You can check if the smart card has been set up correctly with the appropriate user by using vastool.
To test that a card has been initialized with an appropriate user
-
Run the vastool smartcard test user command, as follows:
# vastool smartcard test user Testing user user@vas.example Testing certificate validity ... ok Testing if PIN is required ... ok Enter PIN for user@vas.example: xxxxxxxx Performing login to card ... ok Generating signature ... ok Verifying signature ... ok
This tests whether a valid user is on the card, and whether you are able to log into the card and use its cryptographic functions. If your card requires a PIN, enter the password at the prompt.
The vastool smartcard test card function generates output similar to the following:
CKM_RSA_X_509 CKM_MD2_RSA_PKCS CKM_MD5_RSA_PKCS CKM_SHA1_RSA_PKCS CKM_DES_KEY_GEN CKM_DES_ECB CKM_DES_CBC CKM_DES_CBC_PAD CKM_DES2_KEY_GEN CKM_DES3_KEY_GEN CKM_DES3_ECB CKM_DES3_CBC CKM_DES3_CBC_PAD CKM_MD2 CKM_MD5 CKM_SHA_1 Checking that CKM_RSA_PKCS mechanism is supported ... ok Checking info for CKM_RSA_PKCS mechanism ... ok Checking CKM_RSA_PKCS mechanism supports signing ... ok Checking CKM_RSA_PKCS mechanism supports decryption ... ok Testing that card contains a user ... ok