Download
Browse source Changelog
Documentation
Project   Known bugs   TODO Protocols   CA bundle   HTTP Cookies   HTTP/2   SSL Certs Releases   Version numbers curl tool   man page   Tutorial   HTTP scripting Who and Why
libcurl
API Bindings Competitors Examples Features Mailing list Related libs Using libcurl Tutorial Testimonials
Get Help
curl-library curl-users curl-announce curl-commits Etiquette
Development
Autobuilds Code Style Contribute Internals Release Notes Release Procedure Roadmap Run Tests Security Specifications Test curl
News
Changelog Release table
cURL / Mailing Lists / curl-library / Single Mail

curl-library

RE: SSLv3 mutual authentication using libcurl and smart card

From: Tiago dos Santos Gomes <tiago.gomes_at_telematica.com.br>
Date: Tue, 4 Oct 2016 18:42:03 +0000

Hi David

I had some progress in the development of the module, but I have now other issues.
I compiled a simple pkcs11 module, following the specification that you indicated me. For now, it only implements some basic functions for testing. Using the command "$ pkcs11-tool --module /pathToMyPkcs11.so -I", I get the expected return of C_GetInfo.

> $ Mkdir /tmp/softhsm
> $ Echo "directories.tokendir = /tmp/softhsm"> softhsm2.conf
> $ Export SOFTHSM2_CONF = `pwd` /softhsm2.conf
> $ Softhsm2-util---init token --slot 0 --label test --pin 1234 --so-pin 12345678
> The token Has Been initialized.
> $ Softhsm2-util --import key.pem --slot 0 --label mykey --id 01 --pin 1234
> The key pair Has Been imported

The above commands worked. With a single difference: Since I have no access to private key on the card, I created one for test using

$ openssl genpkey -algorithm RSA -out key.pem -pkeyopt rsa_keygen_bits 2048

Now, the problems.

The command
$ p11tool --list-privkeys' pkcs11: token= test; pin-value = 1234 '--login
returns "No matching objects found".

 Then, I tried
$ p11tool --list-tokens
It returns no references to the created token

I installed softhsm package (and softhsm2 too), but the file /usr/share/p11-kit/modules/softhsm.module was not created. I tried removing and reinstalling, but it did not work. In the modules folder, I only have gnome-keyring.module and p11-kit-trust.module.

Some detailed information about my development system that may be relevant:

Ubuntu 15.10
Kernel 4.2.0-42-generic

$ Curl --engine list
Build-time engines:
  <None>

$ Openssl engine
(Rdrand) Intel RDRAND engine
(Dynamic) Dynamic engine loading support

$ Curl --version
curl 7.43.0 (i686-pc-linux-gnu) libcurl / 7.43.0 GnuTLS / 3.3.15 zlib / 1.2.8 libidn / 1:28 librtmp / 2.3
Protocols: dict file ftp ftps https gopher http imap ldap imaps ldaps pop3 pop3s rtsp rtmp smb smbs smtp smtps telnet tftp
Features: AsynchDNS IDN IPv6 Largefile Kerberos GSS-API SPNEGO NTLM NTLM_WB libz SSL TLS-SRP UnixSockets

$ openssl version
OpenSSL 1.0.2d 9 Jul 2015

Is there something wrong or missing in my system configuration?

Thanks for the help

Best Regards,
Tiago Gomes

-------------------------------------------------------------------
List admin: https://cool.haxx.se/list/listinfo/curl-library
Etiquette: https://curl.haxx.se/mail/etiquette.html
Received on 2016-10-04