Johannes Rath | 26 Apr 09:58 2016

Writing private key to smart card

 

Hi all,

 

I am trying to write a private key to a smart card, but I am always getting an error:

 

jor <at> jorVirtualUbuntu1404:/mnt/Projects/TestOpenSC$ pkcs11-tool -y privkey  -l -w  private.der

Using slot 0 with a present token (0x0)

Logging in to "JavaCard isoApplet (User PIN)".

Please enter User PIN:

error: PKCS11 function C_CreateObject failed: rv = CKR_GENERAL_ERROR (0x5)

 

Aborting.

jor <at> jorVirtualUbuntu1404:/mnt/Projects/TestOpenSC$ opensc-tool -i

OpenSC 0.15.0 [gcc  4.8.4]

Enabled features: locking zlib readline openssl pcsc(libpcsclite.so.1)

 

Any ideas?

 

Regards

 

Johannes

 

------------------------------------------------------------------------------
Find and fix application performance issues faster with Applications Manager
Applications Manager provides deep performance insights into multiple tiers of
your business applications. It resolves application problems quickly and
reduces your MTTR. Get your free trial!
https://ad.doubleclick.net/ddm/clk/302982198;130105516;z
_______________________________________________
Opensc-devel mailing list
Opensc-devel <at> lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/opensc-devel
Douglas E Engert | 21 Apr 23:57 2016
Picon

OPenSC AppVeyer is acting up


It appears that AppVeyer is having problems loading zlib. See:

https://ci.appveyor.com/project/LudovicRousseau/opensc/build/0.16.0.595/job/65tmhvbcns2grosi

Error downloading file: Unable to connect to the remote server

7-Zip [64] 9.20  Copyright (c) 1999-2010 Igor Pavlov  2010-11-18

Error:
cannot find archive
Rename-Item : Cannot rename because item at 'c:\zlib-1.2.8' does not exist.
At line:11 char:3
+   Rename-Item -path "c:\zlib-${env:ZLIB_VER_DOT}" -newName "zlib"
+   ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     + CategoryInfo          : InvalidOperation: (:) [Rename-Item], PSInvalidOperationException
     + FullyQualifiedErrorId : InvalidOperation,Microsoft.PowerShell.Commands.RenameItemCommand

Command executed with exception: Cannot rename because item at 'c:\zlib-1.2.8' does not exist.

--

-- 

  Douglas E. Engert  <DEEngert <at> gmail.com>

------------------------------------------------------------------------------
Find and fix application performance issues faster with Applications Manager
Applications Manager provides deep performance insights into multiple tiers of
your business applications. It resolves application problems quickly and
reduces your MTTR. Get your free trial!
https://ad.doubleclick.net/ddm/clk/302982198;130105516;z
Claudio Felix | 20 Apr 00:09 2016
Picon
Gravatar

Information for not yet supported card

Hi,

Some time ago I bought a card in an online store to store digital certificates for e-CPF or e-CNPJ, which are respectively like a tax payer identifier for people and companies. I don't have the e-mail from the store anymore, but I remember something about JCOP and java card. Although it seems yet unsupported in OpenSC, it looks supported in PCSC, since pcsc_scan outputs the following information when the card gets inserted:

Reader 0: CASTLES EZ100PU 00 00
  Card state: Card inserted, 
  ATR: 3B 6A 00 FF 4A 43 4F 50 32 31 56 32 33 31

ATR: 3B 6A 00 FF 4A 43 4F 50 32 31 56 32 33 31
+ TS = 3B --> Direct Convention
+ T0 = 6A, Y(1): 0110, K: 10 (historical bytes)
  TB(1) = 00 --> VPP is not electrically connected
  TC(1) = FF --> Extra guard time: 255 (special value)
+ Historical bytes: 4A 43 4F 50 32 31 56 32 33 31
  Category indicator byte: 4A (proprietary format)

Possibly identified card (using /usr/share/pcsc/smartcard_list.txt):
3B 6A 00 FF 4A 43 4F 50 32 31 56 32 33 31
        JCOP21 v2.3 Standard


Hope this helps getting the card supported.

Thank you,

Claudio
------------------------------------------------------------------------------
Find and fix application performance issues faster with Applications Manager
Applications Manager provides deep performance insights into multiple tiers of
your business applications. It resolves application problems quickly and
reduces your MTTR. Get your free trial!
https://ad.doubleclick.net/ddm/clk/302982198;130105516;z
_______________________________________________
Opensc-devel mailing list
Opensc-devel <at> lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/opensc-devel
Douglas E Engert | 19 Apr 21:20 2016
Picon

OpenSC-0.16.0 and OpenSSL-1.1.0-pre5 and libp11

P.S. Libp11 will also need changes as p11_key.c also tries to access the internals of the RSA structure.

OpenSSL announced today: OpenSSL version 1.1.0 pre release 5 (beta)

Building OpenSC-0.16.0 from git, with my https://github.com/OpenSC/OpenSC/pull/717
that compiled with the OpenSSL-1.1.0-pre4 now shows 117 errors 13 files.

Between pre4 and pre5 OpenSSL has now hidden the internals of the RSA structure.
One can no longer reference via a pointer the BIGNUM for n, e, d, r, q, dump1, dmq1 or iqmp.
One must use these routines:
int RSA_set0_key(RSA *r, BIGNUM *n, BIGNUM *e, BIGNUM *d);
int RSA_set0_factors(RSA *r, BIGNUM *p, BIGNUM *q);
int RSA_set0_crt_params(RSA *r,BIGNUM *dmp1, BIGNUM *dmq1, BIGNUM *iqmp);
void RSA_get0_key(const RSA *r, BIGNUM **n, BIGNUM **e, BIGNUM **d);
void RSA_get0_factors(const RSA *r, BIGNUM **p, BIGNUM **q);
void RSA_get0_crt_params(const RSA *r,
                          BIGNUM **dmp1, BIGNUM **dmq1, BIGNUM **iqmp);
void RSA_clear_flags(RSA *r, int flags);
int RSA_test_flags(const RSA *r, int flags);
void RSA_set_flags(RSA *r, int flags);

I have started looking at the changes needed to PR #717 that will be needed.

These are the routines that need to be modified:

pkcs15init.c
pkcs15-westcos.c
pkcs15-prkey.c
pkcs15-pubkey.c
card-westcos.c
cwa14890.c
cwa-dnie.c
piv-tool.c
pkcs15-tool.c
p15card-helper.c
westcost-tool.c
cryptoflex-tool.c
pkcs15-tool.c

--

-- 

  Douglas E. Engert  <DEEngert <at> gmail.com>

------------------------------------------------------------------------------
Find and fix application performance issues faster with Applications Manager
Applications Manager provides deep performance insights into multiple tiers of
your business applications. It resolves application problems quickly and
reduces your MTTR. Get your free trial!
https://ad.doubleclick.net/ddm/clk/302982198;130105516;z
Douglas E Engert | 19 Apr 21:17 2016
Picon

OpenSC-0.16.0 and OpenSSL-1.1.0-pre5

OpenSSL announced today: OpenSSL version 1.1.0 pre release 5 (beta)

Building OpenSC-0.16.0 from git, with my https://github.com/OpenSC/OpenSC/pull/717
that compiled with the OpenSSL-1.1.0-pre4 now shows 117 errors 13 files.

