I did not have the PROMPT setup for
the password input before; that for sure affected the result, so my fault.
Running that (with my pass parameter set) does yield some results.
$ hxtool print --pass=PROMPT --info PKCS11:/usr/lib/pkcs11-spy.so PIN code for ActivCard USB Reader 2.0 (60102D27) 00
00: ( Wrap Unwrap ) ( Encrypt Decrypt Sign SigRecov Verify VerRecov Generate
KeyPair Wrap Unwrap ) pkcs11 driver with 1 slot slot 0: id: 1 name: ActivCard USB Reader 2.0 (60102D27)
00 00 flags: 00000006 number of supported mechanisms: 2 rsa-pkcs: unwrap, wrap sha1-rsa-pkcs: unwrap, wrap, genereate-key-pair,
generate, verify-recover, verify, sign-recover, sign, decrypt, encrypt cert: 0 (have private key) issuer: "OU=CA,OU=Kansas
City Plant,OU=Department of Energy,O=U.S. Government,C=US" subject: "2.5.4.5=u60267+CN=Michael
B. Alexander,OU=local,OU=person,OU=Kansas City Plant,OU=Department of Energy,O=U.S.
Government,C=US" cert: 1 (have private key) issuer: "OU=CA,OU=Kansas
City Plant,OU=Department of Energy,O=U.S. Government,C=US" subject: "2.5.4.5=u60267+CN=Michael
B. Alexander,OU=local,OU=person,OU=Kansas City Plant,OU=Department of Energy,O=U.S.
Government,C=US"
I ran the hxtool (thanks for adding
that), but didn't see the results as in Love's output. I'll give
it the old college try to see if I can debug more with the ActivIdentity
P11 module.
$ hxtool print --info PKCS11:/usr/local/acgold/lib/libpkcs11.so
hxtool: hx509_certs_init: Failed to get session PKCS11 slot 0
Ok, so I write error message like a, well, something.
Here is a patch that will make
it return something more interesting