Doug Engert
Doug Engert
As pointed out, PKCS11 imports keys as two C_CreateObject calls, one for public key and one for private key, and could be in any order. But some tokens can only...
> Note that for all the current classic algorithms (ECC, RSA, DSA) and the future PQ algorithms (ML-DSA, SLH-DSA) the public key can always be computed from the private key....
An update on the 5 options and the 6th one too. > 6. OpenSC computes the public key and stores it together with the private key. If the PKCS#11 application...
#3258 is using EC key with "Digital Signature, Key Encipherment" EC does not support Key Encipherment but rather "Key Agreement" using ECDH. Best practices are to use two keys rather...
The "national trusted service provider" must have a way to use their certs on Windows. "For desktop computers and laptops, Microsoft Windows has 73%, followed by Apple's macOS at 15%,...
So this was never an OpenSC problem, All the OpenSC entries look like this: ```` Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Calais\SmartCards\CardOS v5.3 (c)] "Crypto Provider"="Microsoft Base Smart Card Crypto Provider"...
This may have some to do with OpenSC "CSP" , vs OpenSC "KSP" Look in registry: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Calais\SmartCards and HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Calais\SmartCards You should see something like: [OpenSC.example.reg.txt](https://github.com/user-attachments/files/18774603/OpenSC.example.reg.txt) `"Crypto Provider"="Microsoft Base Smart Card...
@CardContact please have a look at this issue. @alex-nitrokey The ATR is supported by OpenSC and should show up in the registry entries under SmartCard-HSM. But you say in the...
https://support.nitrokey.com/t/pkcs11-register-open-cmd-windows/6389 explains some things: "The Nitrokey HSM is actually a Nitrokey Smart Card Reader with a SmartCard-HSM SIM card inserted." But does not say anything about " SmartCard-HSM4K FATR" Suggest...
The sc-hsm-starterkit is installing its own code and minidriver. Did the sc-hsm-starterkit install registry entries in 64 bit part of registry? (ie with the WOW642Node which is for 32 applications)...