Between pre4 and pre5 OpenSSL has now hidden the internals of the RSA structure.
One can no longer reference via a pointer the BIGNUM for n, e, d, r, q, dump1, dmq1 or iqmp.
One must use these routines:
int RSA_set0_key(RSA *r, BIGNUM *n, BIGNUM *e, BIGNUM *d);
int RSA_set0_factors(RSA *r, BIGNUM *p, BIGNUM *q);
int RSA_set0_crt_params(RSA *r,BIGNUM *dmp1, BIGNUM *dmq1, BIGNUM *iqmp);
void RSA_get0_key(const RSA *r, BIGNUM **n, BIGNUM **e, BIGNUM **d);
void RSA_get0_factors(const RSA *r, BIGNUM **p, BIGNUM **q);
void RSA_get0_crt_params(const RSA *r,
                          BIGNUM **dmp1, BIGNUM **dmq1, BIGNUM **iqmp);
void RSA_clear_flags(RSA *r, int flags);
int RSA_test_flags(const RSA *r, int flags);
void RSA_set_flags(RSA *r, int flags);

I have started looking at the changes needed to PR #717 that will be needed.

These are the routines that need to be modified:

pkcs15init.c
pkcs15-westcos.c
pkcs15-prkey.c
pkcs15-pubkey.c
card-westcos.c
cwa14890.c
cwa-dnie.c
piv-tool.c
pkcs15-tool.c
p15card-helper.c
westcost-tool.c
cryptoflex-tool.c
pkcs15-tool.c

--

-- 

  Douglas E. Engert  <DEEngert <at> gmail.com>

------------------------------------------------------------------------------
Find and fix application performance issues faster with Applications Manager
Applications Manager provides deep performance insights into multiple tiers of
your business applications. It resolves application problems quickly and
reduces your MTTR. Get your free trial!
https://ad.doubleclick.net/ddm/clk/302982198;130105516;z
Ogorzalek, Przemyslaw | 19 Apr 14:03 2016

How to retrieve RSA private key from wrapped key blob?

Hello,

 

I wonder if it’s possible to decrypt wrapped RSA private key downloaded from a smartcard? The key was generated and obtained by the following set of commands:

 

sc-hsm-tool --create-dkek-share dkek/dkek-share-1.pbe

sc-hsm-tool --create-dkek-share dkek/dkek-share-2.pbe

 

sc-hsm-tool --initialize --dkek-shares 2

sc-hsm-tool --import-dkek-share dkek/dkek-share-1.pbe

sc-hsm-tool --import-dkek-share dkek/dkek-share-2.pbe

pkcs11-tool -l --pin 123456 --keypairgen --key-type rsa:2048 --id 11 --usage-sign

sc-hsm-tool --wrap-key wrap-key.bin --key-reference 1

 

I know how to upload the key to a new card, but what if I want to change the technology stack and stop using smartcards in the future? Is there any way to  reencrypt the RSA key to store it in file protected simply by a passphrase?

 

Assume that I have both DKEK key shares and corresponding passwords, and I can perform the whole process in a designated secure room.

 

I have also asked this question on superuser.com: http://superuser.com/questions/1066719/how-to-retrieve-rsa-private-key-from-wrapped-key-blob

So if you can answer my question, the reputation is yours to get J

 

Best regards,

Przemysław Ogorzałek

------------------------------------------------------------------------------
Find and fix application performance issues faster with Applications Manager
Applications Manager provides deep performance insights into multiple tiers of
your business applications. It resolves application problems quickly and
reduces your MTTR. Get your free trial!
https://ad.doubleclick.net/ddm/clk/302982198;130105516;z
_______________________________________________
Opensc-devel mailing list
Opensc-devel <at> lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/opensc-devel
Cornelius Kölbel | 15 Apr 23:02 2016
Picon
Gravatar

missing key usage of pubkey

Hi,

I am doing some tests with the nitrokey (smartcard-hsm) on Ubuntu 14.04.
It comes with 0.13.0-3ubuntu4.1.

So you may simply tell me to get a newer version ;-)

Now, when I generate a key pair everything looks fine.
The key usage of the pubkey is marked as _encrypt_.

But when I run -l -O the public key has no attributes!

(venv)cornelius <at> puckel ...c/privacyidea/privacyidea/lib/security
(git)-[pkcs11] % pkcs11-tool
--module /usr/lib/x86_64-linux-gnu/opensc-pkcs11.so -l --keypairgen
--key-type rsa:2048 --id
11                                                    
Using slot 1 with a present token (0x1)
Logging in to "SmartCard-HSM (UserPIN)".
Please enter User PIN: 
Key pair generated:
Private Key Object; RSA 
  label:      Private Key
  ID:         11
  Usage:      decrypt, sign, unwrap
Public Key Object; RSA 2048 bits
  label:      Private Key
  ID:         11
  Usage:      encrypt, verify, wrap
(venv)cornelius <at> puckel ...c/privacyidea/privacyidea/lib/security
(git)-[pkcs11] % pkcs11-tool
--module /usr/lib/x86_64-linux-gnu/opensc-pkcs11.so -l -O
Using slot 1 with a present token (0x1)
Logging in to "SmartCard-HSM (UserPIN)".
Please enter User PIN: 
Private Key Object; RSA 
  label:      Private Key
  ID:         11
  Usage:      decrypt, sign, unwrap
Public Key Object; RSA 2048 bits
  label:      Private Key
  ID:         11
  Usage:      none

Also when I look at the object all key usage attribs are set to false:

[CKA_ALWAYS_SENSITIVE: True
CKA_CLASS: CKO_PUBLIC_KEY
CKA_DECRYPT: False
CKA_DERIVE: False
CKA_ENCRYPT: False
CKA_EXTRACTABLE: (0L,)
CKA_ID: (17L,)
CKA_KEY_GEN_MECHANISM: -1
CKA_KEY_TYPE: CKK_RSA
CKA_LABEL: Private Key
CKA_LOCAL: True
CKA_MODIFIABLE: False

When I try to encrypt with the key handle on key x11 i get
CKR_FUNCTION_NOT_SUPPORTED.

So it looks like the attributes of the pubkey are not persisted.

Am I missing something?

Thanks a lot and kind regards
Cornelius

 
------------------------------------------------------------------------------
Find and fix application performance issues faster with Applications Manager
Applications Manager provides deep performance insights into multiple tiers of
your business applications. It resolves application problems quickly and
reduces your MTTR. Get your free trial!
https://ad.doubleclick.net/ddm/clk/302982198;130105516;z
_______________________________________________
Opensc-devel mailing list
Opensc-devel <at> lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/opensc-devel
Giovanni | 15 Apr 09:57 2016
Picon

Gemplus GPK16000 supported or not?

