Gyurgyik, Matthew S. | 20 May 02:18 2016
Picon

Understanding of ssh pkcs key provider

Hello.

First, let me say I’m new to smart cards and I haven’t been able to find much documentation on how they
work. I’m looking for some education, if there is a better place to post this question, please let me know.

I can add keys provided by my smart card to ssh-agent with

$ ssh-add -s /Library/OpenSC/lib/opensc-pkcs11.so

However, if I remove the card from the reader and then reinsert it I have to re-add the keys

$ ssh-add -e /Library/OpenSC/lib/opensc-pkcs11.so
$ ssh-add -s /Library/OpenSC/lib/opensc-pkcs11.so

This happens on both OS X and RHEL7. I am assuming this expected behavior. Can someone explain (or point me to
documentation) why it is necessary to remove the keys and re-add them?

Thank you,
Matthew Gyurgyik

------------------------------------------------------------------------------
Mobile security can be enabling, not merely restricting. Employees who
bring their own devices (BYOD) to work are irked by the imposition of MDM
restrictions. Mobile Device Manager Plus allows you to control only the
apps on BYO-devices by containerizing them, leaving personal data untouched!
https://ad.doubleclick.net/ddm/clk/304595813;131938128;j
_______________________________________________
Opensc-devel mailing list
Opensc-devel <at> lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/opensc-devel
(Continue reading)

Jakub Jelen | 16 May 17:04 2016
Picon

PKCS#11 Test suite (PIV)

Hello OpenSC devels,

I didn't find any test suite or unit tests for OpenSC project. As I 
noticed, there is a lot of hand-testing work on pull requests for 
various cards and users. I believe everyone has some use cases to verify 
basic functionality of their cards.
I understand that this fields is very divergent, there is a lot of card 
variants and it is almost impossible to build automatic test suite that 
would run in cloud with every build. But would it make sense to have 
something that devels (or users) can simply run and what would verify 
basic functionality and possible regressions?

I went to the directory src/tests/ and fixed the tests that are 
available now (see pull request [1], broken for 6 years), but they are 
far away from complete test suite.

I also started with the idea from PKCS#11 API and put together basic 
test suite and inspector for OpenSC, which is currently in my OpenSC 
fork [2]. It is by no mean complete test suite of all the use cases, but 
I tried to catch most common cases, represent results in understandable 
form (currently tested with PIV cards) and add regression test for 
recent pull request [3].

And there is the twist. What would you expect from PKCS#11/Smartcard 
testsuite? Would it make sense to have something like this upstream? 
What use cases would you expect from that to check?

[1] https://github.com/OpenSC/OpenSC/pull/759
[2] https://github.com/Jakuje/OpenSC/tree/jjelen-testsuite/src/tests
[3] https://github.com/OpenSC/OpenSC/pull/743
(Continue reading)

Frank Morgner | 3 May 12:33 2016
Picon

Re: Information for not yet supported card

If you are lucky your card is already supported, but OpenSC does not yet
recognize it. You should try to get to know what specific java card
applets are on your card.

If the card is not supported, you will have to find some programmer, who
adds support.

Greets, Frank.

On Thursday, April 28 at 10:30PM, Claudio Felix wrote:
> Hi Frank,
> 
> Is there anything else I can do or use to get the required information?
> 
> Thanks,
> 
> Claudio
> 
> 2016-04-19 19:17 GMT-03:00 Frank Morgner <morgner <at> informatik.hu-berlin.de>:
> 
> > Sorry, this does unfortunately not contain any useful information.
> >
> > Greets, Frank.
> >
> >
> > On Tuesday, April 19 at 07:09PM, Claudio Felix wrote:
> > > Hi,
> > >
> > > Some time ago I bought a card in an online store to store digital
> > > certificates for e-CPF or e-CNPJ, which are respectively like a tax payer
(Continue reading)

Johannes Rath | 26 Apr 09:58 2016

Writing private key to smart card

 

Hi all,

 

I am trying to write a private key to a smart card, but I am always getting an error:

 

jor <at> jorVirtualUbuntu1404:/mnt/Projects/TestOpenSC$ pkcs11-tool -y privkey  -l -w  private.der

Using slot 0 with a present token (0x0)

Logging in to "JavaCard isoApplet (User PIN)".

