|
|
Hi! I've tested now eToken with Windows and it worked OK. I got CKR_CANCEL when the PIN is incorrect. I will improve this in next version. I remember from far in the past that eToken had a different PIN for PKCS#11, and changing the PIN via the eToken GUI solved this... Can you please try? Do you have a spare token that you can format and try with it? Also please try: >pkcs11-tool.exe --module eTpkcs11.dll --list-objects --login The problem should be in authentication, not in accessing the public data. But it is nice to know that both opensc and legacy can access the same objects. Best Regards, Alon Bar-Lev. On 12/5/06, Robert Fischer <triton@xxxxxxxxxxxx> wrote: > On Monday 04 December 2006 21:25, Alon Bar-Lev wrote: > > > > Thank you very much for your quick answer! I'll try to install opensc on > > > Windows and post the results :) > > > > I never heard of opensc PKCS#11 works correctly on Windows... I will be > > glad to hear that it works... :) > > Since after your post, i'm not very convinced in using opensc on Windows, i'm > trying to cope with the Aladdin etpkcs11.dl :) > > However: > - i've uploaded a certificate using the Aladdin tools, thus not using PKCS#15 > to the token > - listing the certificates with the opensc-Windows-Port AND using the Aladdin > PKCS11-library etpkcs11.dll works: > > C:\progs\Smart card bundle>pkcs11-tool.exe --module c: > \WINDOWS\system32\eTpkcs11.dll --list-objects > > Certificate Object, type = X.509 cert > label: (eTCAPI) <some-label-data> > ID: > 39453945373335312d333545442d343031612d384637302d323846363639303636 > 3042303a30 > Public Key Object; RSA 1024 bits > label: eTCAPI public key > ID: > 39453945373335312d333545442d343031612d384637302d323846363639303636 > 3042303a30 > Usage: encrypt, verify, wrap > > - listing the objects using openvpn and the same pkcs11-library (eTpkcs11.dll) > fails: > > C:\Programme\OpenVPN\bin>openvpn --show-pkcs11-objects c: > \windows\system32\etpkc > s11.dll 0 > PIN: > Token Information: > label: eToken > manufacturerID: Aladdin Knowledge Systems Ltd. > model: eToken CardOS/M4 > serialNumber: 4c2f2514 > flags: 0000000d > > You can access this token using > --pkcs11-slot-type "label" --pkcs11-slot "eToken" options. > > PKCS#11: Cannot open session to token 'eToken' 1-'CKR_CANCEL' > The following objects are available for use with this token. > Each object shown below may be used as a parameter to > --pkcs11-id-type and --pkcs11-id options > > so, at the moment i have absolutely no clue where the problem lies. Both > OpenVPN and pkcs11-tool should access the Token using the given Aladdin-dll, > therefore displaying the same results, right? > > Best Regards, > Robert > > ------------------------------------------------------------------------- > Take Surveys. Earn Cash. Influence the Future of IT > Join SourceForge.net's Techsay panel and you'll get the chance to share your > opinions on IT & business topics through brief surveys - and earn cash > http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV > _______________________________________________ > Openvpn-users mailing list > Openvpn-users@xxxxxxxxxxxxxxxxxxxxx > https://lists.sourceforge.net/lists/listinfo/openvpn-users > ______________________ OpenVPN mailing lists https://lists.sourceforge.net/lists/listinfo/openvpn-users Warning: require_once(../../../archive_common.php) [function.require-once]: failed to open stream: No such file or directory in /home/openvpn/domains/openvpn.net/public_html/archive/openvpn-users/2006-12/msg00041.html on line 270 Fatal error: require_once() [function.require]: Failed opening required '../../../archive_common.php' (include_path='/usr/local/lib/php') in /home/openvpn/domains/openvpn.net/public_html/archive/openvpn-users/2006-12/msg00041.html on line 270 |