[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Google
 
Web openvpn.net

Re: [Openvpn-users] Windows PKCS#11-Problem

  • Subject: Re: [Openvpn-users] Windows PKCS#11-Problem
  • From: Robert Fischer <triton@xxxxxxxxxxxx>
  • Date: Tue, 5 Dec 2006 16:35:43 +0100
On Monday 04 December 2006 21:25, Alon Bar-Lev wrote:

> > Thank you very much for your quick answer! I'll try to install opensc on
> > Windows and post the results :)
>
> I never heard of opensc PKCS#11 works correctly on Windows... I will be
> glad to hear that it works... :)

Since after your post, i'm not very convinced in using opensc on Windows, i'm 
trying to cope with the Aladdin etpkcs11.dl :)

However:
- i've uploaded a certificate using the Aladdin tools, thus not using PKCS#15 
to the token
- listing the certificates with the opensc-Windows-Port AND using the Aladdin 
PKCS11-library etpkcs11.dll works:

C:\progs\Smart card bundle>pkcs11-tool.exe --module c:
\WINDOWS\system32\eTpkcs11.dll --list-objects

Certificate Object, type = X.509 cert
  label:      (eTCAPI) <some-label-data>
  ID:         
39453945373335312d333545442d343031612d384637302d323846363639303636
3042303a30
Public Key Object; RSA 1024 bits
  label:      eTCAPI public key
  ID:         
39453945373335312d333545442d343031612d384637302d323846363639303636
3042303a30
  Usage:      encrypt, verify, wrap

- listing the objects using openvpn and the same pkcs11-library (eTpkcs11.dll) 
fails:

C:\Programme\OpenVPN\bin>openvpn --show-pkcs11-objects c:
\windows\system32\etpkc
s11.dll 0
PIN:
Token Information:
        label:          eToken
        manufacturerID: Aladdin Knowledge Systems Ltd.
        model:          eToken CardOS/M4
        serialNumber:   4c2f2514
        flags:          0000000d

You can access this token using
--pkcs11-slot-type "label" --pkcs11-slot "eToken" options.

PKCS#11: Cannot open session to token 'eToken' 1-'CKR_CANCEL'
The following objects are available for use with this token.
Each object shown below may be used as a parameter to
--pkcs11-id-type and --pkcs11-id options

so, at the moment i have absolutely no clue where the problem lies. Both 
OpenVPN and pkcs11-tool should access the Token using the given Aladdin-dll, 
therefore displaying the same results, right?

Best Regards,
Robert
______________________
OpenVPN mailing lists
https://lists.sourceforge.net/lists/listinfo/openvpn-users

Warning: require_once(../../../archive_common.php) [function.require-once]: failed to open stream: No such file or directory in /home/openvpn/domains/openvpn.net/public_html/archive/openvpn-users/2006-12/msg00039.html on line 235

Fatal error: require_once() [function.require]: Failed opening required '../../../archive_common.php' (include_path='/usr/local/lib/php') in /home/openvpn/domains/openvpn.net/public_html/archive/openvpn-users/2006-12/msg00039.html on line 235