[gnutls-help] GnuTLS always 'scans' all usb tokens
Mandar Joshi
emailmandar at gmail.com
Sat Mar 11 12:24:24 CET 2017
> export PKCS11SPY=/usr/lib/.../opensc-pkcs11.so
> p11tool --provider /usr/lib/.../pkcs11-spy.so --export "a_cert_url"
> ```
I have attached the output. Please have a look.
Thanks
Mandar Joshi
-------------- next part --------------
$ p11tool --provider /usr/lib64/pkcs11-spy.so --export "pkcs11:model=PKCS%2315;manufacturer=EnterSafe;serial=2123110000050003;token=Company1SView2%20%28User%20PIN%29;id=%7c%d2%88%1a%23%88%9e%65%e3%ad%35%21%0d%4c%e8%77%2e%db%3b%38;object=CACertificate;type=cert"
*************** OpenSC PKCS#11 spy *****************
Loaded: "/usr/lib64/opensc-pkcs11.so"
0: C_GetFunctionList
2017-03-11 16:49:44.709
Returned: 0 CKR_OK
1: C_Initialize
2017-03-11 16:49:44.709
[in] pInitArgs = 0x563714387a10
flags: 2
CKF_OS_LOCKING_OK
Returned: 0 CKR_OK
2: C_GetInfo
2017-03-11 16:49:50.670
[out] pInfo:
cryptokiVersion: 2.20
manufacturerID: 'OpenSC Project '
flags: 0
libraryDescription: 'OpenSC smartcard framework '
libraryVersion: 0.16
Returned: 0 CKR_OK
3: C_GetSlotList
2017-03-11 16:49:50.670
[in] tokenPresent = 0x1
[out] pSlotList:
Slot 0
Slot 4
[out] *pulCount = 0x2
Returned: 0 CKR_OK
4: C_GetTokenInfo
2017-03-11 16:49:50.670
[in] slotID = 0x0
[out] pInfo:
label: 'Company1Sca (User PIN) '
manufacturerID: 'EnterSafe '
model: 'PKCS#15 '
serialNumber: '21231F4080048019'
ulMaxSessionCount: 0
ulSessionCount: 0
ulMaxRwSessionCount: 0
ulRwSessionCount: 0
ulMaxPinLen: 16
ulMinPinLen: 4
ulTotalPublicMemory: -1
ulFreePublicMemory: -1
ulTotalPrivateMemory: -1
ulFreePrivateMemory: -1
hardwareVersion: 0.0
firmwareVersion: 0.0
time: ' '
flags: 40d
CKF_RNG
CKF_LOGIN_REQUIRED
CKF_USER_PIN_INITIALIZED
CKF_TOKEN_INITIALIZED
Returned: 0 CKR_OK
5: C_GetSlotInfo
2017-03-11 16:49:50.689
[in] slotID = 0x0
[out] pInfo:
slotDescription: 'FT ePass2003Auto 00 00 '
' '
manufacturerID: 'FT '
hardwareVersion: 50.2
firmwareVersion: 0.0
flags: 7
CKF_TOKEN_PRESENT
CKF_REMOVABLE_DEVICE
CKF_HW_SLOT
Returned: 0 CKR_OK
6: C_GetTokenInfo
2017-03-11 16:49:50.690
[in] slotID = 0x4
[out] pInfo:
label: 'Company1SView2 (User PIN) '
manufacturerID: 'EnterSafe '
model: 'PKCS#15 '
serialNumber: '2123110000050003'
ulMaxSessionCount: 0
ulSessionCount: 0
ulMaxRwSessionCount: 0
ulRwSessionCount: 0
ulMaxPinLen: 16
ulMinPinLen: 4
ulTotalPublicMemory: -1
ulFreePublicMemory: -1
ulTotalPrivateMemory: -1
ulFreePrivateMemory: -1
hardwareVersion: 0.0
firmwareVersion: 0.0
time: ' '
flags: 40d
CKF_RNG
CKF_LOGIN_REQUIRED
CKF_USER_PIN_INITIALIZED
CKF_TOKEN_INITIALIZED
Returned: 0 CKR_OK
7: C_GetSlotInfo
2017-03-11 16:49:50.706
[in] slotID = 0x4
[out] pInfo:
slotDescription: 'FT ePass2003Auto 01 00 '
' '
manufacturerID: 'FT '
