Just did a quick test on my machine running OpenSC 0.14:
asc@calzone:~/tmp/ecctest$ sc-hsm-tool Using reader with a card: SCM SCR 3310 [CCID Interface] (21120843305113) 00 00 Version : 1.2 User PIN tries left : 3
asc@calzone:~/tmp/ecctest$ pkcs11-tool --module /usr/local/lib/opensc-pkcs11.so -l --pin 648219 --keypairgen --key-type EC:prime256v1 --id 12 --label defaultkey --read-object --type pubkey --output-file pubkey.spki Using slot 0 with a present token (0x0) Key pair generated: Private Key Object; EC label: defaultkey ID: 12 Usage: decrypt, sign, unwrap Public Key Object; EC EC_POINT 256 bits EC_POINT: 0441044e68fd16a81555c2bf448d25b767572c398ac9706298c748d9bd3c88557bb161bef155491140fdc2541c5f032d73abcedd4b6540021b615c2467bbf9bf04c5b8 EC_PARAMS: 06082a8648ce3d030107 label: defaultkey ID: 12 Usage: encrypt, verify, wrap
asc@calzone:~/tmp/ecctest$ hexdump pubkey.spki 0000000 4104 4e04 fd68 a816 5515 bfc2 8d44 b725 0000010 5767 392c c98a 6270 c798 d948 3cbd 5588 0000020 b17b be61 55f1 1149 fd40 54c2 5f1c 2d03 0000030 ab73 ddce 654b 0240 611b 245c bb67 bff9 0000040 c504 00b8 0000043
asc@calzone:~/tmp/ecctest$ pkcs15-tool -D Using reader with a card: SCM SCR 3310 [CCID Interface] (21120843305113) 00 00 PKCS#15 Card [SmartCard-HSM]: Version : 0 Serial number : UTCC0200013 Manufacturer ID: www.CardContact.de Flags :
PIN [UserPIN] Object Flags : [0x3], private, modifiable ID : 01 Flags : [0x81A], local, unblock-disabled, initialized, exchangeRefData Length : min_len:6, max_len:15, stored_len:0 Pad char : 0x00 Reference : 129 (0x81) Type : ascii-numeric Tries left : 3
PIN [SOPIN] Object Flags : [0x1], private ID : 02 Flags : [0x9E], local, change-disabled, unblock-disabled, initialized, soPin Length : min_len:16, max_len:16, stored_len:0 Pad char : 0x00 Reference : 136 (0x88) Type : bcd Tries left : 3
Private EC Key [defaultkey] Object Flags : [0x3], private, modifiable Usage : [0x2E], decrypt, sign, signRecover, unwrap Access Flags : [0x1D], sensitive, alwaysSensitive, neverExtract, local FieldLength : 256 Key ref : 1 (0x1) Native : yes Path : e82b0601040181c31f0201:: Auth ID : 01 ID : 12 MD:guid : {c9124f38-8e0d-1816-0118-a550fc95f66e} :cmap flags : 0x0 :sign : 0 :key-exchange: 0
Public EC Key [defaultkey] Object Flags : [0x0] Usage : [0x0] Access Flags : [0x2], extract FieldLength : 256 Key ref : 0 (0x0) Native : no ID : 12 DirectValue : <present>
asc@calzone:~/tmp/ecctest$ pkcs11-tool --module /usr/local/lib/opensc-pkcs11.so --login --pin 648219 -O Using slot 0 with a present token (0x0) Private Key Object; EC label: defaultkey ID: 12 Usage: decrypt, sign, unwrap Public Key Object; EC EC_POINT 256 bits EC_POINT: 0441044e68fd16a81555c2bf448d25b767572c398ac9706298c748d9bd3c88557bb161bef155491140fdc2541c5f032d73abcedd4b6540021b615c2467bbf9bf04c5b8 EC_PARAMS: 06082a8648ce3d030107 label: defaultkey ID: 12 Usage: none
