Id Prime md 840/841 Smart Card - PKCS#11 GenerateKeyPair() errors | Telit Cinterion IoT Developer Community
April 25, 2018 - 2:24pm, 5126 views
Hello,
I'am testing your IDPrime 840(Applet ver: Id Prime Java Card 4.1.2 F) and 841(Applet ver: Id Prime Java Card 4.0.2 K) smart cards. I received the information that in order to generate keys (for example RSA) or use the remaining crypto possibilities of the card, I should use the PKCS # 11 libraries. I want to generate pair of RSA keys.
My application does the following steps:
1. Initializes the Cryptoki library
2. Defines the mechanism CKM_RSA_PKCS_KEY_PAIR_GEN and opens the slot (with checking the two flags: flags: 65537 = CKF_HW | CKF_GENERATE_KEY_PAIR)
3. Opens the session for the smart card (in CKF_SERIAL_SESSION mode)
4. Logs in to the card with pin (C_Login function)
After correctly completing the above steps, it uses the C_GenerateKeyPair () function that returns the error depending on the value of the CKA_TOKEN attribute.. When the CKA_TOKEN attribute is set to false in the public and private key template, we get the response CKR_ATTRIBUTE_VALUE_INVALID (0x00000013), if the parameter CKA_TOKEN is set to true program return error CKR_SESSION_READ_ONLY (0x000000B5).
If the session is started in the CKF_RW_SESSION mode, the GenerateKeyPair () function will return the error CKR_SESSION_PARALLEL_NOT_SUPPORTED (0x000000B4).
Why is it not possible to generate the aforementioned RSA key pair and what are the possibilities to repair these errors?
Regards,
MB
Hi MB,
This forum is dedicated for M2M modules in general, but we will try to find any hint for you.
Best regards,
Michał
Hi Michał,
thanks for your reply., any hint will by helpfull.
Best regards,
Marcin B.
Hi Marcin,
Id Prime products belong to Gemalto's Safenet products. For support, see:
https://supportportal.gemalto.com/csm/ and
https://safenet.gemalto.com/technical-support/
Best regards,
Antero Markkula
Antero Markkula
Communication and Mechatronics
Enkom Active Oy – www.enkom-active.fi
Upseerinkatu 3 A, 02600 Espoo, Finland
Mobile: +358 400 411368
Office: +358 10 204 0000
Fax: +358 10 204 0010
E-mail: antero.markkula@enkom-active.fi