Differences

This shows you the differences between two versions of the page.

--- appnote:etoken [2015/09/02 18:13]
mcb30
+++ appnote:etoken [2018/07/05 21:36]
mcb30
@@ Line 20: / Line 20: @@
     pkcs11-tool --module libeToken.so --list-objects
+==== Changing the password ====
+To change the password on the hardware token, run the command
+    pkcs11-tool --module libeToken.so --change-pin
 ==== Extracting the certificate ====
@@ Line 44: / Line 50: @@
 ==== Toolchain ====
-{{ :clipart:chain.jpeg?300x144|A (tool)chain}}
+{{ :clipart:chain.jpeg?300x180|A (tool)chain}}
 To sign UEFI .cab files for submission to Microsoft you will need to also install
   * ''[[https://github.com/rhinstaller/pesign|pesign]]''
-  * ''[[http://ohnopub.net/~ohnobinki/lcab/|lcab]]''
+  * ''[[http://ftp.gnome.org/pub/GNOME/sources/gcab|gcab]]''
   * ''[[https://www.openssl.org|openssl]]''
   * ''[[https://github.com/OpenSC/OpenSC/wiki/Engine-pkcs11-quickstart|engine_pkcs11]]''
@@ Line 76: / Line 82: @@
 To create a UEFI signing submission, you must create a ''.cab'' file containing your (unsigned) ''.efi'' files.  For example, you can create a ''submission.cab'' file containing ''[[http://boot.ipxe.org/ipxe.efi|ipxe.efi]]'' and ''[[http://boot.ipxe.org/snponly.efi|snponly.efi]]'' using
-    lcab -n -q ipxe.efi snponly.efi submission.cab
+    gcab -n -c submission.cab ipxe.efi snponly.efi
 You can sign the ''submission.cab'' file using
-    osslsigncode -pkcs11engine /usr/lib64/openssl/engines/engine_pkcs11.so \
+    osslsigncode -pkcs11engine /usr/lib64/openssl/engines/pkcs11.so \
                  -pkcs11module /usr/lib64/libeToken.so -certs codesigning.crt \
                  -h sha256 -askpass -t http://timestamp.digicert.com \