Doug Engert

@maciejsszmigiero as author of the multiple pin support in OpenSC minidriver in bd9cdd243d could you comment on https://github.com/OpenSC/OpenSC/issues/3159#issuecomment-2140646902) Is PIN_CACHE_POLICY_TYPE PinCacheAlwaysPrompt the way to do this, and could this be...

@ckahlo have a look at #3167 which has a potential fix. If you want to use the same MSI files I used which can be found by looking at #3167...

@frankmorgner @maciejsszmigiero Thanks for the comments. As noted in comment in the code: https://github.com/OpenSC/OpenSC/pull/3167/commits/15b00bf6ac7ea25a7b5df6457affd55a7c33cc37#diff-0472a0d91e9f422e4d90a09074f95d9edf67b14a2df432fcb3aacca29b9a3b39R6482 that setting `PinCacheAlwaysPrompt` for every `user_sign` pin needs to be checked. I was waiting for @ckahlo...

This sounds like #3159 and #3167 because the keys are set at https://github.com/OpenSC/OpenSC/blob/master/src/libopensc/pkcs15-jpki.c#L168 The PKCS15 user_consent = 1 is the equivalent of PKCS11 CKA_ALWAYS_AUTHNETICATE. What is output of `pkcs15-tool --list-pins`...

@ckahlo Please have a look at #3167 Minidriver now works with PIV 9C key. It still need some cleanup.

I think this is what you are seeing: If you switch between using the OpenSC mindriver and either the vendor or Microsoft minidriver, you need to remove any certificates in...

Easiest way I have found is to use Control Panel -> internet Options -> Content -> Certificates -> Personal. Then find the ones you want, then press Remove. When switching...

Here is what I think is going on. From the `opensc_debug.txt` you have 2 certs. "X.509 Certificate for Key Management" (Yey 9D) has: ``` X509v3 Key Usage: critical Digital Signature,...

@frankmorgner https://github.com/OpenSC/OpenSC/commit/67ea96d18b may be the problem, (2016-08-15 follows 0.16.0) The lines with the comment `/* extra */` in: https://github.com/OpenSC/OpenSC/blame/master/src/libopensc/pkcs15-piv.c#L852C3-L870 should be modified. These lines set any RSA key with `Digital...

OpenSC PKCS15 commands will work, but OpenSC PKCS11 is not complete in this area. See #3090 and the post from yesterday on this very subject: https://github.com/OpenSC/OpenSC/pull/3090#issuecomment-2516024138