hardwareVersion: 50.2
firmwareVersion: 0.0
flags: 7
CKF_TOKEN_PRESENT
CKF_REMOVABLE_DEVICE
CKF_HW_SLOT
Returned: 0 CKR_OK
8: C_OpenSession
2017-03-11 16:49:50.707
[in] slotID = 0x4
[in] flags = 0x4
pApplication=(nil)
Notify=(nil)
[out] *phSession = 0x5637143b1350
Returned: 0 CKR_OK
9: C_FindObjectsInit
2017-03-11 16:49:50.707
[in] hSession = 0x5637143b1350
[in] pTemplate[4]:
CKA_ID 00005637143b1b20 / 20
00000000 7C D2 88 1A 23 88 9E 65 E3 AD 35 21 0D 4C E8 77 |...#..e..5!.L.w
00000010 2E DB 3B 38 ..;8
CKA_LABEL 00005637143b1b00 / 13
43414365 72746966 69636174 65
C A C e r t i f i c a t e
CKA_CLASS CKO_CERTIFICATE
CKA_CERTIFICATE_TYPE CKC_X_509
Returned: 0 CKR_OK
10: C_FindObjects
2017-03-11 16:49:50.707
[in] hSession = 0x5637143b1350
[in] ulMaxObjectCount = 0x1
[out] ulObjectCount = 0x1
Object 0x5637143af5e0 matches
Returned: 0 CKR_OK
11: C_GetAttributeValue
2017-03-11 16:49:50.707
[in] hSession = 0x5637143b1350
[in] hObject = 0x5637143af5e0
[in] pTemplate[1]:
CKA_WRAP 00007ffc16e01cce / 1
[out] pTemplate[1]:
CKA_WRAP 00007ffc16e01cce / -1
Returned: 18 CKR_ATTRIBUTE_TYPE_INVALID
12: C_GetAttributeValue
2017-03-11 16:49:50.707
[in] hSession = 0x5637143b1350
[in] hObject = 0x5637143af5e0
[in] pTemplate[1]:
CKA_UNWRAP 00007ffc16e01cce / 1
[out] pTemplate[1]:
CKA_UNWRAP 00007ffc16e01cce / -1
Returned: 18 CKR_ATTRIBUTE_TYPE_INVALID
13: C_GetAttributeValue
2017-03-11 16:49:50.707
[in] hSession = 0x5637143b1350
[in] hObject = 0x5637143af5e0
[in] pTemplate[1]:
CKA_PRIVATE 00007ffc16e01cce / 1
[out] pTemplate[1]:
CKA_PRIVATE False
Returned: 0 CKR_OK
14: C_GetAttributeValue
2017-03-11 16:49:50.707
[in] hSession = 0x5637143b1350
[in] hObject = 0x5637143af5e0
[in] pTemplate[1]:
CKA_TRUSTED 00007ffc16e01cce / 1
[out] pTemplate[1]:
CKA_TRUSTED 00007ffc16e01cce / 1
00000000 00 .
Returned: 0 CKR_OK
15: C_GetAttributeValue
2017-03-11 16:49:50.707
[in] hSession = 0x5637143b1350
[in] hObject = 0x5637143af5e0
[in] pTemplate[1]:
CKA_SENSITIVE 00007ffc16e01cce / 1
[out] pTemplate[1]:
CKA_SENSITIVE 00007ffc16e01cce / -1
Returned: 18 CKR_ATTRIBUTE_TYPE_INVALID
16: C_GetAttributeValue
2017-03-11 16:49:50.707
[in] hSession = 0x5637143b1350
[in] hObject = 0x5637143af5e0
[in] pTemplate[1]:
CKA_EXTRACTABLE 00007ffc16e01cce / 1
[out] pTemplate[1]:
CKA_EXTRACTABLE 00007ffc16e01cce / -1
Returned: 18 CKR_ATTRIBUTE_TYPE_INVALID
17: C_GetAttributeValue
2017-03-11 16:49:50.707
[in] hSession = 0x5637143b1350
[in] hObject = 0x5637143af5e0
[in] pTemplate[1]:
CKA_NEVER_EXTRACTABLE 00007ffc16e01cce / 1
[out] pTemplate[1]:
CKA_NEVER_EXTRACTABLE 00007ffc16e01cce / -1
Returned: 18 CKR_ATTRIBUTE_TYPE_INVALID
18: C_GetAttributeValue
2017-03-11 16:49:50.707
[in] hSession = 0x5637143b1350
[in] hObject = 0x5637143af5e0
[in] pTemplate[1]:
CKA_CERTIFICATE_CATEGORY 00007ffc16e01cd0 / 8
[out] pTemplate[1]:
CKA_CERTIFICATE_CATEGORY 00007ffc16e01cd0 / -1
Returned: 18 CKR_ATTRIBUTE_TYPE_INVALID
19: C_GetAttributeValue
2017-03-11 16:49:50.707
[in] hSession = 0x5637143b1350
[in] hObject = 0x5637143af5e0
[in] pTemplate[1]:
CKA_ALWAYS_AUTHENTICATE 00007ffc16e01cce / 1
[out] pTemplate[1]:
CKA_ALWAYS_AUTHENTICATE 00007ffc16e01cce / -1
Returned: 18 CKR_ATTRIBUTE_TYPE_INVALID
20: C_GetAttributeValue
2017-03-11 16:49:50.707
[in] hSession = 0x5637143b1350
[in] hObject = 0x5637143af5e0
[in] pTemplate[1]:
CKA_LABEL 00007ffc16e01dd0 / 128
[out] pTemplate[1]:
CKA_LABEL 00007ffc16e01dd0 / 13
43414365 72746966 69636174 65
C A C e r t i f i c a t e
Returned: 0 CKR_OK
21: C_GetAttributeValue
2017-03-11 16:49:50.707
[in] hSession = 0x5637143b1350
[in] hObject = 0x5637143af5e0
[in] pTemplate[1]:
CKA_ID 00007ffc16e01e50 / 128
[out] pTemplate[1]:
CKA_ID 00007ffc16e01e50 / 20
00000000 7C D2 88 1A 23 88 9E 65 E3 AD 35 21 0D 4C E8 77 |...#..e..5!.L.w
00000010 2E DB 3B 38 ..;8
Returned: 0 CKR_OK
22: C_GetAttributeValue
2017-03-11 16:49:50.707
[in] hSession = 0x5637143b1350
[in] hObject = 0x5637143af5e0
[in] pTemplate[1]:
CKA_VALUE 0000000000000000 / 0
[out] pTemplate[1]:
CKA_VALUE 0000000000000000 / 506
Returned: 0 CKR_OK
23: C_GetAttributeValue
2017-03-11 16:49:50.707
[in] hSession = 0x5637143b1350
[in] hObject = 0x5637143af5e0
[in] pTemplate[1]:
CKA_VALUE 00005637143b1dd0 / 506
[out] pTemplate[1]:
CKA_VALUE 00005637143b1dd0 / 506
00000000 30 82 01 F6 30 82 01 5F A0 03 02 01 02 02 0C 58 0...0.._.......X
00000010 8C 12 3D 13 C5 4C 4D 27 D7 9C F5 30 0D 06 09 2A ..=..LM'...0...*
00000020 86 48 86 F7 0D 01 01 0B 05 00 30 19 31 17 30 15 .H........0.1.0.
00000030 06 03 55 04 03 13 0E 47 6E 75 54 4C 53 20 74 65 ..U....GnuTLS te
00000040 73 74 20 43 41 30 1E 17 0D 31 37 30 31 32 38 30 st CA0...1701280
00000050 33 33 38 33 37 5A 17 0D 31 38 30 31 32 38 30 33 33837Z..18012803
00000060 33 38 33 37 5A 30 19 31 17 30 15 06 03 55 04 03 3837Z0.1.0...U..
00000070 13 0E 47 6E 75 54 4C 53 20 74 65 73 74 20 43 41 ..GnuTLS test CA
00000080 30 81 9F 30 0D 06 09 2A 86 48 86 F7 0D 01 01 01 0..0...*.H......
00000090 05 00 03 81 8D 00 30 81 89 02 81 81 00 D0 E9 3C ......0........<
000000A0 8E 73 76 DA 67 FA 30 39 EE 04 35 0F 5E C5 94 F1 .sv.g.09..5.^...
000000B0 DE 6A 72 AF 86 58 55 97 D3 70 4E 6B 79 19 90 C7 .jr..XU..pNky...
000000C0 C9 5D 8B E9 03 76 C1 A8 C4 A9 DE 64 A0 8D 06 D7 .]...v.....d....
000000D0 53 6D 11 92 11 D0 F6 53 84 6F 9D 8F 0A CA 55 53 Sm.....S.o....US
000000E0 75 4A 51 1C 00 CD 49 23 63 71 2B B0 8F 79 51 67 uJQ...I#cq+..yQg
000000F0 51 E8 14 51 9A 0F 8E 00 70 E4 86 03 31 B8 83 6E Q..Q....p...1..n
00000100 74 BC E4 E1 6D 48 C6 6D 0B 81 EB F7 4D D0 22 AA t...mH.m....M.".
