
> $ pkcs15-init --erase-card -T
> $ pkcs15-init --create-pkcs15 -T
> $ pkcs15-init --store-pin --auth-id 0 --label "test"

only guessing:
try with --create-pkcs15 -T -p pkcs15+onepin

as far as I know pkcs11 doesn't work well
with a two pin profile (user / security officer).

> Has anyone else had the same problem, or can point to a solution? I'm
> using opensc-20050524 on SuSE 9.2

Andreas
_______________________________________________
opensc-devel mailing list
[hidden email]
http://www.opensc.org/cgi-bin/mailman/listinfo/opensc-devel