Please enter User PIN:

error: PKCS11 function C_CreateObject failed: rv = CKR_GENERAL_ERROR (0x5)

 

Aborting.

jor <at> jorVirtualUbuntu1404:/mnt/Projects/TestOpenSC$ opensc-tool -i

OpenSC 0.15.0 [gcc  4.8.4]

Enabled features: locking zlib readline openssl pcsc(libpcsclite.so.1)

 

Any ideas?

 

Regards

 

Johannes

 

------------------------------------------------------------------------------
Find and fix application performance issues faster with Applications Manager
Applications Manager provides deep performance insights into multiple tiers of
your business applications. It resolves application problems quickly and
reduces your MTTR. Get your free trial!
https://ad.doubleclick.net/ddm/clk/302982198;130105516;z
_______________________________________________
Opensc-devel mailing list
Opensc-devel <at> lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/opensc-devel
Douglas E Engert | 21 Apr 23:57 2016
Picon

OPenSC AppVeyer is acting up


It appears that AppVeyer is having problems loading zlib. See:

https://ci.appveyor.com/project/LudovicRousseau/opensc/build/0.16.0.595/job/65tmhvbcns2grosi

Error downloading file: Unable to connect to the remote server

7-Zip [64] 9.20  Copyright (c) 1999-2010 Igor Pavlov  2010-11-18

Error:
cannot find archive
Rename-Item : Cannot rename because item at 'c:\zlib-1.2.8' does not exist.
At line:11 char:3
+   Rename-Item -path "c:\zlib-${env:ZLIB_VER_DOT}" -newName "zlib"
+   ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     + CategoryInfo          : InvalidOperation: (:) [Rename-Item], PSInvalidOperationException
     + FullyQualifiedErrorId : InvalidOperation,Microsoft.PowerShell.Commands.RenameItemCommand

Command executed with exception: Cannot rename because item at 'c:\zlib-1.2.8' does not exist.

--

-- 

  Douglas E. Engert  <DEEngert <at> gmail.com>

------------------------------------------------------------------------------
Find and fix application performance issues faster with Applications Manager
Applications Manager provides deep performance insights into multiple tiers of
your business applications. It resolves application problems quickly and
reduces your MTTR. Get your free trial!
https://ad.doubleclick.net/ddm/clk/302982198;130105516;z
Claudio Felix | 20 Apr 00:09 2016
Picon
Gravatar

Information for not yet supported card

Hi,

Some time ago I bought a card in an online store to store digital certificates for e-CPF or e-CNPJ, which are respectively like a tax payer identifier for people and companies. I don't have the e-mail from the store anymore, but I remember something about JCOP and java card. Although it seems yet unsupported in OpenSC, it looks supported in PCSC, since pcsc_scan outputs the following information when the card gets inserted:

Reader 0: CASTLES EZ100PU 00 00
  Card state: Card inserted, 
  ATR: 3B 6A 00 FF 4A 43 4F 50 32 31 56 32 33 31

ATR: 3B 6A 00 FF 4A 43 4F 50 32 31 56 32 33 31
+ TS = 3B --> Direct Convention
+ T0 = 6A, Y(1): 0110, K: 10 (historical bytes)
  TB(1) = 00 --> VPP is not electrically connected
  TC(1) = FF --> Extra guard time: 255 (special value)
+ Historical bytes: 4A 43 4F 50 32 31 56 32 33 31
  Category indicator byte: 4A (proprietary format)

Possibly identified card (using /usr/share/pcsc/smartcard_list.txt):
3B 6A 00 FF 4A 43 4F 50 32 31 56 32 33 31
        JCOP21 v2.3 Standard


Hope this helps getting the card supported.

