On 12/03/2016 01:50 PM, Nathaniel McCallum wrote:
So apparently yubico-piv-tool ships $libdir/libykpkcs11.so*, but this
doesn't get picked up by p11-kit by default. I suspect it has gone
unnoticed largely because for most crucial operations the opensc
module also works with Yubikeys. However, this is not true for all
operations (in particular, in my case, key creation).
How can we make this happen? Is there some intentional reason Yubico's
PKCS#11 module has been excluded?
Hello,
In case of the modules accessing the same hardware tokens, there is a
problem that they shows up more times while listed by p11-kit. We had
similar problem with opensc && coolkey once both of them worked with PIV
cards.
Ideal solution would be to implement the PIV key creation in OpenSC
(what exactly does not work with which yubikey?). We can't use only
yubico module, since PIV is not only the yubico one.
Adding Nikos to CC, since he can also add some insight.
Regards,
--
Jakub Jelen
Software Engineer
Security Technologies
Red Hat
_______________________________________________
devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx