Peter Popovec

I see that this time it crashed on keygen.... (public key can not be exported from card)... I'll guess, it would crash during the unwrap operation too. I'm afraid that...

I don't have a final solution, but at least a hint: I have applied this PR to master (fa2eab861714a64371a3e2317e096862f1d9e4c8). If cache is cleared (`pkcs15-tool --clear-cache`) after commands: - pkcs15-init --store-private-key...

I looked at the cache implementation. Since any write to card does not pass through the cache, respectively, the cache is not invalidated if there was a write to the...

The problem is that the timestamp (in EF.tokeninfo) is not updated atomically. Maybe we have a new version of the file written on the card, but EF.tokeninfo is not yet...

Thanks for the hint about using `sc_card_ctl`. I would not like to mix the technical value "change counter" with the software-generated date in EF.Tokeninfo. In addition, the value in EF.Tokeninfo...

> Could it be that we forgot to call sc_pkcs15init_update_lastupdate() somewhere in the PKCS#11 layer? I will look at the relevant code, maybe I manage to find another solution (by...

In `sc_pkcs15_get_lastupdate()` is implemented the caching of information from the EF.Tokeninfo file. Even if I block this code, the file cache does not work properly: `````diff --git a/src/libopensc/pkcs15.c b/src/libopensc/pkcs15.c index...

The problem is that we cannot determine when the cache should be invalidated. As mentioned above, the card driver can change something on the card without notifying us in any...

In principle, there is no possibility to back up a "safe" token/card. If the card/token works really securely, the private key can never leave the token/card. Some of the tokens/cards...

Can you try adding another PIN to the card? ````` pkcs15-init --store-pin --auth-id 2 --label "Smartcard PIN2" `````