Hi,

I trying lastest opensc from github with Gemplus GPK16000, in wiki's "SupportedHardware" I read GemplusGpk is unsupported, while in page "GemplusGpk" is supported.
I tried to erase my card and I got a file not found this is the log:

pkcs15-init -E -vvvvvv
0x7f611ef26700 09:56:18.921 [pkcs15-init] sc.c:251:sc_detect_card_presence: called
0x7f611ef26700 09:56:18.921 [pkcs15-init] reader-pcsc.c:393:pcsc_detect_card_presence: called
0x7f611ef26700 09:56:18.921 [pkcs15-init] reader-pcsc.c:303:refresh_attributes: Eutron Smart Pocket 00 00 check
0x7f611ef26700 09:56:18.922 [pkcs15-init] reader-pcsc.c:322:refresh_attributes: returning with: 0 (Success)
0x7f611ef26700 09:56:18.922 [pkcs15-init] reader-pcsc.c:398:pcsc_detect_card_presence: returning with: 1
0x7f611ef26700 09:56:18.922 [pkcs15-init] sc.c:256:sc_detect_card_presence: returning with: 1
Using reader with a card: Eutron Smart Pocket 00 00
0x7f611ef26700 09:56:18.922 [pkcs15-init] sc.c:251:sc_detect_card_presence: called
0x7f611ef26700 09:56:18.922 [pkcs15-init] reader-pcsc.c:393:pcsc_detect_card_presence: called
0x7f611ef26700 09:56:18.922 [pkcs15-init] reader-pcsc.c:303:refresh_attributes: Eutron Smart Pocket 00 00 check
0x7f611ef26700 09:56:18.922 [pkcs15-init] reader-pcsc.c:322:refresh_attributes: returning with: 0 (Success)
0x7f611ef26700 09:56:18.922 [pkcs15-init] reader-pcsc.c:398:pcsc_detect_card_presence: returning with: 1
0x7f611ef26700 09:56:18.922 [pkcs15-init] sc.c:256:sc_detect_card_presence: returning with: 1
Connecting to card in reader Eutron Smart Pocket 00 00...
0x7f611ef26700 09:56:18.922 [pkcs15-init] card.c:196:sc_connect_card: called
0x7f611ef26700 09:56:18.922 [pkcs15-init] reader-pcsc.c:475:pcsc_connect: called
0x7f611ef26700 09:56:18.922 [pkcs15-init] reader-pcsc.c:303:refresh_attributes: Eutron Smart Pocket 00 00 check
0x7f611ef26700 09:56:18.922 [pkcs15-init] reader-pcsc.c:322:refresh_attributes: returning with: 0 (Success)
0x7f611ef26700 09:56:18.922 [pkcs15-init] reader-pcsc.c:504:pcsc_connect: Initial protocol: T=0
0x7f611ef26700 09:56:18.922 [pkcs15-init] card.c:217:sc_connect_card: matching configured ATRs
0x7f611ef26700 09:56:18.922 [pkcs15-init] card.c:260:sc_connect_card: matching built-in ATRs
0x7f611ef26700 09:56:18.922 [pkcs15-init] card.c:265:sc_connect_card: trying driver 'cardos'
0x7f611ef26700 09:56:18.922 [pkcs15-init] card.c:978:match_atr_table: ATR     : 3b:a7:00:40:18:80:65:a2:09:01:02:52
0x7f611ef26700 09:56:18.922 [pkcs15-init] card.c:989:match_atr_table: ATR try : 3b:e2:00:ff:c1:10:31:fe:55:c8:02:9c
0x7f611ef26700 09:56:18.922 [pkcs15-init] card.c:989:match_atr_table: ATR try : 3b:e9:00:ff:c1:10:31:fe:55:00:64:05:00:c8:02:31:80:00:47
0x7f611ef26700 09:56:18.922 [pkcs15-init] card.c:992:match_atr_table: ignored - wrong length
0x7f611ef26700 09:56:18.922 [pkcs15-init] card.c:989:match_atr_table: ATR try : 3b:fb:98:00:ff:c1:10:31:fe:55:00:64:05:20:47:03:31:80:00:90:00:f3
0x7f611ef26700 09:56:18.922 [pkcs15-init] card.c:992:match_atr_table: ignored - wrong length
0x7f611ef26700 09:56:18.922 [pkcs15-init] card.c:989:match_atr_table: ATR try : 3b:fc:98:00:ff:c1:10:31:fe:55:c8:03:49:6e:66:6f:63:61:6d:65:72:65:28
0x7f611ef26700 09:56:18.922 [pkcs15-init] card.c:992:match_atr_table: ignored - wrong length
0x7f611ef26700 09:56:18.922 [pkcs15-init] card.c:989:match_atr_table: ATR try : 3b:f4:98:00:ff:c1:10:31:fe:55:4d:34:63:76:b4
0x7f611ef26700 09:56:18.922 [pkcs15-init] card.c:992:match_atr_table: ignored - wrong length
0x7f611ef26700 09:56:18.922 [pkcs15-init] card.c:989:match_atr_table: ATR try : 3b:f2:18:00:ff:c1:0a:31:fe:55:c8:06:8a
0x7f611ef26700 09:56:18.922 [pkcs15-init] card.c:992:match_atr_table: ignored - wrong length
0x7f611ef26700 09:56:18.922 [pkcs15-init] card.c:989:match_atr_table: ATR try : 3b:d2:18:02:c1:0a:31:fe:58:c8:0d:51
0x7f611ef26700 09:56:18.922 [pkcs15-init] card.c:989:match_atr_table: ATR try : 3b:d2:18:00:81:31:fe:58:c9:01:14
0x7f611ef26700 09:56:18.922 [pkcs15-init] card.c:992:match_atr_table: ignored - wrong length
0x7f611ef26700 09:56:18.922 [pkcs15-init] card.c:265:sc_connect_card: trying driver 'flex'
0x7f611ef26700 09:56:18.922 [pkcs15-init] card.c:978:match_atr_table: ATR     : 3b:a7:00:40:18:80:65:a2:09:01:02:52
0x7f611ef26700 09:56:18.922 [pkcs15-init] card.c:989:match_atr_table: ATR try : 3b:95:15:40:20:68:01:02:00:00
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:992:match_atr_table: ignored - wrong length
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:989:match_atr_table: ATR try : 3B:95:15:40:FF:68:01:02:02:01
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:992:match_atr_table: ignored - wrong length
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:989:match_atr_table: ATR try : 3B:95:15:40:FF:68:01:02:02:04
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:992:match_atr_table: ignored - wrong length
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:989:match_atr_table: ATR try : 3B:85:40:20:68:01:01:05:01
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:992:match_atr_table: ignored - wrong length
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:989:match_atr_table: ATR try : 3B:95:94:40:FF:63:01:01:02:01
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:992:match_atr_table: ignored - wrong length
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:989:match_atr_table: ATR try : 3B:95:15:40:FF:63:01:01:02:01
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:992:match_atr_table: ignored - wrong length
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:989:match_atr_table: ATR try : 3B:95:18:40:FF:64:02:01:01:02
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:992:match_atr_table: ignored - wrong length
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:989:match_atr_table: ATR try : 3B:95:18:40:FF:62:01:01:00:00
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:992:match_atr_table: ignored - wrong length
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:989:match_atr_table: ATR try : 3B:95:18:40:FF:62:01:02:01:04
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:992:match_atr_table: ignored - wrong length
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:989:match_atr_table: ATR try : 3B:95:18:40:FF:62:04:01:01:05
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:992:match_atr_table: ignored - wrong length
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:989:match_atr_table: ATR try : 3b:95:15:40:ff:68:01:02:45:47
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:992:match_atr_table: ignored - wrong length
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:989:match_atr_table: ATR try : 3B:E2:00:00:40:20:49:06
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:992:match_atr_table: ignored - wrong length
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:989:match_atr_table: ATR try : 3B:E2:00:00:40:20:49:05
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:992:match_atr_table: ignored - wrong length
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:989:match_atr_table: ATR try : 3B:E2:00:00:40:20:49:07
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:992:match_atr_table: ignored - wrong length