Thank you,

Claudio
------------------------------------------------------------------------------
Find and fix application performance issues faster with Applications Manager
Applications Manager provides deep performance insights into multiple tiers of
your business applications. It resolves application problems quickly and
reduces your MTTR. Get your free trial!
https://ad.doubleclick.net/ddm/clk/302982198;130105516;z
_______________________________________________
Opensc-devel mailing list
Opensc-devel <at> lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/opensc-devel
Douglas E Engert | 19 Apr 21:20 2016
Picon

OpenSC-0.16.0 and OpenSSL-1.1.0-pre5 and libp11

P.S. Libp11 will also need changes as p11_key.c also tries to access the internals of the RSA structure.

OpenSSL announced today: OpenSSL version 1.1.0 pre release 5 (beta)

Building OpenSC-0.16.0 from git, with my https://github.com/OpenSC/OpenSC/pull/717
that compiled with the OpenSSL-1.1.0-pre4 now shows 117 errors 13 files.

Between pre4 and pre5 OpenSSL has now hidden the internals of the RSA structure.
One can no longer reference via a pointer the BIGNUM for n, e, d, r, q, dump1, dmq1 or iqmp.
One must use these routines:
int RSA_set0_key(RSA *r, BIGNUM *n, BIGNUM *e, BIGNUM *d);
int RSA_set0_factors(RSA *r, BIGNUM *p, BIGNUM *q);
int RSA_set0_crt_params(RSA *r,BIGNUM *dmp1, BIGNUM *dmq1, BIGNUM *iqmp);
void RSA_get0_key(const RSA *r, BIGNUM **n, BIGNUM **e, BIGNUM **d);
void RSA_get0_factors(const RSA *r, BIGNUM **p, BIGNUM **q);
void RSA_get0_crt_params(const RSA *r,
                          BIGNUM **dmp1, BIGNUM **dmq1, BIGNUM **iqmp);
void RSA_clear_flags(RSA *r, int flags);
int RSA_test_flags(const RSA *r, int flags);
void RSA_set_flags(RSA *r, int flags);

I have started looking at the changes needed to PR #717 that will be needed.

These are the routines that need to be modified:

pkcs15init.c
pkcs15-westcos.c
pkcs15-prkey.c
pkcs15-pubkey.c
card-westcos.c
cwa14890.c
cwa-dnie.c
piv-tool.c
pkcs15-tool.c
p15card-helper.c
westcost-tool.c
cryptoflex-tool.c
pkcs15-tool.c

--

-- 

  Douglas E. Engert  <DEEngert <at> gmail.com>

------------------------------------------------------------------------------
Find and fix application performance issues faster with Applications Manager
Applications Manager provides deep performance insights into multiple tiers of
your business applications. It resolves application problems quickly and
reduces your MTTR. Get your free trial!
https://ad.doubleclick.net/ddm/clk/302982198;130105516;z
Douglas E Engert | 19 Apr 21:17 2016
Picon

OpenSC-0.16.0 and OpenSSL-1.1.0-pre5

OpenSSL announced today: OpenSSL version 1.1.0 pre release 5 (beta)

Building OpenSC-0.16.0 from git, with my https://github.com/OpenSC/OpenSC/pull/717
that compiled with the OpenSSL-1.1.0-pre4 now shows 117 errors 13 files.

Between pre4 and pre5 OpenSSL has now hidden the internals of the RSA structure.
One can no longer reference via a pointer the BIGNUM for n, e, d, r, q, dump1, dmq1 or iqmp.
One must use these routines:
int RSA_set0_key(RSA *r, BIGNUM *n, BIGNUM *e, BIGNUM *d);
int RSA_set0_factors(RSA *r, BIGNUM *p, BIGNUM *q);
int RSA_set0_crt_params(RSA *r,BIGNUM *dmp1, BIGNUM *dmq1, BIGNUM *iqmp);
void RSA_get0_key(const RSA *r, BIGNUM **n, BIGNUM **e, BIGNUM **d);
void RSA_get0_factors(const RSA *r, BIGNUM **p, BIGNUM **q);
void RSA_get0_crt_params(const RSA *r,
                          BIGNUM **dmp1, BIGNUM **dmq1, BIGNUM **iqmp);
void RSA_clear_flags(RSA *r, int flags);
int RSA_test_flags(const RSA *r, int flags);
void RSA_set_flags(RSA *r, int flags);

I have started looking at the changes needed to PR #717 that will be needed.

