I am trying to use NitroKey Storage 2 as a simple ECDSA signer. I want it to simply sign a “challenge” message to authenticate the dongle holder. I tried the “gnupg” but i found that gpg adds some data to the received message before hashing and signing it. Then, I tried the “pkcs11-tool” but i was unable to generate ECC:prime256v1 keys and got the following output:
C:\Program Files\OpenSC Project\OpenSC\tools> .\pkcs11-tool.exe --module …\pkcs11\opensc-pkcs11.dll -l --pin 123456 --keypairgen --key-type EC:prime256v1 --id 02
Using slot 0 with a present token (0x0)
error: PKCS11 function C_GenerateKeyPair failed: rv = CKR_GENERAL_ERROR (0x5)
I am using Windows 10 with OpenSC-0.20.0. I have installed the " OpenSC-0.20.0_win64.msi" from this page: https://github.com/OpenSC/OpenSC/releases/tag/0.20.0
Am i doing something wrong? Is there a way to simply sign messages with the NitroKey Storage 2 without adding data? and if so, how?
Your help is much appreciated.