Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Investigate why opcard shows up as two pkcs11 tokens #119

Open
sosthene-nitrokey opened this issue Feb 15, 2023 · 3 comments
Open

Investigate why opcard shows up as two pkcs11 tokens #119

sosthene-nitrokey opened this issue Feb 15, 2023 · 3 comments

Comments

@sosthene-nitrokey
Copy link
Collaborator

No description provided.

@szszszsz
Copy link
Member

It's the normal state in OpenSC for the OpenPGP cards, unless do you mean something else?

@sosthene-nitrokey
Copy link
Collaborator Author

Not with all keys, for example it doesn't on a Yubikey 5. It does make sense to me that it would show up as 2 tokens but I don't really understand why it wouldn't on other keys.

@saper
Copy link

saper commented Jan 29, 2024

Can you run pkcs11-tool -T on Yubikey with the following system-wide opensc.conf and then dump /tmp/opensc-debug.log somewhere?

app default {
  debug = 9;
  debug_file = /tmp/opensc-debug.log;
}

Reading the code, there should be always two slots for the OpenPGP cards. This is for compatibility with OpenPGP v1 which had separate encryption and signing PINs. I think this could be simplified in OpenSC, though. But I don't know why Yubikey is not affected. Maybe only PIV slot is visible and not OpenPGP? I don't have one, so I don't know.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@saper @szszszsz @sosthene-nitrokey