These are the routines that need to be modified:

pkcs15init.c
pkcs15-westcos.c
pkcs15-prkey.c
pkcs15-pubkey.c
card-westcos.c
cwa14890.c
cwa-dnie.c
piv-tool.c
pkcs15-tool.c
p15card-helper.c
westcost-tool.c
cryptoflex-tool.c
pkcs15-tool.c

--

-- 

  Douglas E. Engert  <DEEngert <at> gmail.com>

------------------------------------------------------------------------------
Find and fix application performance issues faster with Applications Manager
Applications Manager provides deep performance insights into multiple tiers of
your business applications. It resolves application problems quickly and
reduces your MTTR. Get your free trial!
https://ad.doubleclick.net/ddm/clk/302982198;130105516;z
Ogorzalek, Przemyslaw | 19 Apr 14:03 2016

How to retrieve RSA private key from wrapped key blob?

Hello,

 

I wonder if it’s possible to decrypt wrapped RSA private key downloaded from a smartcard? The key was generated and obtained by the following set of commands:

 

sc-hsm-tool --create-dkek-share dkek/dkek-share-1.pbe

sc-hsm-tool --create-dkek-share dkek/dkek-share-2.pbe

 

sc-hsm-tool --initialize --dkek-shares 2

sc-hsm-tool --import-dkek-share dkek/dkek-share-1.pbe

sc-hsm-tool --import-dkek-share dkek/dkek-share-2.pbe

pkcs11-tool -l --pin 123456 --keypairgen --key-type rsa:2048 --id 11 --usage-sign

sc-hsm-tool --wrap-key wrap-key.bin --key-reference 1

 

I know how to upload the key to a new card, but what if I want to change the technology stack and stop using smartcards in the future? Is there any way to  reencrypt the RSA key to store it in file protected simply by a passphrase?

 

Assume that I have both DKEK key shares and corresponding passwords, and I can perform the whole process in a designated secure room.

 

I have also asked this question on superuser.com: http://superuser.com/questions/1066719/how-to-retrieve-rsa-private-key-from-wrapped-key-blob

So if you can answer my question, the reputation is yours to get J

 

Best regards,

Przemysław Ogorzałek

------------------------------------------------------------------------------
Find and fix application performance issues faster with Applications Manager
Applications Manager provides deep performance insights into multiple tiers of
your business applications. It resolves application problems quickly and
reduces your MTTR. Get your free trial!
https://ad.doubleclick.net/ddm/clk/302982198;130105516;z
_______________________________________________
Opensc-devel mailing list
Opensc-devel <at> lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/opensc-devel
Cornelius Kölbel | 15 Apr 23:02 2016
Picon
Gravatar

missing key usage of pubkey

Hi,

I am doing some tests with the nitrokey (smartcard-hsm) on Ubuntu 14.04.
It comes with 0.13.0-3ubuntu4.1.

So you may simply tell me to get a newer version ;-)

Now, when I generate a key pair everything looks fine.
The key usage of the pubkey is marked as _encrypt_.

But when I run -l -O the public key has no attributes!

