$ p11tool --list-token-urls pkcs11:model=p11-kit-trust;manufacturer=PKCS%2311%20Kit;serial=1;token=Default%20Trust pkcs11:model=p11-kit-trust;manufacturer=PKCS%2311%20Kit;serial=1;token=System%20Trust pkcs11:model=Unknown%20Model;manufacturer=Unknown%20Manufacturer;serial=00000xxxxxxxxxxxxxxxxxxx pkcs11:model=PKCS%2315%20emulated;manufacturer=piv_II;serial=d6c523c6b0054a64;token=xxxxxxxxxxxx $ p11tool --list-all "pkcs11:model=Unknown%20Model;manufacturer=Unknown%20Manufacturer;serial=000001" Object 0: URL: pkcs11:model=Unknown%20Model;manufacturer=Unknown%20Manufacturer;serial=000001;id=%00%00%00%00%00%00%00%00;object=Certificate%20For%20PIV%20Authentication%20%28xxxxxxxxxxxx%29;type=cert Type: X.509 Certificate Label: Certificate For PIV Authentication (xxxxxxxxxxxxxx) ID: 00:00:00:00:00:00:00:00 Object 1: URL: pkcs11:model=Unknown%20Model;manufacturer=Unknown%20Manufacturer;serial=000001;id=%00%00%00%00%00%00%00%00;type=private Type: Private key Label: Flags: CKA_PRIVATE; ID: 00:00:00:00:00:00:00:00 Object 2: URL: pkcs11:model=Unknown%20Model;manufacturer=Unknown%20Manufacturer;serial=000001;id=%01%00%00%00%00%00%00%00;object=Certificate%20For%20Card%20Authentication%20%28xxxxxxxxxxxxxx;type=cert Type: X.509 Certificate Label: Certificate For Card Authentication (xxxxxxxxxxxxx) ID: 01:00:00:00:00:00:00:00 Object 3: URL: pkcs11:model=Unknown%20Model;manufacturer=Unknown%20Manufacturer;serial=000001;id=%01%00%00%00%00%00%00%00;type=private Type: Private key Label: Flags: CKA_PRIVATE; ID: 01:00:00:00:00:00:00:00 Object 4: URL: pkcs11:model=Unknown%20Model;manufacturer=Unknown%20Manufacturer;serial=000001;id=%02%00%00%00%00%00%00%00;object=Certificate%20For%20Digital%20Signature%20%28xxxxxxxxxxxxxxxxxxxx;type=cert Type: X.509 Certificate Label: Certificate For Digital Signature (xxxxxxxxxxxx) ID: 02:00:00:00:00:00:00:00 Object 5: URL: pkcs11:model=Unknown%20Model;manufacturer=Unknown%20Manufacturer;serial=000001;id=%02%00%00%00%00%00%00%00;type=private Type: Private key Label: Flags: CKA_PRIVATE; ID: 02:00:00:00:00:00:00:00 Object 6: URL: pkcs11:model=Unknown%20Model;manufacturer=Unknown%20Manufacturer;serial=000001;id=%03%00%00%00%00%00%00%00;object=Certificxxxxxxxxxxxxxxxxxxxxxxxxxxxx;type=cert Type: X.509 Certificate Label: Certificate For Key Management (xxxxxxxxxxxx) ID: 03:00:00:00:00:00:00:00 Object 7: URL: pkcs11:model=Unknown%20Model;manufacturer=Unknown%20Manufacturer;serial=000001;id=%03%00%00%00%00%00%00%00;type=private Type: Private key Label: Flags: CKA_PRIVATE; ID: 03:00:00:00:00:00:00:00 $ openssl dgst -engine pkcs11 -keyform engine -sign "pkcs11:model=Unknown%20Model;manufacturer=Unknown%20Manufacturer;serial=000001;id=%02%00%00%00%00%00%00%00;type=private" -sha256 -out /tmp/d.sig /tmp/d.dat engine "pkcs11" set. PKCS11_get_private_key returned NULL cannot load key file from engine 140735945642952:error:8206F012:PKCS#11 module:pkcs11_getattr_int:Attribute type invalid:p11_attr.c:48: 140735945642952:error:26096080:engine routines:ENGINE_load_private_key:failed loading private key:eng_pkey.c:124: unable to load key file $ $ openssl dgst -engine pkcs11 -keyform engine -sign "pkcs11:model=Unknown%20Model;manufacturer=Unknown%20Manufacturer;serial=000001;id=%02%00%00%00%00%00%00%00;type=private" -sha256 -out /tmp/d.sig /tmp/d.dat *************** OpenSC PKCS#11 spy ***************** Loaded: "/usr/local/lib/keychain-pkcs11.dylib" 0: C_GetFunctionList 2018-09-25 20:08:20.258 Returned: 0 CKR_OK 1: C_Initialize 2018-09-25 20:08:20.264 [in] pInitArgs = 0x7fb0014064d0 flags: 2 CKF_OS_LOCKING_OK Returned: 0 CKR_OK 2: C_GetSlotList 2018-09-25 20:08:20.574 [in] tokenPresent = 0x0 [out] pSlotList: Count is 1 [out] *pulCount = 0x1 Returned: 0 CKR_OK 3: C_GetSlotList 2018-09-25 20:08:20.761 [in] tokenPresent = 0x0 [out] pSlotList: Slot 1 [out] *pulCount = 0x1 Returned: 0 CKR_OK 4: C_GetSlotInfo 2018-09-25 20:08:20.763 [in] slotID = 0x1 [out] pInfo: slotDescription: 'Certificate For PIV Authenticati' 'on xxxxxxxxxxxxxxxxxxxxxxxxxxx ' manufacturerID: 'U.S. Naval Research Lab ' hardwareVersion: 1.0 firmwareVersion: 1.0 flags: 7 CKF_TOKEN_PRESENT CKF_REMOVABLE_DEVICE CKF_HW_SLOT Returned: 0 CKR_OK 5: C_GetTokenInfo 2018-09-25 20:08:20.763 [in] slotID = 0x1 [out] pInfo: label: 'xxxxxxxxxxxxxxxxxxxxxxxxxxx ' manufacturerID: 'Unknown Manufacturer ' model: 'Unknown Model ' serialNumber: '000001 ' ulMaxSessionCount: 0 ulSessionCount: -1 ulMaxRwSessionCount: 0 ulRwSessionCount: 0 ulMaxPinLen: 255 ulMinPinLen: 1 ulTotalPublicMemory: -1 ulFreePublicMemory: -1 ulTotalPrivateMemory: -1 ulFreePrivateMemory: -1 hardwareVersion: 1.0 firmwareVersion: 1.0 time: '1970010100000000' flags: 50e CKF_WRITE_PROTECTED CKF_LOGIN_REQUIRED CKF_USER_PIN_INITIALIZED CKF_PROTECTED_AUTHENTICATION_PATH CKF_TOKEN_INITIALIZED Returned: 0 CKR_OK engine "pkcs11" set. 6: C_OpenSession 2018-09-25 20:08:20.772 [in] slotID = 0x1 [in] flags = 0x4 pApplication=0x0 Notify=0x0 [out] *phSession = 0x1 Returned: 0 CKR_OK 7: C_FindObjectsInit 2018-09-25 20:08:20.772 [in] hSession = 0x1 [in] pTemplate[1]: CKA_CLASS CKO_PRIVATE_KEY Returned: 0 CKR_OK 8: C_FindObjects 2018-09-25 20:08:20.772 [in] hSession = 0x1 [in] ulMaxObjectCount = 0x1 [out] ulObjectCount = 0x1 Object 0x3 matches Returned: 0 CKR_OK 9: C_GetAttributeValue 2018-09-25 20:08:20.772 [in] hSession = 0x1 [in] hObject = 0x3 [in] pTemplate[1]: CKA_KEY_TYPE 00007ffeeb502128 / 8 [out] pTemplate[1]: CKA_KEY_TYPE CKK_RSA Returned: 0 CKR_OK 10: C_GetAttributeValue 2018-09-25 20:08:20.772 [in] hSession = 0x1 [in] hObject = 0x3 [in] pTemplate[1]: CKA_LABEL 0000000000000000 / 0 [out] pTemplate[1]: CKA_LABEL 0000000000000000 / 18446744073709551615 Returned: 18 CKR_ATTRIBUTE_TYPE_INVALID 11: C_GetAttributeValue 2018-09-25 20:08:20.772 [in] hSession = 0x1 [in] hObject = 0x3 [in] pTemplate[1]: CKA_ID 0000000000000000 / 0 [out] pTemplate[1]: CKA_ID 0000000000000000 / 8 Returned: 0 CKR_OK 12: C_GetAttributeValue 2018-09-25 20:08:20.772 [in] hSession = 0x1 [in] hObject = 0x3 [in] pTemplate[1]: CKA_ID 00007fb001612a40 / 8 [out] pTemplate[1]: CKA_ID 00007fb001612a40 / 8 00000000 00 00 00 00 00 00 00 00 ........ Returned: 0 CKR_OK 13: C_GetAttributeValue 2018-09-25 20:08:20.772 [in] hSession = 0x1 [in] hObject = 0x3 [in] pTemplate[1]: CKA_ID 00007fb00160a291 / 255 [out] pTemplate[1]: CKA_ID 00007fb00160a291 / 8 00000000 00 00 00 00 00 00 00 00 ........ Returned: 0 CKR_OK 14: C_FindObjects 2018-09-25 20:08:20.772 [in] hSession = 0x1 [in] ulMaxObjectCount = 0x1 [out] ulObjectCount = 0x1 Object 0x6 matches Returned: 0 CKR_OK 15: C_GetAttributeValue 2018-09-25 20:08:20.772 [in] hSession = 0x1 [in] hObject = 0x6 [in] pTemplate[1]: CKA_KEY_TYPE 00007ffeeb502128 / 8 [out] pTemplate[1]: CKA_KEY_TYPE CKK_RSA Returned: 0 CKR_OK 16: C_GetAttributeValue 2018-09-25 20:08:20.772 [in] hSession = 0x1 [in] hObject = 0x6 [in] pTemplate[1]: CKA_LABEL 0000000000000000 / 0 [out] pTemplate[1]: CKA_LABEL 0000000000000000 / 18446744073709551615 Returned: 18 CKR_ATTRIBUTE_TYPE_INVALID 17: C_GetAttributeValue 2018-09-25 20:08:20.773 [in] hSession = 0x1 [in] hObject = 0x6 [in] pTemplate[1]: CKA_ID 0000000000000000 / 0 [out] pTemplate[1]: CKA_ID 0000000000000000 / 8 Returned: 0 CKR_OK 18: C_GetAttributeValue 2018-09-25 20:08:20.773 [in] hSession = 0x1 [in] hObject = 0x6 [in] pTemplate[1]: CKA_ID 00007fb0014584a0 / 8 [out] pTemplate[1]: CKA_ID 00007fb0014584a0 / 8 00000000 01 00 00 00 00 00 00 00 ........ Returned: 0 CKR_OK 19: C_GetAttributeValue 2018-09-25 20:08:20.773 [in] hSession = 0x1 [in] hObject = 0x6 [in] pTemplate[1]: CKA_ID 00007fb00143d2e1 / 255 [out] pTemplate[1]: CKA_ID 00007fb00143d2e1 / 8 00000000 01 00 00 00 00 00 00 00 ........ Returned: 0 CKR_OK 20: C_FindObjects 2018-09-25 20:08:20.773 [in] hSession = 0x1 [in] ulMaxObjectCount = 0x1 [out] ulObjectCount = 0x1 Object 0x9 matches Returned: 0 CKR_OK 21: C_GetAttributeValue 2018-09-25 20:08:20.773 [in] hSession = 0x1 [in] hObject = 0x9 [in] pTemplate[1]: CKA_KEY_TYPE 00007ffeeb502128 / 8 [out] pTemplate[1]: CKA_KEY_TYPE CKK_RSA Returned: 0 CKR_OK 22: C_GetAttributeValue 2018-09-25 20:08:20.773 [in] hSession = 0x1 [in] hObject = 0x9 [in] pTemplate[1]: CKA_LABEL 0000000000000000 / 0 [out] pTemplate[1]: CKA_LABEL 0000000000000000 / 18446744073709551615 Returned: 18 CKR_ATTRIBUTE_TYPE_INVALID 23: C_GetAttributeValue 2018-09-25 20:08:20.773 [in] hSession = 0x1 [in] hObject = 0x9 [in] pTemplate[1]: CKA_ID 0000000000000000 / 0 [out] pTemplate[1]: CKA_ID 0000000000000000 / 8 Returned: 0 CKR_OK 24: C_GetAttributeValue 2018-09-25 20:08:20.773 [in] hSession = 0x1 [in] hObject = 0x9 [in] pTemplate[1]: CKA_ID 00007fb001458270 / 8 [out] pTemplate[1]: CKA_ID 00007fb001458270 / 8 00000000 02 00 00 00 00 00 00 00 ........ Returned: 0 CKR_OK 25: C_GetAttributeValue 2018-09-25 20:08:20.773 [in] hSession = 0x1 [in] hObject = 0x9 [in] pTemplate[1]: CKA_ID 00007fb001440c81 / 255 [out] pTemplate[1]: CKA_ID 00007fb001440c81 / 8 00000000 02 00 00 00 00 00 00 00 ........ Returned: 0 CKR_OK 26: C_FindObjects 2018-09-25 20:08:20.773 [in] hSession = 0x1 [in] ulMaxObjectCount = 0x1 [out] ulObjectCount = 0x1 Object 0xc matches Returned: 0 CKR_OK 27: C_GetAttributeValue 2018-09-25 20:08:20.773 [in] hSession = 0x1 [in] hObject = 0xc [in] pTemplate[1]: CKA_KEY_TYPE 00007ffeeb502128 / 8 [out] pTemplate[1]: CKA_KEY_TYPE CKK_RSA Returned: 0 CKR_OK 28: C_GetAttributeValue 2018-09-25 20:08:20.773 [in] hSession = 0x1 [in] hObject = 0xc [in] pTemplate[1]: CKA_LABEL 0000000000000000 / 0 [out] pTemplate[1]: CKA_LABEL 0000000000000000 / 18446744073709551615 Returned: 18 CKR_ATTRIBUTE_TYPE_INVALID 29: C_GetAttributeValue 2018-09-25 20:08:20.773 [in] hSession = 0x1 [in] hObject = 0xc [in] pTemplate[1]: CKA_ID 0000000000000000 / 0 [out] pTemplate[1]: CKA_ID 0000000000000000 / 8 Returned: 0 CKR_OK 30: C_GetAttributeValue 2018-09-25 20:08:20.773 [in] hSession = 0x1 [in] hObject = 0xc [in] pTemplate[1]: CKA_ID 00007fb001458150 / 8 [out] pTemplate[1]: CKA_ID 00007fb001458150 / 8 00000000 03 00 00 00 00 00 00 00 ........ Returned: 0 CKR_OK 31: C_GetAttributeValue 2018-09-25 20:08:20.773 [in] hSession = 0x1 [in] hObject = 0xc [in] pTemplate[1]: CKA_ID 00007fb0014660b1 / 255 [out] pTemplate[1]: CKA_ID 00007fb0014660b1 / 8 00000000 03 00 00 00 00 00 00 00 ........ Returned: 0 CKR_OK 32: C_FindObjects 2018-09-25 20:08:20.773 [in] hSession = 0x1 [in] ulMaxObjectCount = 0x1 [out] ulObjectCount = 0x0 Returned: 0 CKR_OK 33: C_FindObjectsFinal 2018-09-25 20:08:20.773 [in] hSession = 0x1 Returned: 0 CKR_OK 34: C_GetAttributeValue 2018-09-25 20:08:20.773 [in] hSession = 0x1 [in] hObject = 0x9 [in] pTemplate[1]: CKA_MODULUS 0000000000000000 / 0 [out] pTemplate[1]: CKA_MODULUS 0000000000000000 / 18446744073709551615 Returned: 18 