Henryk Plötz wrote:
> Moin,
>
> I have here a Starcos SPK 2.3 card that is to be used
for SSH login.
> However, SSH fails with "Instruction code not
supported or invalid" and
> pkcs11-tool --test gives the same error on the
SHA1-RSA-PKCS test.
>
> Sequence of commands:
> | $ pkcs15-init -EC
> [...]
> | $ pkcs15-init -G rsa/1024 -a 1
> [...]
> | $ pkcs11-tool -t -l
> | Please enter User PIN:
> | C_SeedRandom() and C_GenerateRandom():
> | not implemented
> | Digests:
> | all 4 digest functions seem to work
> | MD5: OK
> | SHA-1: OK
> | RIPEMD160: OK
> | Signatures (currently only RSA signatures)
> | testing key 0 (Private Key)
> | all 4 signature functions seem to work
> | testing signature mechanisms:
> | RSA-PKCS: OK
> | SHA1-RSA-PKCS:
> | iso7816.c:99:iso7816_check_sw: Instruction code not
supported or invalid
> | card-starcos.c:1174:starcos_compute_signature:
returning with: Unsupported INS byte in APDU
> | sec.c:53:sc_compute_signature: returning with:
Unsupported INS byte in APDU
> | pkcs15-sec.c:331:sc_pkcs15_compute_signature:
sc_compute_signature() failed: Unsupported INS byte in APDU
> | error: PKCS11 function C_Sign failed: rv =
CKR_GENERAL_ERROR (0x5)
> |
> | Aborting.
>
> For reference, the last two APDU exchanges are:
> APDU: 00 22 41 B6 06 84 01 91 80 01 12
> SW: 90 00
> APDU: 00 2A 90 81 14 29 B0 E7 87 82 71 64 5F FF B7 EE
C7 DB 4A 74 73 A1 C0 0B C1
> SW: 6D 00
>
> I'm confused, because the last command is described
exactly in that
> format (00 2A 90 81 14 data) in the Starcos SPK 2.3
manual (on page
> 55 as PUT HASH), so the "Instruction code not
supported" answer seems
> to be a bit off.
>
> Any hints? Is this an error in opensc or in the card?
did you test other card readers etc. ?
Btw: I currently have similar strange problems with my
starcos card.
Cheers,
Nils
_______________________________________________
opensc-devel mailing list
opensc-devel lists.opensc-project.org
http://www.opensc-project.org/mailman/listinfo/opensc
-devel
|