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:989:match_atr_table: ATR try : 3B:85:40:20:68:01:01:03:05
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:992:match_atr_table: ignored - wrong length
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:989:match_atr_table: ATR try : 3B:02:14:50
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:992:match_atr_table: ignored - wrong length
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:989:match_atr_table: ATR try : 3B:19:14:55:90:01:02:01:00:05:04:B0
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:989:match_atr_table: ATR try : 3B:32:15:00:06:80
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:992:match_atr_table: ignored - wrong length
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:989:match_atr_table: ATR try : 3B:32:15:00:06:95
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:992:match_atr_table: ignored - wrong length
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:989:match_atr_table: ATR try : 3B:19:14:59:01:01:0F:01:00:05:08:B0
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:989:match_atr_table: ATR try : 3B:19:14:55:90:01:01:01:00:05:08:B0
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:989:match_atr_table: ATR try : 3B:16:94:81:10:06:01:81:3F
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:992:match_atr_table: ignored - wrong length
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:989:match_atr_table: ATR try : 3B:16:94:81:10:06:01:81:2F
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:992:match_atr_table: ignored - wrong length
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:265:sc_connect_card: trying driver 'cyberflex'
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:978:match_atr_table: ATR     : 3b:a7:00:40:18:80:65:a2:09:01:02:52
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:989:match_atr_table: ATR try : 3b:95:15:40:20:68:01:02:00:00
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:992:match_atr_table: ignored - wrong length
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:989:match_atr_table: ATR try : 3B:95:15:40:FF:68:01:02:02:01
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:992:match_atr_table: ignored - wrong length
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:989:match_atr_table: ATR try : 3B:95:15:40:FF:68:01:02:02:04
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:992:match_atr_table: ignored - wrong length
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:989:match_atr_table: ATR try : 3B:85:40:20:68:01:01:05:01
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:992:match_atr_table: ignored - wrong length
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:989:match_atr_table: ATR try : 3B:95:94:40:FF:63:01:01:02:01
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:992:match_atr_table: ignored - wrong length
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:989:match_atr_table: ATR try : 3B:95:15:40:FF:63:01:01:02:01
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:992:match_atr_table: ignored - wrong length
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:989:match_atr_table: ATR try : 3B:95:18:40:FF:64:02:01:01:02
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:992:match_atr_table: ignored - wrong length
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:989:match_atr_table: ATR try : 3B:95:18:40:FF:62:01:01:00:00
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:992:match_atr_table: ignored - wrong length
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:989:match_atr_table: ATR try : 3B:95:18:40:FF:62:01:02:01:04
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:992:match_atr_table: ignored - wrong length
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:989:match_atr_table: ATR try : 3B:95:18:40:FF:62:04:01:01:05
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:992:match_atr_table: ignored - wrong length
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:989:match_atr_table: ATR try : 3b:95:15:40:ff:68:01:02:45:47
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:992:match_atr_table: ignored - wrong length
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:989:match_atr_table: ATR try : 3B:E2:00:00:40:20:49:06
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:992:match_atr_table: ignored - wrong length
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:989:match_atr_table: ATR try : 3B:E2:00:00:40:20:49:05
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:992:match_atr_table: ignored - wrong length
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:989:match_atr_table: ATR try : 3B:E2:00:00:40:20:49:07
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:992:match_atr_table: ignored - wrong length
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:989:match_atr_table: ATR try : 3B:85:40:20:68:01:01:03:05
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:992:match_atr_table: ignored - wrong length
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:989:match_atr_table: ATR try : 3B:02:14:50
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:992:match_atr_table: ignored - wrong length
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:989:match_atr_table: ATR try : 3B:19:14:55:90:01:02:01:00:05:04:B0
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:989:match_atr_table: ATR try : 3B:32:15:00:06:80
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:992:match_atr_table: ignored - wrong length
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:989:match_atr_table: ATR try : 3B:32:15:00:06:95
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:992:match_atr_table: ignored - wrong length
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:989:match_atr_table: ATR try : 3B:19:14:59:01:01:0F:01:00:05:08:B0
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:989:match_atr_table: ATR try : 3B:19:14:55:90:01:01:01:00:05:08:B0
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:989:match_atr_table: ATR try : 3B:16:94:81:10:06:01:81:3F
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:992:match_atr_table: ignored - wrong length
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:989:match_atr_table: ATR try : 3B:16:94:81:10:06:01:81:2F
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:992:match_atr_table: ignored - wrong length
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:265:sc_connect_card: trying driver 'gpk'
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:978:match_atr_table: ATR     : 3b:a7:00:40:18:80:65:a2:09:01:02:52
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:989:match_atr_table: ATR try : 3B:27:00:80:65:A2:04:01:01:37
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:992:match_atr_table: ignored - wrong length
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:989:match_atr_table: ATR try : 3B:27:00:80:65:A2:05:01:01:37
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:992:match_atr_table: ignored - wrong length
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:989:match_atr_table: ATR try : 3B:27:00:80:65:A2:0C:01:01:37
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:992:match_atr_table: ignored - wrong length
