Hi there,
I have nk 3c nfc with firmware v1.6.0 (nitropy nk3 version).
I have to generate keypair:
pkcs11-tool --login-type so --pin 12345678 --keypairgen --key-type rsa:2048 --label "rsakey0"
this command took about 8-9 minutes and then I have the output about successful generation of key pair with label rsakey0.
But when I want to see my keys by:
pkcs11-tool -O --login --login-type user I have only a key with --id 03.
Is it ok?
Looks not bad. Can you try pkcs11-tool -O --login without --login-type user and post the output.
Also what does openpgp-tool -K say?
Nitrokey 3 OpenPGP card can have only 3 keys onboard.
pkcs11-tool -O --login
Using slot 0 with a present token (0x0)
Logging in to "OpenPGP card (User PIN)".
Please enter User PIN:
Private Key Object; RSA
label: Authentication key
ID: 03
Usage: decrypt, sign, non-repudiation, unwrap
Access: sensitive, always sensitive, never extractable, local
Public Key Object; RSA 2048 bits
label: Authentication key
ID: 03
Usage: encrypt, verify, wrap
Access: none
Profile object 771446512
profile_id: CKP_PUBLIC_CERTIFICATES_TOKEN (4)
openpgp-tool -K
Using reader with a card: Nitrokey Nitrokey 3 [CCID/ICCD Interface] 00 00
Aut Algorithm: RSA2048
Aut Create Date: 2024-01-31 12:31:14
Aut Fingerprint: 44:ae:2c:00:18:26:56:d4:79:a6:95:31:ee:6c:f5:91:8b:53:e1:42
Dec Algorithm: RSA2048
Dec Create Date: 1970-01-01 00:00:00
Dec Fingerprint: 00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00
Sig Algorithm: RSA2048
Sig Create Date: 1970-01-01 00:00:00
Sig Fingerprint: 00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00
Hi!
AFAIR on OpenPGP cards one can only populate slots 01 02 03. I think with older OpenSC 02 is not supported.
As far as I see openpgp-tool seems to be a better tool for this job (it has key generation too).