Hi,
> In my view it lacks the following features: > 1. Allow the user to specify his own PKCS#11 library. > 2. Generate a new key. > 3. Load the X.509 certificate into the token. > > Now when I think of it, issue#1 can be solved by a symbolic > link, you can have the configuration point to a local > symbolic link that is linked by the script to the requested > provider. maybe LD_PRELOAD is another possibility ... > And when I look at the new version of opensc (0.10.0) I see > that they improved their pkcs11-tool significantly, so that > maybe it can be used to generate keys and import certificate > for every provider now. > > Are you willing to adjust your implementation and fix these > issues? I will do it when I have some free time. Yes, I already use pkcs11-tool for issue#2 and #3. I can try to do it.