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:989:match_atr_table: ATR try : 3B:A7:00:40:14:80:65:A2:14:01:01:37
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:989:match_atr_table: ATR try : 3B:A7:00:40:18:80:65:A2:08:01:01:52
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:989:match_atr_table: ATR try : 3B:A7:00:40:18:80:65:A2:09:01:01:52
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:989:match_atr_table: ATR try : 3B:A7:00:40:18:80:65:A2:09:01:02:52
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:279:sc_connect_card: matched: Gemplus GPK
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:394:sc_lock: called
0x7f611ef26700 09:56:18.923 [pkcs15-init] reader-pcsc.c:543:pcsc_lock: called
0x7f611ef26700 09:56:18.924 [pkcs15-init] apdu.c:546:sc_transmit_apdu: called
0x7f611ef26700 09:56:18.924 [pkcs15-init] card.c:394:sc_lock: called
0x7f611ef26700 09:56:18.924 [pkcs15-init] apdu.c:513:sc_transmit: called
0x7f611ef26700 09:56:18.924 [pkcs15-init] apdu.c:367:sc_single_transmit: called
0x7f611ef26700 09:56:18.924 [pkcs15-init] apdu.c:372:sc_single_transmit: CLA:80, INS:C0, P1:2, P2:A4, data(0) (nil)
0x7f611ef26700 09:56:18.924 [pkcs15-init] reader-pcsc.c:269:pcsc_transmit: reader 'Eutron Smart Pocket 00 00'
0x7f611ef26700 09:56:18.924 [pkcs15-init] reader-pcsc.c:270:pcsc_transmit:
Outgoing APDU (5 bytes):
80 C0 02 A4 0D .....
0x7f611ef26700 09:56:18.924 [pkcs15-init] reader-pcsc.c:199:pcsc_internal_transmit: called
0x7f611ef26700 09:56:18.953 [pkcs15-init] reader-pcsc.c:279:pcsc_transmit:
Incoming APDU (15 bytes):
A2 09 01 01 52 00 FF 00 10 00 FF 86 86 90 00 ....R..........
0x7f611ef26700 09:56:18.953 [pkcs15-init] apdu.c:382:sc_single_transmit: returning with: 0 (Success)
0x7f611ef26700 09:56:18.953 [pkcs15-init] apdu.c:535:sc_transmit: returning with: 0 (Success)
0x7f611ef26700 09:56:18.953 [pkcs15-init] card.c:434:sc_unlock: called
0x7f611ef26700 09:56:18.953 [pkcs15-init] card.c:434:sc_unlock: called
0x7f611ef26700 09:56:18.953 [pkcs15-init] reader-pcsc.c:583:pcsc_unlock: called
0x7f611ef26700 09:56:18.959 [pkcs15-init] card.c:307:sc_connect_card: card info name:'Gemplus GPK', type:3160, flags:0x0, max_send/recv_size:255/252
0x7f611ef26700 09:56:18.959 [pkcs15-init] card.c:1345:sc_card_sm_check: called
0x7f611ef26700 09:56:18.959 [pkcs15-init] card.c:1346:sc_card_sm_check: card->sm_ctx.ops.open (nil)
0x7f611ef26700 09:56:18.959 [pkcs15-init] card.c:1351:sc_card_sm_check: returning with: 0 (Success)
0x7f611ef26700 09:56:18.959 [pkcs15-init] card.c:319:sc_connect_card: returning with: 0 (Success)
Using card driver Gemplus GPK.
0x7f611ef26700 09:56:18.959 [pkcs15-init] card.c:394:sc_lock: called
0x7f611ef26700 09:56:18.959 [pkcs15-init] reader-pcsc.c:543:pcsc_lock: called
0x7f611ef26700 09:56:18.959 [pkcs15-init] pkcs15-lib.c:301:sc_pkcs15init_bind: called
0x7f611ef26700 09:56:18.959 [pkcs15-init] card.c:856:sc_card_ctl: called
0x7f611ef26700 09:56:18.959 [pkcs15-init] card.c:863:sc_card_ctl: card_ctl(4) not supported
0x7f611ef26700 09:56:18.959 [pkcs15-init] card.c:698:sc_select_file: called; type=2, path=3f0050154946
0x7f611ef26700 09:56:18.959 [pkcs15-init] card-gpk.c:572:gpk_select_file: called
0x7f611ef26700 09:56:18.959 [pkcs15-init] card.c:394:sc_lock: called
0x7f611ef26700 09:56:18.959 [pkcs15-init] card-gpk.c:535:gpk_select_id: gpk_select_id(0x3F00, kind=0)
0x7f611ef26700 09:56:18.959 [pkcs15-init] apdu.c:546:sc_transmit_apdu: called
0x7f611ef26700 09:56:18.959 [pkcs15-init] card.c:394:sc_lock: called
0x7f611ef26700 09:56:18.959 [pkcs15-init] apdu.c:513:sc_transmit: called
0x7f611ef26700 09:56:18.959 [pkcs15-init] apdu.c:367:sc_single_transmit: called
0x7f611ef26700 09:56:18.959 [pkcs15-init] apdu.c:372:sc_single_transmit: CLA:0, INS:A4, P1:0, P2:0, data(2) 0x7ffc4235d850
0x7f611ef26700 09:56:18.959 [pkcs15-init] reader-pcsc.c:269:pcsc_transmit: reader 'Eutron Smart Pocket 00 00'
0x7f611ef26700 09:56:18.959 [pkcs15-init] reader-pcsc.c:270:pcsc_transmit:
Outgoing APDU (7 bytes):
00 A4 00 00 02 3F 00 .....?.
0x7f611ef26700 09:56:18.960 [pkcs15-init] reader-pcsc.c:199:pcsc_internal_transmit: called
0x7f611ef26700 09:56:18.981 [pkcs15-init] reader-pcsc.c:279:pcsc_transmit:
Incoming APDU (2 bytes):
61 12 a.
0x7f611ef26700 09:56:18.981 [pkcs15-init] apdu.c:382:sc_single_transmit: returning with: 0 (Success)
0x7f611ef26700 09:56:18.981 [pkcs15-init] apdu.c:426:sc_get_response: called
0x7f611ef26700 09:56:18.981 [pkcs15-init] apdu.c:535:sc_transmit: returning with: 0 (Success)
0x7f611ef26700 09:56:18.981 [pkcs15-init] card.c:434:sc_unlock: called
0x7f611ef26700 09:56:18.981 [pkcs15-init] card-gpk.c:535:gpk_select_id: gpk_select_id(0x5015, kind=1)
0x7f611ef26700 09:56:18.981 [pkcs15-init] apdu.c:546:sc_transmit_apdu: called
0x7f611ef26700 09:56:18.981 [pkcs15-init] card.c:394:sc_lock: called
0x7f611ef26700 09:56:18.981 [pkcs15-init] apdu.c:513:sc_transmit: called
0x7f611ef26700 09:56:18.981 [pkcs15-init] apdu.c:367:sc_single_transmit: called
0x7f611ef26700 09:56:18.981 [pkcs15-init] apdu.c:372:sc_single_transmit: CLA:0, INS:A4, P1:1, P2:0, data(2) 0x7ffc4235d850
0x7f611ef26700 09:56:18.981 [pkcs15-init] reader-pcsc.c:269:pcsc_transmit: reader 'Eutron Smart Pocket 00 00'
0x7f611ef26700 09:56:18.981 [pkcs15-init] reader-pcsc.c:270:pcsc_transmit:
Outgoing APDU (7 bytes):
00 A4 01 00 02 50 15 .....P.
0x7f611ef26700 09:56:18.981 [pkcs15-init] reader-pcsc.c:199:pcsc_internal_transmit: called
0x7f611ef26700 09:56:19.001 [pkcs15-init] reader-pcsc.c:279:pcsc_transmit:
Incoming APDU (2 bytes):
6A 82 j.
0x7f611ef26700 09:56:19.001 [pkcs15-init] apdu.c:382:sc_single_transmit: returning with: 0 (Success)
0x7f611ef26700 09:56:19.001 [pkcs15-init] apdu.c:535:sc_transmit: returning with: 0 (Success)
0x7f611ef26700 09:56:19.001 [pkcs15-init] card.c:434:sc_unlock: called
0x7f611ef26700 09:56:19.001 [pkcs15-init] iso7816.c:121:iso7816_check_sw: File not found
0x7f611ef26700 09:56:19.001 [pkcs15-init] card-gpk.c:506:gpk_select: Card returned error: -1201 (File not found)
0x7f611ef26700 09:56:19.001 [pkcs15-init] card.c:434:sc_unlock: called
0x7f611ef26700 09:56:19.001 [pkcs15-init] card-gpk.c:649:gpk_select_file: Unable to select DF: -1201 (File not found)
0x7f611ef26700 09:56:19.001 [pkcs15-init] card.c:720:sc_select_file: 'SELECT' error: -1201 (File not found)
0x7f611ef26700 09:56:19.001 [pkcs15-init] profile.c:338:sc_profile_load: called
0x7f611ef26700 09:56:19.001 [pkcs15-init] profile.c:368:sc_profile_load: Using profile directory '/usr/local/share/opensc'.
0x7f611ef26700 09:56:19.001 [pkcs15-init] profile.c:376:sc_profile_load: Trying profile file /usr/local/share/opensc/pkcs15.profile
0x7f611ef26700 09:56:19.001 [pkcs15-init] profile.c:381:sc_profile_load: profile /usr/local/share/opensc/pkcs15.profile loaded ok
0x7f611ef26700 09:56:19.001 [pkcs15-init] profile.c:385:sc_profile_load: returning with: -1201 (File not found)
0x7f611ef26700 09:56:19.001 [pkcs15-init] pkcs15-lib.c:362:sc_pkcs15init_bind: Failed to load profile 'pkcs15': File not found
0x7f611ef26700 09:56:19.001 [pkcs15-init] pkcs15-lib.c:379:sc_pkcs15init_bind: Load profile error: -1201 (File not found)
Couldn't bind to the card: File not found