(venv)cornelius <at> puckel ...c/privacyidea/privacyidea/lib/security
(git)-[pkcs11] % pkcs11-tool
--module /usr/lib/x86_64-linux-gnu/opensc-pkcs11.so -l --keypairgen
--key-type rsa:2048 --id
11                                                    
Using slot 1 with a present token (0x1)
Logging in to "SmartCard-HSM (UserPIN)".
Please enter User PIN: 
Key pair generated:
Private Key Object; RSA 
  label:      Private Key
  ID:         11
  Usage:      decrypt, sign, unwrap
Public Key Object; RSA 2048 bits
  label:      Private Key
  ID:         11
  Usage:      encrypt, verify, wrap
(venv)cornelius <at> puckel ...c/privacyidea/privacyidea/lib/security
(git)-[pkcs11] % pkcs11-tool
--module /usr/lib/x86_64-linux-gnu/opensc-pkcs11.so -l -O
Using slot 1 with a present token (0x1)
Logging in to "SmartCard-HSM (UserPIN)".
Please enter User PIN: 
Private Key Object; RSA 
  label:      Private Key
  ID:         11
  Usage:      decrypt, sign, unwrap
Public Key Object; RSA 2048 bits
  label:      Private Key
  ID:         11
  Usage:      none

Also when I look at the object all key usage attribs are set to false:

[CKA_ALWAYS_SENSITIVE: True
CKA_CLASS: CKO_PUBLIC_KEY
CKA_DECRYPT: False
CKA_DERIVE: False
CKA_ENCRYPT: False
CKA_EXTRACTABLE: (0L,)
CKA_ID: (17L,)
CKA_KEY_GEN_MECHANISM: -1
CKA_KEY_TYPE: CKK_RSA
CKA_LABEL: Private Key
CKA_LOCAL: True
CKA_MODIFIABLE: False

When I try to encrypt with the key handle on key x11 i get
CKR_FUNCTION_NOT_SUPPORTED.

So it looks like the attributes of the pubkey are not persisted.

Am I missing something?

Thanks a lot and kind regards
Cornelius

 
------------------------------------------------------------------------------
Find and fix application performance issues faster with Applications Manager
Applications Manager provides deep performance insights into multiple tiers of
your business applications. It resolves application problems quickly and
reduces your MTTR. Get your free trial!
https://ad.doubleclick.net/ddm/clk/302982198;130105516;z
_______________________________________________
Opensc-devel mailing list
Opensc-devel <at> lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/opensc-devel
Giovanni | 15 Apr 09:57 2016
Picon

Gemplus GPK16000 supported or not?

Hi,

I trying lastest opensc from github with Gemplus GPK16000, in wiki's "SupportedHardware" I read GemplusGpk is unsupported, while in page "GemplusGpk" is supported.
I tried to erase my card and I got a file not found this is the log:

pkcs15-init -E -vvvvvv
0x7f611ef26700 09:56:18.921 [pkcs15-init] sc.c:251:sc_detect_card_presence: called
0x7f611ef26700 09:56:18.921 [pkcs15-init] reader-pcsc.c:393:pcsc_detect_card_presence: called
0x7f611ef26700 09:56:18.921 [pkcs15-init] reader-pcsc.c:303:refresh_attributes: Eutron Smart Pocket 00 00 check
0x7f611ef26700 09:56:18.922 [pkcs15-init] reader-pcsc.c:322:refresh_attributes: returning with: 0 (Success)
0x7f611ef26700 09:56:18.922 [pkcs15-init] reader-pcsc.c:398:pcsc_detect_card_presence: returning with: 1
0x7f611ef26700 09:56:18.922 [pkcs15-init] sc.c:256:sc_detect_card_presence: returning with: 1
Using reader with a card: Eutron Smart Pocket 00 00
0x7f611ef26700 09:56:18.922 [pkcs15-init] sc.c:251:sc_detect_card_presence: called
0x7f611ef26700 09:56:18.922 [pkcs15-init] reader-pcsc.c:393:pcsc_detect_card_presence: called
0x7f611ef26700 09:56:18.922 [pkcs15-init] reader-pcsc.c:303:refresh_attributes: Eutron Smart Pocket 00 00 check
0x7f611ef26700 09:56:18.922 [pkcs15-init] reader-pcsc.c:322:refresh_attributes: returning with: 0 (Success)
0x7f611ef26700 09:56:18.922 [pkcs15-init] reader-pcsc.c:398:pcsc_detect_card_presence: returning with: 1
0x7f611ef26700 09:56:18.922 [pkcs15-init] sc.c:256:sc_detect_card_presence: returning with: 1
Connecting to card in reader Eutron Smart Pocket 00 00...
0x7f611ef26700 09:56:18.922 [pkcs15-init] card.c:196:sc_connect_card: called
0x7f611ef26700 09:56:18.922 [pkcs15-init] reader-pcsc.c:475:pcsc_connect: called
0x7f611ef26700 09:56:18.922 [pkcs15-init] reader-pcsc.c:303:refresh_attributes: Eutron Smart Pocket 00 00 check
0x7f611ef26700 09:56:18.922 [pkcs15-init] reader-pcsc.c:322:refresh_attributes: returning with: 0 (Success)
0x7f611ef26700 09:56:18.922 [pkcs15-init] reader-pcsc.c:504:pcsc_connect: Initial protocol: T=0
0x7f611ef26700 09:56:18.922 [pkcs15-init] card.c:217:sc_connect_card: matching configured ATRs
0x7f611ef26700 09:56:18.922 [pkcs15-init] card.c:260:sc_connect_card: matching built-in ATRs
0x7f611ef26700 09:56:18.922 [pkcs15-init] card.c:265:sc_connect_card: trying driver 'cardos'
0x7f611ef26700 09:56:18.922 [pkcs15-init] card.c:978:match_atr_table: ATR     : 3b:a7:00:40:18:80:65:a2:09:01:02:52
0x7f611ef26700 09:56:18.922 [pkcs15-init] card.c:989:match_atr_table: ATR try : 3b:e2:00:ff:c1:10:31:fe:55:c8:02:9c
0x7f611ef26700 09:56:18.922 [pkcs15-init] card.c:989:match_atr_table: ATR try : 3b:e9:00:ff:c1:10:31:fe:55:00:64:05:00:c8:02:31:80:00:47
0x7f611ef26700 09:56:18.922 [pkcs15-init] card.c:992:match_atr_table: ignored - wrong length
0x7f611ef26700 09:56:18.922 [pkcs15-init] card.c:989:match_atr_table: ATR try : 3b:fb:98:00:ff:c1:10:31:fe:55:00:64:05:20:47:03:31:80:00:90:00:f3
0x7f611ef26700 09:56:18.922 [pkcs15-init] card.c:992:match_atr_table: ignored - wrong length
0x7f611ef26700 09:56:18.922 [pkcs15-init] card.c:989:match_atr_table: ATR try : 3b:fc:98:00:ff:c1:10:31:fe:55:c8:03:49:6e:66:6f:63:61:6d:65:72:65:28
0x7f611ef26700 09:56:18.922 [pkcs15-init] card.c:992:match_atr_table: ignored - wrong length
0x7f611ef26700 09:56:18.922 [pkcs15-init] card.c:989:match_atr_table: ATR try : 3b:f4:98:00:ff:c1:10:31:fe:55:4d:34:63:76:b4
0x7f611ef26700 09:56:18.922 [pkcs15-init] card.c:992:match_atr_table: ignored - wrong length
0x7f611ef26700 09:56:18.922 [pkcs15-init] card.c:989:match_atr_table: ATR try : 3b:f2:18:00:ff:c1:0a:31:fe:55:c8:06:8a
0x7f611ef26700 09:56:18.922 [pkcs15-init] card.c:992:match_atr_table: ignored - wrong length
0x7f611ef26700 09:56:18.922 [pkcs15-init] card.c:989:match_atr_table: ATR try : 3b:d2:18:02:c1:0a:31:fe:58:c8:0d:51
0x7f611ef26700 09:56:18.922 [pkcs15-init] card.c:989:match_atr_table: ATR try : 3b:d2:18:00:81:31:fe:58:c9:01:14
0x7f611ef26700 09:56:18.922 [pkcs15-init] card.c:992:match_atr_table: ignored - wrong length
0x7f611ef26700 09:56:18.922 [pkcs15-init] card.c:265:sc_connect_card: trying driver 'flex'
0x7f611ef26700 09:56:18.922 [pkcs15-init] card.c:978:match_atr_table: ATR     : 3b:a7:00:40:18:80:65:a2:09:01:02:52
0x7f611ef26700 09:56:18.922 [pkcs15-init] card.c:989:match_atr_table: ATR try : 3b:95:15:40:20:68:01:02:00:00
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:992:match_atr_table: ignored - wrong length
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:989:match_atr_table: ATR try : 3B:95:15:40:FF:68:01:02:02:01
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:992:match_atr_table: ignored - wrong length
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:989:match_atr_table: ATR try : 3B:95:15:40:FF:68:01:02:02:04
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:992:match_atr_table: ignored - wrong length
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:989:match_atr_table: ATR try : 3B:85:40:20:68:01:01:05:01
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:992:match_atr_table: ignored - wrong length
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:989:match_atr_table: ATR try : 3B:95:94:40:FF:63:01:01:02:01
