Write private key ECDSA inside of Athena ID Protect laser smartcard

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

Write private key ECDSA inside of Athena ID Protect laser smartcard

evalues evalues
Hello,

I have watched that opensc only RSA private keys are supported to be inserted in the smartcard. I have been trying to implement that functionality based on the description of PKCS #11 Mechanisms v2.30 but I got an error 5 and this error not give any information.

Due to opensc supports write private RSA keys, I have decided to try to write an RSA key within of smartcard. I have generated the RSA key with openssl. Concretely, the commands that I used were:
  • openssl genrsa -out key_rsa.pem 2048
  • openssl rsa -in key_rsa.pem -inform PEM -out key_rsa.der -outform DER 
After that, I used pkcs11-tool to insert that key in the smart card. The command that I used was:
  • pkcs11-tool --module C:\Windows\System32\asepkcs.dll -y privkey --key-type rsa:2048 -w key_rsa.der --label RSA --id 1 --pin 11111111 -l
That command report the next error:
Using slot 0 with a present token (0x0)
error: PKCS11 function C_CreateObject failed: rv = CKR_DEVICE_ERROR (0x30)
Aborting.

Can anyone help to me?

Thank you in advanced.

Regards,
Fidel



------------------------------------------------------------------------------
Android is increasing in popularity, but the open development platform that
developers love is also attractive to malware creators. Download this white
paper to learn more about secure code signing practices that can help keep
Android apps secure.
http://pubads.g.doubleclick.net/gampad/clk?id=65839951&iu=/4140/ostg.clktrk
_______________________________________________
Opensc-devel mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/opensc-devel
Reply | Threaded
Open this post in threaded view
|

Re: Write private key ECDSA inside of Athena ID Protect laser smartcard

Douglas E. Engert


On 10/31/2013 10:17 AM, evalues evalues wrote:

> Hello,
>
> I have watched that opensc only RSA private keys are supported to be inserted in the smartcard. I have been trying to implement that functionality based on the description of PKCS #11 Mechanisms v2.30
> but I got an error 5 and this error not give any information.
>
> Due to opensc supports write private RSA keys, I have decided to try to write an RSA key within of smartcard. I have generated the RSA key with openssl. Concretely, the commands that I used were:
>
>   * openssl genrsa -out key_rsa.pem 2048
>   * openssl rsa -in key_rsa.pem -inform PEM -out key_rsa.der -outform DER
>
> After that, I used pkcs11-tool to insert that key in the smart card. The command that I used was:
>
>   * pkcs11-tool --module C:\Windows\System32\asepkcs.dll -y privkey --key-type rsa:2048 -w key_rsa.der --label RSA --id 1 --pin 11111111 -l
>
> That command report the next error:
> Using slot 0 with a present token (0x0)
> error: PKCS11 function C_CreateObject failed: rv = CKR_DEVICE_ERROR (0x30)
> Aborting.
>
> Can anyone help to me?

Does your card's PKCS#11 allow you to write a key?
Does writing a key require any additional commands not supported by PKCS#11?
It may not... Check the vendor's documentation.

You can get additional trace information using the OpenSC pkcs11-spy.so


>
> Thank you in advanced.
>
> Regards,
> Fidel
>
>
>
>
> ------------------------------------------------------------------------------
> Android is increasing in popularity, but the open development platform that
> developers love is also attractive to malware creators. Download this white
> paper to learn more about secure code signing practices that can help keep
> Android apps secure.
> http://pubads.g.doubleclick.net/gampad/clk?id=65839951&iu=/4140/ostg.clktrk
>
>
>
> _______________________________________________
> Opensc-devel mailing list
> [hidden email]
> https://lists.sourceforge.net/lists/listinfo/opensc-devel
>

--

  Douglas E. Engert  <[hidden email]>
  Argonne National Laboratory
  9700 South Cass Avenue
  Argonne, Illinois  60439
  (630) 252-5444

------------------------------------------------------------------------------
Android is increasing in popularity, but the open development platform that
developers love is also attractive to malware creators. Download this white
paper to learn more about secure code signing practices that can help keep
Android apps secure.
http://pubads.g.doubleclick.net/gampad/clk?id=65839951&iu=/4140/ostg.clktrk
_______________________________________________
Opensc-devel mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/opensc-devel