ATR match a Gemplus GPK16000 but when try to erase it, somethings is missing.

Thank you for your help.
Giovanni

------------------------------------------------------------------------------
Find and fix application performance issues faster with Applications Manager
Applications Manager provides deep performance insights into multiple tiers of
your business applications. It resolves application problems quickly and
reduces your MTTR. Get your free trial!
https://ad.doubleclick.net/ddm/clk/302982198;130105516;z
_______________________________________________
Opensc-devel mailing list
Opensc-devel <at> lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/opensc-devel
Anders Rundgren | 13 Apr 12:18 2016
Picon

Microsoft introduces the eID "eliminator"

https://blogs.windows.com/msedgedev/2016/04/12/a-world-without-passwords-windows-hello-in-microsoft-edge/

It is a bit sad that the card industry never managed making card provision/initialization usable over the
Web. Is FIDO the answer? In the absence of competitors, it might very well be that. It among many things also
means that PKI will be less likely powering future eIDs.

Anders

------------------------------------------------------------------------------
Find and fix application performance issues faster with Applications Manager
Applications Manager provides deep performance insights into multiple tiers of
your business applications. It resolves application problems quickly and
reduces your MTTR. Get your free trial!
https://ad.doubleclick.net/ddm/clk/302982198;130105516;z
Peter Popovec | 11 Apr 08:38 2016
Picon

Wrong result from GET RESPONSE

Hi,

There is not correctly working GET RESPONSE operation (T0 protocol). If card
signalizes more data to read as defined by max_recv_size, then APDU transport
fails, because it read only first part of returned data.


First wrong behaviour occur at git commit a0c008744608ff2a425a7062479dce3712add5ca:


Outgoing APDU data [   25 bytes] =====================================
00 2A 9E 9A 14 98 6C 9B AE 50 FC FE 19 D6 74 11 .*....l..P....t.
36 B9 CC D6 3B 17 B8 0B 56                      6...;...V
======================================================================
0x7f42b6822700 07:32:12.949 [opensc-pkcs11] reader-pcsc.c:190:pcsc_internal_transmit: called
0x7f42b6822700 07:32:13.095 [opensc-pkcs11] apdu.c:187:sc_apdu_log:
Incoming APDU data [    2 bytes] =====================================
61 00 a.
======================================================================
0x7f42b6822700 07:32:13.095 [opensc-pkcs11] apdu.c:399:sc_single_transmit: returning with: 0 (Success)
0x7f42b6822700 07:32:13.095 [opensc-pkcs11] apdu.c:443:sc_get_response: called
0x7f42b6822700 07:32:13.095 [opensc-pkcs11] apdu.c:563:sc_transmit_apdu: called
0x7f42b6822700 07:32:13.095 [opensc-pkcs11] card.c:394:sc_lock: called
0x7f42b6822700 07:32:13.095 [opensc-pkcs11] apdu.c:530:sc_transmit: called
0x7f42b6822700 07:32:13.095 [opensc-pkcs11] apdu.c:384:sc_single_transmit: called
0x7f42b6822700 07:32:13.095 [opensc-pkcs11] apdu.c:389:sc_single_transmit: CLA:0, INS:C0, P1:0, P2:0, data(0) (nil)
0x7f42b6822700 07:32:13.095 [opensc-pkcs11] reader-pcsc.c:260:pcsc_transmit: reader 'sim 00 00'
0x7f42b6822700 07:32:13.095 [opensc-pkcs11] apdu.c:187:sc_apdu_log:
Outgoing APDU data [    5 bytes] =====================================
00 C0 00 00 FF .....
======================================================================
0x7f42b6822700 07:32:13.095 [opensc-pkcs11] reader-pcsc.c:190:pcsc_internal_transmit: called
0x7f42b6822700 07:32:13.097 [opensc-pkcs11] apdu.c:187:sc_apdu_log:
Incoming APDU data [  257 bytes] =====================================
76 CF 79 C1 12 CF C9 53 BF EF 1B B1 1A D5 42 B2 v.y....S......B.
74 70 6C F3 A6 7E F6 A9 5C 9A A7 42 D5 FB 29 6E tpl..~..\..B..)n
F9 1C 36 65 13 1F 7C 3C 52 F3 2B 48 36 B3 AC F7 ..6e..|<R.+H6...
0B 42 43 23 94 12 AA 54 80 7B 32 66 79 0E 69 26 .BC#...T.{2fy.i&
7D F1 92 EB 8F 88 24 38 83 43 FE F3 24 A2 D4 B9 }.....$8.C..$...
78 1B 34 DC B6 F0 16 07 19 76 D1 5B CC B1 EF 7F x.4......v.[....
2C B2 43 59 F0 F6 77 FA 7C B0 3C 16 07 CD 91 7E ,.CY..w.|.<....~
93 04 A9 B6 EC 10 FB 8E 0B 3E 21 DB C7 FD BA 9D .........>!.....
48 C4 BD 22 15 30 23 F7 87 E2 F3 73 89 15 63 EC H..".0#....s..c.
AC F2 84 14 63 C1 52 A3 0C C5 2D 71 8B 29 EA CF ....c.R...-q.)..
F5 F5 6B EA 08 74 BC B1 B4 61 65 EE 95 B7 17 5E ..k..t...ae....^
A4 82 5A F7 9D DA 6C B4 F5 14 47 E6 FA 4D 23 68 ..Z...l...G..M#h
43 6D C7 EF 9A 09 56 23 B4 D3 DD A3 23 9E 3E F5 Cm....V#....#.>.
49 B9 00 DB 33 A0 E0 4C 65 66 1A AA A3 D8 48 47 I...3..Lef....HG
82 C7 10 73 0F CA B5 C6 77 46 73 6A 9D A3 C9 23 ...s....wFsj...#
C4 95 FD B7 46 9F EF BB 7F 06 B2 02 92 40 85 90 ....F........ <at> ..
00                                              .
======================================================================
0x7f42b6822700 07:32:13.097 [opensc-pkcs11] apdu.c:399:sc_single_transmit: returning with: 0 (Success)
0x7f42b6822700 07:32:13.097 [opensc-pkcs11] apdu.c:552:sc_transmit: returning with: 0 (Success)
0x7f42b6822700 07:32:13.097 [opensc-pkcs11] card.c:434:sc_unlock: called
0x7f42b6822700 07:32:13.097 [opensc-pkcs11] apdu.c:514:sc_get_response: returning with: 0 (Success)
0x7f42b6822700 07:32:13.097 [opensc-pkcs11] apdu.c:552:sc_transmit: returning with: 0 (Success)
0x7f42b6822700 07:32:13.097 [opensc-pkcs11] card.c:434:sc_unlock: called
0x7f42b6822700 07:32:13.097 [opensc-pkcs11] card-myeid.c:851:myeid_compute_signature: returning with: 255
0x7f42b6822700 07:32:13.097 [opensc-pkcs11] sec.c:58:sc_compute_signature: returning with: 255
0x7f42b6822700 07:32:13.097 [opensc-pkcs11] card.c:434:sc_unlock: called
0x7f42b6822700 07:32:13.097 [opensc-pkcs11] pkcs15-sec.c:439:sc_pkcs15_compute_signature: returning with: 255
0x7f42b6822700 07:32:13.097 [opensc-pkcs11] card.c:434:sc_unlock: called
0x7f42b6822700 07:32:13.097 [opensc-pkcs11] reader-pcsc.c:574:pcsc_unlock: called
0x7f42b6822700 07:32:13.100 [opensc-pkcs11] framework-pkcs15.c:3603:pkcs15_prkey_sign: Sign complete. Result 255.
0x7f42b6822700 07:32:13.100 [opensc-pkcs11] mechanism.c:447:sc_pkcs11_signature_final: returning with: 0 (Success)
0x7f42b6822700 07:32:13.100 [opensc-pkcs11] mechanism.c:312:sc_pkcs11_sign_final: returning with: 0 (Success)
0x7f42b6822700 07:32:13.100 [opensc-pkcs11] pkcs11-object.c:697:C_Sign: C_Sign() = CKR_OK