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:992:match_atr_table: ignored - wrong length
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:989:match_atr_table: ATR try : 3B:95:15:40:FF:63:01:01:02:01
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:992:match_atr_table: ignored - wrong length
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:989:match_atr_table: ATR try : 3B:95:18:40:FF:64:02:01:01:02
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:992:match_atr_table: ignored - wrong length
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:989:match_atr_table: ATR try : 3B:95:18:40:FF:62:01:01:00:00
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:992:match_atr_table: ignored - wrong length
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:989:match_atr_table: ATR try : 3B:95:18:40:FF:62:01:02:01:04
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:992:match_atr_table: ignored - wrong length
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:989:match_atr_table: ATR try : 3B:95:18:40:FF:62:04:01:01:05
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:992:match_atr_table: ignored - wrong length
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:989:match_atr_table: ATR try : 3b:95:15:40:ff:68:01:02:45:47
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:992:match_atr_table: ignored - wrong length
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:989:match_atr_table: ATR try : 3B:E2:00:00:40:20:49:06
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:992:match_atr_table: ignored - wrong length
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:989:match_atr_table: ATR try : 3B:E2:00:00:40:20:49:05
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:992:match_atr_table: ignored - wrong length
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:989:match_atr_table: ATR try : 3B:E2:00:00:40:20:49:07
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:992:match_atr_table: ignored - wrong length
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:989:match_atr_table: ATR try : 3B:85:40:20:68:01:01:03:05
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:992:match_atr_table: ignored - wrong length
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:989:match_atr_table: ATR try : 3B:02:14:50
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:992:match_atr_table: ignored - wrong length
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:989:match_atr_table: ATR try : 3B:19:14:55:90:01:02:01:00:05:04:B0
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:989:match_atr_table: ATR try : 3B:32:15:00:06:80
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:992:match_atr_table: ignored - wrong length
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:989:match_atr_table: ATR try : 3B:32:15:00:06:95
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:992:match_atr_table: ignored - wrong length
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:989:match_atr_table: ATR try : 3B:19:14:59:01:01:0F:01:00:05:08:B0
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:989:match_atr_table: ATR try : 3B:19:14:55:90:01:01:01:00:05:08:B0
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:989:match_atr_table: ATR try : 3B:16:94:81:10:06:01:81:3F
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:992:match_atr_table: ignored - wrong length
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:989:match_atr_table: ATR try : 3B:16:94:81:10:06:01:81:2F
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:992:match_atr_table: ignored - wrong length
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:265:sc_connect_card: trying driver 'cyberflex'
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:978:match_atr_table: ATR     : 3b:a7:00:40:18:80:65:a2:09:01:02:52
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:989:match_atr_table: ATR try : 3b:95:15:40:20:68:01:02:00:00
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:992:match_atr_table: ignored - wrong length
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:989:match_atr_table: ATR try : 3B:95:15:40:FF:68:01:02:02:01
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:992:match_atr_table: ignored - wrong length
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:989:match_atr_table: ATR try : 3B:95:15:40:FF:68:01:02:02:04
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:992:match_atr_table: ignored - wrong length
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:989:match_atr_table: ATR try : 3B:85:40:20:68:01:01:05:01
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:992:match_atr_table: ignored - wrong length
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:989:match_atr_table: ATR try : 3B:95:94:40:FF:63:01:01:02:01
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:992:match_atr_table: ignored - wrong length
