PKCS11 token usage with opensc

From Embedded Lab Vienna for IoT & Security
Revision as of 15:26, 15 April 2019 by Mtausig (talk | contribs) (Start pkcs#11 token article)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search


Basic command line usage of a PKCS#11 token


  • Operating system: Ubuntu 18.04 bionic amd64
  • Packages: opensc opensc-pkcs11


The documentation uses the Feitian ePass 2003 FIPS 140-2 Level 2 tokens which can be used with the open source project OpenSC.

The default configuration of the tokens, according to the manufacturer, is as follows:

  • Default User PIN: 12345678
  • Default SO PIN: entersafe

Basic information gathering

We are going to get some basic informations using the command line tool pkcs11-tool

List the number of available tokens:

$ pkcs11-tool --module /usr/lib/x86_64-linux-gnu/ -L
Available slots:
Slot 0 (0x0): Feitian ePass2003 00 00
C_GetTokenInfo() failed: rv = CKR_TOKEN_NOT_PRESENT
Slot 1 (0x4): Alcor Micro AU9560 01 00

Used Hardware

Feitian ePass 2003 FIPS 140-2 Level 2


None yet