Here only first 255 bytes of response are read, but card signalizes 256 bytes
to read ..  It seems this is problem:



$ git checkout a0c008744608ff2a425a7062479dce3712add5ca
$ git diff 14953f20759b9eec04f65d05d24c2791f76e8918
diff --git a/src/libopensc/apdu.c b/src/libopensc/apdu.c
index 451c706..c590395 100644
--- a/src/libopensc/apdu.c  
+++ b/src/libopensc/apdu.c  
<at> <at> -504,7 +504,7 <at> <at> sc_get_response(struct sc_card *card, struct sc_apdu
*apdu, size_t olen)
                        /* if the card has returned 0x9000 but we still
                         * expect data ask for more
                         * until we have read enough bytes */
                        le = minlen;
-       } while (rv != 0 || minlen != 0);
+       } while (rv != 0 && minlen != 0);
 
        /* we've read all data, let's return 0x9000 */
        apdu->resplen = buf - apdu->resp;


CORRECT RESULT from git commit 14953f20759b9eec04f65d05d24c2791f76e8918 :
Outgoing APDU data [   25 bytes] =====================================
00 2A 9E 9A 14 98 6C 9B AE 50 FC FE 19 D6 74 11 .*....l..P....t.
36 B9 CC D6 3B 17 B8 0B 56                      6...;...V
======================================================================
0x7f8bb8bae700 07:37:44.778 [opensc-pkcs11] reader-pcsc.c:190:pcsc_internal_transmit: called
0x7f8bb8bae700 07:37:44.889 [opensc-pkcs11] apdu.c:187:sc_apdu_log:
Incoming APDU data [    2 bytes] =====================================
61 00 a.
======================================================================
0x7f8bb8bae700 07:37:44.889 [opensc-pkcs11] apdu.c:399:sc_single_transmit: returning with: 0 (Success)
0x7f8bb8bae700 07:37:44.889 [opensc-pkcs11] apdu.c:443:sc_get_response: called
0x7f8bb8bae700 07:37:44.889 [opensc-pkcs11] apdu.c:563:sc_transmit_apdu: called
0x7f8bb8bae700 07:37:44.889 [opensc-pkcs11] card.c:394:sc_lock: called
0x7f8bb8bae700 07:37:44.889 [opensc-pkcs11] apdu.c:530:sc_transmit: called
0x7f8bb8bae700 07:37:44.889 [opensc-pkcs11] apdu.c:384:sc_single_transmit: called
0x7f8bb8bae700 07:37:44.889 [opensc-pkcs11] apdu.c:389:sc_single_transmit: CLA:0, INS:C0, P1:0, P2:0, data(0) (nil)
0x7f8bb8bae700 07:37:44.889 [opensc-pkcs11] reader-pcsc.c:260:pcsc_transmit: reader 'sim 00 00'
0x7f8bb8bae700 07:37:44.889 [opensc-pkcs11] apdu.c:187:sc_apdu_log:
Outgoing APDU data [    5 bytes] =====================================
00 C0 00 00 FF .....
======================================================================
0x7f8bb8bae700 07:37:44.889 [opensc-pkcs11] reader-pcsc.c:190:pcsc_internal_transmit: called
0x7f8bb8bae700 07:37:44.890 [opensc-pkcs11] apdu.c:187:sc_apdu_log:
Incoming APDU data [  257 bytes] =====================================
76 CF 79 C1 12 CF C9 53 BF EF 1B B1 1A D5 42 B2 v.y....S......B.
74 70 6C F3 A6 7E F6 A9 5C 9A A7 42 D5 FB 29 6E tpl..~..\..B..)n
F9 1C 36 65 13 1F 7C 3C 52 F3 2B 48 36 B3 AC F7 ..6e..|<R.+H6...
0B 42 43 23 94 12 AA 54 80 7B 32 66 79 0E 69 26 .BC#...T.{2fy.i&
7D F1 92 EB 8F 88 24 38 83 43 FE F3 24 A2 D4 B9 }.....$8.C..$...
78 1B 34 DC B6 F0 16 07 19 76 D1 5B CC B1 EF 7F x.4......v.[....
2C B2 43 59 F0 F6 77 FA 7C B0 3C 16 07 CD 91 7E ,.CY..w.|.<....~
93 04 A9 B6 EC 10 FB 8E 0B 3E 21 DB C7 FD BA 9D .........>!.....
48 C4 BD 22 15 30 23 F7 87 E2 F3 73 89 15 63 EC H..".0#....s..c.
AC F2 84 14 63 C1 52 A3 0C C5 2D 71 8B 29 EA CF ....c.R...-q.)..
F5 F5 6B EA 08 74 BC B1 B4 61 65 EE 95 B7 17 5E ..k..t...ae....^
A4 82 5A F7 9D DA 6C B4 F5 14 47 E6 FA 4D 23 68 ..Z...l...G..M#h
43 6D C7 EF 9A 09 56 23 B4 D3 DD A3 23 9E 3E F5 Cm....V#....#.>.
49 B9 00 DB 33 A0 E0 4C 65 66 1A AA A3 D8 48 47 I...3..Lef....HG
82 C7 10 73 0F CA B5 C6 77 46 73 6A 9D A3 C9 23 ...s....wFsj...#
C4 95 FD B7 46 9F EF BB 7F 06 B2 02 92 40 85 90 ....F........ <at> ..
00                                              .
======================================================================
0x7f8bb8bae700 07:37:44.890 [opensc-pkcs11] apdu.c:399:sc_single_transmit: returning with: 0 (Success)
0x7f8bb8bae700 07:37:44.890 [opensc-pkcs11] apdu.c:552:sc_transmit: returning with: 0 (Success)
0x7f8bb8bae700 07:37:44.890 [opensc-pkcs11] card.c:434:sc_unlock: called
0x7f8bb8bae700 07:37:44.890 [opensc-pkcs11] apdu.c:563:sc_transmit_apdu: called
0x7f8bb8bae700 07:37:44.890 [opensc-pkcs11] card.c:394:sc_lock: called
0x7f8bb8bae700 07:37:44.890 [opensc-pkcs11] apdu.c:530:sc_transmit: called
0x7f8bb8bae700 07:37:44.890 [opensc-pkcs11] apdu.c:384:sc_single_transmit: called
0x7f8bb8bae700 07:37:44.890 [opensc-pkcs11] apdu.c:389:sc_single_transmit: CLA:0, INS:C0, P1:0, P2:0, data(0) (nil)
0x7f8bb8bae700 07:37:44.890 [opensc-pkcs11] reader-pcsc.c:260:pcsc_transmit: reader 'sim 00 00'
0x7f8bb8bae700 07:37:44.890 [opensc-pkcs11] apdu.c:187:sc_apdu_log:
Outgoing APDU data [    5 bytes] =====================================
00 C0 00 00 01 .....
======================================================================
0x7f8bb8bae700 07:37:44.890 [opensc-pkcs11] reader-pcsc.c:190:pcsc_internal_transmit: called
0x7f8bb8bae700 07:37:44.890 [opensc-pkcs11] apdu.c:187:sc_apdu_log:
Incoming APDU data [    3 bytes] =====================================
DB 90 00 ...
======================================================================
0x7f8bb8bae700 07:37:44.890 [opensc-pkcs11] apdu.c:399:sc_single_transmit: returning with: 0 (Success)
0x7f8bb8bae700 07:37:44.890 [opensc-pkcs11] apdu.c:552:sc_transmit: returning with: 0 (Success)
0x7f8bb8bae700 07:37:44.890 [opensc-pkcs11] card.c:434:sc_unlock: called
0x7f8bb8bae700 07:37:44.890 [opensc-pkcs11] apdu.c:514:sc_get_response: returning with: 0 (Success)
0x7f8bb8bae700 07:37:44.890 [opensc-pkcs11] apdu.c:552:sc_transmit: returning with: 0 (Success)
0x7f8bb8bae700 07:37:44.890 [opensc-pkcs11] card.c:434:sc_unlock: called
0x7f8bb8bae700 07:37:44.890 [opensc-pkcs11] card-myeid.c:851:myeid_compute_signature: returning with: 256