Just did a quick test on my machine running OpenSC 0.14:
asc@calzone: ~/tmp/ecctest$ sc-hsm-tool
Using reader with a card: SCM SCR 3310 [CCID Interface] (21120843305113) 00 00
Version : 1.2
User PIN tries left : 3
asc@calzone: ~/tmp/ecctest$ pkcs11-tool --module /usr/local/ lib/opensc- pkcs11. so -l --pin 648219 --keypairgen --key-type EC:prime256v1 --id 12 --label defaultkey --read-object --type pubkey --output-file pubkey.spki 81555c2bf448d25 b767572c398ac97 06298c748d9bd3c 88557bb161bef15 5491140fdc2541c 5f032d73abcedd4 b6540021b615c24 67bbf9bf04c5b8 30107
Using slot 0 with a present token (0x0)
Key pair generated:
Private Key Object; EC
label: defaultkey
ID: 12
Usage: decrypt, sign, unwrap
Public Key Object; EC EC_POINT 256 bits
EC_POINT: 0441044e68fd16a
EC_PARAMS: 06082a8648ce3d0
label: defaultkey
ID: 12
Usage: encrypt, verify, wrap
asc@calzone: ~/tmp/ecctest$ hexdump pubkey.spki
0000000 4104 4e04 fd68 a816 5515 bfc2 8d44 b725
0000010 5767 392c c98a 6270 c798 d948 3cbd 5588
0000020 b17b be61 55f1 1149 fd40 54c2 5f1c 2d03
0000030 ab73 ddce 654b 0240 611b 245c bb67 bff9
0000040 c504 00b8
0000043
asc@calzone: ~/tmp/ecctest$ pkcs15-tool -D
Manufacturer ID: www.CardContact.de
Using reader with a card: SCM SCR 3310 [CCID Interface] (21120843305113) 00 00
PKCS#15 Card [SmartCard-HSM]:
Version : 0
Serial number : UTCC0200013
Flags :
PIN [UserPIN]
Object Flags : [0x3], private, modifiable
ID : 01
Flags : [0x81A], local, unblock-disabled, initialized, exchangeRefData
Length : min_len:6, max_len:15, stored_len:0
Pad char : 0x00
Reference : 129 (0x81)
Type : ascii-numeric
Tries left : 3
PIN [SOPIN]
Object Flags : [0x1], private
ID : 02
Flags : [0x9E], local, change-disabled, unblock-disabled, initialized, soPin
Length : min_len:16, max_len:16, stored_len:0
Pad char : 0x00
Reference : 136 (0x88)
Type : bcd
Tries left : 3
Private EC Key [defaultkey] 31f0201: : 8e0d-1816- 0118-a550fc95f6 6e}
:key- exchange: 0
Object Flags : [0x3], private, modifiable
Usage : [0x2E], decrypt, sign, signRecover, unwrap
Access Flags : [0x1D], sensitive, alwaysSensitive, neverExtract, local
FieldLength : 256
Key ref : 1 (0x1)
Native : yes
Path : e82b0601040181c
Auth ID : 01
ID : 12
MD:guid : {c9124f38-
:cmap flags : 0x0
:sign : 0
Public EC Key [defaultkey]
Object Flags : [0x0]
Usage : [0x0]
Access Flags : [0x2], extract
FieldLength : 256
Key ref : 0 (0x0)
Native : no
ID : 12
DirectValue : <present>
asc@calzone: ~/tmp/ecctest$ pkcs11-tool --module /usr/local/ lib/opensc- pkcs11. so --login --pin 648219 -O 81555c2bf448d25 b767572c398ac97 06298c748d9bd3c 88557bb161bef15 5491140fdc2541c 5f032d73abcedd4 b6540021b615c24 67bbf9bf04c5b8 30107
Using slot 0 with a present token (0x0)
Private Key Object; EC
label: defaultkey
ID: 12
Usage: decrypt, sign, unwrap
Public Key Object; EC EC_POINT 256 bits
EC_POINT: 0441044e68fd16a
EC_PARAMS: 06082a8648ce3d0
label: defaultkey
ID: 12
Usage: none