Which OpenSC version do you use? Please make sure it is the latest one - v0.20. This command should show it:
pkcs11-tool -I | head
Please run the same command with logging enabled and save it, as in:
env OPENSC_DEBUG=9 pkcs11-tool --login --keypairgen --key-type EC:secp384r1 | tee pkcs11-secp384.log
Please do not attach the log, as the PIN will be shown raw there (unless you are using the default PIN that is). Instead please edit it and leave lines before CKR_DATA_INVALID message.
The OpenSC library version will be placed in the log file as well.
Hi Sz,
many thanks for your prompt reply. I’ve just checked that NIST-384 ECC key creation works fine using OpenSC 0.20. I was able to check this on Windows 10 (using binary) and Raspbian (after re-compiling from source) So, problem solved!
BTW, is there any special reason why 384 key length (as opposed to 521) doesn’t work with OpenSC 0.19?
Looking at the v0.20 changelog (CTRL+F-> SC HSM) it looks like it was just added in this release. These are done only once a year, so differences between versions are quite big.