CKR_ATTRIBUTE_TYPE_INVALID 35: C_GetSessionInfo 2018-09-25 20:08:20.773 [in] hSession = 0x1 [out] pInfo: slotID: 1 state: ' CKS_RO_PUBLIC_SESSION' flags: 4 CKF_SERIAL_SESSION ulDeviceError: 0 Returned: 0 CKR_OK 36: C_Login 2018-09-25 20:08:20.773 [in] hSession = 0x1 [in] userType = CKU_USER [in] pPin[ulPinLen] NULL [size : 0x0 (0)] Returned: 0 CKR_OK 37: C_FindObjectsInit 2018-09-25 20:08:20.773 [in] hSession = 0x1 [in] pTemplate[1]: CKA_CLASS CKO_PRIVATE_KEY Returned: 0 CKR_OK 38: C_FindObjects 2018-09-25 20:08:20.773 [in] hSession = 0x1 [in] ulMaxObjectCount = 0x1 [out] ulObjectCount = 0x1 Object 0x3 matches Returned: 0 CKR_OK 39: C_GetAttributeValue 2018-09-25 20:08:20.773 [in] hSession = 0x1 [in] hObject = 0x3 [in] pTemplate[1]: CKA_KEY_TYPE 00007ffeeb502128 / 8 [out] pTemplate[1]: CKA_KEY_TYPE CKK_RSA Returned: 0 CKR_OK 40: C_FindObjects 2018-09-25 20:08:20.773 [in] hSession = 0x1 [in] ulMaxObjectCount = 0x1 [out] ulObjectCount = 0x1 Object 0x6 matches Returned: 0 CKR_OK 41: C_GetAttributeValue 2018-09-25 20:08:20.773 [in] hSession = 0x1 [in] hObject = 0x6 [in] pTemplate[1]: CKA_KEY_TYPE 00007ffeeb502128 / 8 [out] pTemplate[1]: CKA_KEY_TYPE CKK_RSA Returned: 0 CKR_OK 42: C_FindObjects 2018-09-25 20:08:20.773 [in] hSession = 0x1 [in] ulMaxObjectCount = 0x1 [out] ulObjectCount = 0x1 Object 0x9 matches Returned: 0 CKR_OK 43: C_GetAttributeValue 2018-09-25 20:08:20.773 [in] hSession = 0x1 [in] hObject = 0x9 [in] pTemplate[1]: CKA_KEY_TYPE 00007ffeeb502128 / 8 [out] pTemplate[1]: CKA_KEY_TYPE CKK_RSA Returned: 0 CKR_OK 44: C_FindObjects 2018-09-25 20:08:20.773 [in] hSession = 0x1 [in] ulMaxObjectCount = 0x1 [out] ulObjectCount = 0x1 Object 0xc matches Returned: 0 CKR_OK 45: C_GetAttributeValue 2018-09-25 20:08:20.773 [in] hSession = 0x1 [in] hObject = 0xc [in] pTemplate[1]: CKA_KEY_TYPE 00007ffeeb502128 / 8 [out] pTemplate[1]: CKA_KEY_TYPE CKK_RSA Returned: 0 CKR_OK 46: C_FindObjects 2018-09-25 20:08:20.773 [in] hSession = 0x1 [in] ulMaxObjectCount = 0x1 [out] ulObjectCount = 0x0 Returned: 0 CKR_OK 47: C_FindObjectsFinal 2018-09-25 20:08:20.773 [in] hSession = 0x1 Returned: 0 CKR_OK 48: C_GetAttributeValue 2018-09-25 20:08:20.773 [in] hSession = 0x1 [in] hObject = 0x9 [in] pTemplate[1]: CKA_MODULUS 0000000000000000 / 0 [out] pTemplate[1]: CKA_MODULUS 0000000000000000 / 18446744073709551615 Returned: 18 CKR_ATTRIBUTE_TYPE_INVALID PKCS11_get_private_key returned NULL cannot load key file from engine 140735945642952:error:8206F012:PKCS#11 module:pkcs11_getattr_int:Attribute type invalid:p11_attr.c:48: 140735945642952:error:26096080:engine routines:ENGINE_load_private_key:failed loading private key:eng_pkey.c:124: unable to load key file $