00000110 D0 C5 2A 8A ED A0 66 5A BF 31 DE 22 E7 02 03 01 ..*...fZ.1."....
00000120 00 01 A3 43 30 41 30 0F 06 03 55 1D 13 01 01 FF ...C0A0...U.....
00000130 04 05 30 03 01 01 FF 30 0F 06 03 55 1D 0F 01 01 ..0....0...U....
00000140 FF 04 05 03 03 07 04 00 30 1D 06 03 55 1D 0E 04 ........0...U...
00000150 16 04 14 7C D2 88 1A 23 88 9E 65 E3 AD 35 21 0D ...|...#..e..5!.
00000160 4C E8 77 2E DB 3B 38 30 0D 06 09 2A 86 48 86 F7 L.w..;80...*.H..
00000170 0D 01 01 0B 05 00 03 81 81 00 AB A1 5E 65 2D A4 ............^e-.
00000180 CC A6 02 3E F8 6B 43 85 CD 30 26 B4 4B FC 90 7D ...>.kC..0&.K..}
00000190 E9 FE CD 8F 5A 92 1D 49 7F 4D 33 AE 92 05 90 EB ....Z..IM3.....
000001A0 8A C6 22 91 2D 9C F0 BC 0B 3B A8 D2 0F 01 FD 71 ..".-....;.....q
000001B0 06 5E 1A EC 75 61 12 CB 86 25 26 6C 01 19 09 A8 .^..ua...%&l....
000001C0 DF E3 91 9A 86 18 F8 78 B5 2F DB 93 5B 71 9A EC .......x./..[q..
000001D0 A8 66 53 64 A4 E5 C5 E8 E0 DF 45 4A 1B CF 0E BA .fSd......EJ....
000001E0 7E 40 F9 A4 68 AC B3 D3 6E C6 CC 47 BC 54 57 8A ~@..h...n..G.TW.
000001F0 B5 E8 39 87 E1 2A 8A 45 4B 85 ..9..*.EK.
Returned: 0 CKR_OK
24: C_FindObjectsFinal
2017-03-11 16:49:50.707
[in] hSession = 0x5637143b1350
Returned: 0 CKR_OK
25: C_CloseSession
2017-03-11 16:49:50.707
[in] hSession = 0x5637143b1350
Returned: 0 CKR_OK
-----BEGIN CERTIFICATE-----
MIIB9jCCAV+gAwIBAgIMWIwSPRPFTE0n15z1MA0GCSqGSIb3DQEBCwUAMBkxFzAV
BgNVBAMTDkdudVRMUyB0ZXN0IENBMB4XDTE3MDEyODAzMzgzN1oXDTE4MDEyODAz
MzgzN1owGTEXMBUGA1UEAxMOR251VExTIHRlc3QgQ0EwgZ8wDQYJKoZIhvcNAQEB
BQADgY0AMIGJAoGBANDpPI5zdtpn+jA57gQ1D17FlPHeanKvhlhVl9NwTmt5GZDH
yV2L6QN2wajEqd5koI0G11NtEZIR0PZThG+djwrKVVN1SlEcAM1JI2NxK7CPeVFn
UegUUZoPjgBw5IYDMbiDbnS85OFtSMZtC4Hr903QIqrQxSqK7aBmWr8x3iLnAgMB
AAGjQzBBMA8GA1UdEwEB/wQFMAMBAf8wDwYDVR0PAQH/BAUDAwcEADAdBgNVHQ4E
FgQUfNKIGiOInmXjrTUhDUzody7bOzgwDQYJKoZIhvcNAQELBQADgYEAq6FeZS2k
zKYCPvhrQ4XNMCa0S/yQfen+zY9akh1Jf00zrpIFkOuKxiKRLZzwvAs7qNIPAf1x
Bl4a7HVhEsuGJSZsARkJqN/jkZqGGPh4tS/bk1txmuyoZlNkpOXF6ODfRUobzw66
fkD5pGiss9NuxsxHvFRXirXoOYfhKopFS4U=
-----END CERTIFICATE-----
26: C_Finalize
2017-03-11 16:49:50.707
Returned: 0 CKR_OK
More information about the Gnutls-help
mailing list