number of supported mechanisms: 2
rsa-pkcs: unwrap, wrap
sha1-rsa-pkcs: unwrap, wrap, genereate-key-pair, generate, verify-recover, verify, sign-recover, sign, decrypt, encrypt
This part show the the card is broken and lies though it teeth.
cert: 0 (have private key)
issuer: "OU=CA,OU=Kansas City Plant,OU=Department of Energy,O=U.S. Government,C=US"
subject: "2.5.4.5=u60267+CN=Michael B. Alexander,OU=local,OU=person,OU=Kansas City Plant,OU=Department of Energy,O=U.S. Government,C=US"
cert: 1 (have private key)
issuer: "OU=CA,OU=Kansas City Plant,OU=Department of Energy,O=U.S. Government,C=US"
subject: "2.5.4.5=u60267+CN=Michael B. Alexander,OU=local,OU=person,OU=Kansas City Plant,OU=Department of Energy,O=U.S. Government,C=US"
And here it the real problem, you have two cert/public key/private key triplets on the card and the code that is supposed to select the signing certificate somehow failes to do the right thing, it chooses the encryption only cert/key, and after that, everything goes bad.
Neat to see that multivalue rdn printing code works....
Love
|