solution: revert commit a0c008744608ff2a425a7062479dce3712add5ca


Peter


------------------------------------------------------------------------------
Find and fix application performance issues faster with Applications Manager
Applications Manager provides deep performance insights into multiple tiers of
your business applications. It resolves application problems quickly and
reduces your MTTR. Get your free trial! http://pubads.g.doubleclick.net/
gampad/clk?id=1444514301&iu=/ca-pub-7940484522588532
_______________________________________________
Opensc-devel mailing list
Opensc-devel <at> lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/opensc-devel
Nilesh Bhogate | 8 Apr 14:03 2016

Siemens CardOS v4.3b - reading files

Hi,

 

I am working on OpenSC (v0.14.0) to interact with Charismathics card having ‘Siemens CardOS v4.3b’.

 

OpenSC fails to get the MF from this card; while a Software tool provided by manufacturer is able to read the data objects present on this card.

 

My question is: whether it is valid for the Smartcards to have different location address for MF for different card OS? (May be a dumb question, but I found MF location is hardcoded to “3F002F00” inside ‘libopensc\dir.c’)

If it is valid, is there any way to get information about file structure (and location addresses) for a particular card? Appreciate any help / guidance in this regard.

 

=======================================================================================

Log snippet:

matched driver 'Siemens CardOS'

card info name:'CardOS M4', type:1004, flags:0x0, max_send/recv_size:0/0

[opensc-pkcs11] libopensc\card.c:250:sc_connect_card: returning with: 0 (Success)

SCM Microsystems Inc. SCR33x USB Smart Card Reader 0: Connected SC card 013FC618

[opensc-pkcs11] libopensc\dir.c:140:sc_enum_apps: called

called; type=2, path=3f002f00

[opensc-pkcs11] libopensc\card-cardos.c:449:cardos_select_file: called

[opensc-pkcs11] libopensc\apdu.c:559:sc_transmit_apdu: called

[opensc-pkcs11] libopensc\card.c:325:sc_lock: called

[opensc-pkcs11] libopensc\reader-pcsc.c:517:pcsc_lock: called

[opensc-pkcs11] libopensc\apdu.c:526:sc_transmit: called

[opensc-pkcs11] libopensc\apdu.c:380:sc_single_transmit: called

CLA:0, INS:A4, P1:8, P2:0, data(2) 00C4E7BA

reader 'SCM Microsystems Inc. SCR33x USB Smart Card Reader 0'

Outgoing APDU data [    8 bytes] =====================================

00 A4 08 00 02 2F 00 00 ...../..

======================================================================

[opensc-pkcs11] libopensc\reader-pcsc.c:182:pcsc_internal_transmit: called

Incoming APDU data [    2 bytes] =====================================

6A 82 j.

======================================================================

[opensc-pkcs11] libopensc\apdu.c:395:sc_single_transmit: returning with: 0 (Success)

[opensc-pkcs11] libopensc\apdu.c:548:sc_transmit: returning with: 0 (Success)

[opensc-pkcs11] libopensc\card.c:361:sc_unlock: called

[opensc-pkcs11] libopensc\reader-pcsc.c:554:pcsc_unlock: called

file not found

[opensc-pkcs11] libopensc\iso7816.c:507:iso7816_select_file: returning with: -1201 (File not found)

[opensc-pkcs11] libopensc\card-cardos.c:453:cardos_select_file: returning with: -1201 (File not found)

[opensc-pkcs11] libopensc\card.c:640:sc_select_file: 'SELECT' error: -1201 (File not found)

[opensc-pkcs11] libopensc\dir.c:151:sc_enum_apps: Cannot select EF.DIR file: -1201 (File not found)

=======================================================================================

 

Thanks and Best regards,

Nilesh

------------------------------------------------------------------------------
_______________________________________________
Opensc-devel mailing list
Opensc-devel <at> lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/opensc-devel

Gmane