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:989:match_atr_table: ATR try : 3B:95:15:40:FF:63:01:01:02:01
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:992:match_atr_table: ignored - wrong length
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:989:match_atr_table: ATR try : 3B:95:18:40:FF:64:02:01:01:02
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:992:match_atr_table: ignored - wrong length
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:989:match_atr_table: ATR try : 3B:95:18:40:FF:62:01:01:00:00
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:992:match_atr_table: ignored - wrong length
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:989:match_atr_table: ATR try : 3B:95:18:40:FF:62:01:02:01:04
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:992:match_atr_table: ignored - wrong length
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:989:match_atr_table: ATR try : 3B:95:18:40:FF:62:04:01:01:05
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:992:match_atr_table: ignored - wrong length
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:989:match_atr_table: ATR try : 3b:95:15:40:ff:68:01:02:45:47
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:992:match_atr_table: ignored - wrong length
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:989:match_atr_table: ATR try : 3B:E2:00:00:40:20:49:06
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:992:match_atr_table: ignored - wrong length
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:989:match_atr_table: ATR try : 3B:E2:00:00:40:20:49:05
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:992:match_atr_table: ignored - wrong length
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:989:match_atr_table: ATR try : 3B:E2:00:00:40:20:49:07
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:992:match_atr_table: ignored - wrong length
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:989:match_atr_table: ATR try : 3B:85:40:20:68:01:01:03:05
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:992:match_atr_table: ignored - wrong length
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:989:match_atr_table: ATR try : 3B:02:14:50
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:992:match_atr_table: ignored - wrong length
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:989:match_atr_table: ATR try : 3B:19:14:55:90:01:02:01:00:05:04:B0
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:989:match_atr_table: ATR try : 3B:32:15:00:06:80
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:992:match_atr_table: ignored - wrong length
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:989:match_atr_table: ATR try : 3B:32:15:00:06:95
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:992:match_atr_table: ignored - wrong length
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:989:match_atr_table: ATR try : 3B:19:14:59:01:01:0F:01:00:05:08:B0
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:989:match_atr_table: ATR try : 3B:19:14:55:90:01:01:01:00:05:08:B0
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:989:match_atr_table: ATR try : 3B:16:94:81:10:06:01:81:3F
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:992:match_atr_table: ignored - wrong length
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:989:match_atr_table: ATR try : 3B:16:94:81:10:06:01:81:2F
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:992:match_atr_table: ignored - wrong length
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:265:sc_connect_card: trying driver 'gpk'
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:978:match_atr_table: ATR     : 3b:a7:00:40:18:80:65:a2:09:01:02:52
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:989:match_atr_table: ATR try : 3B:27:00:80:65:A2:04:01:01:37
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:992:match_atr_table: ignored - wrong length
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:989:match_atr_table: ATR try : 3B:27:00:80:65:A2:05:01:01:37
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:992:match_atr_table: ignored - wrong length
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:989:match_atr_table: ATR try : 3B:27:00:80:65:A2:0C:01:01:37
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:992:match_atr_table: ignored - wrong length
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:989:match_atr_table: ATR try : 3B:A7:00:40:14:80:65:A2:14:01:01:37
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:989:match_atr_table: ATR try : 3B:A7:00:40:18:80:65:A2:08:01:01:52
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:989:match_atr_table: ATR try : 3B:A7:00:40:18:80:65:A2:09:01:01:52
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:989:match_atr_table: ATR try : 3B:A7:00:40:18:80:65:A2:09:01:02:52
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:279:sc_connect_card: matched: Gemplus GPK
0x7f611ef26700 09:56:18.923 [pkcs15-init] card.c:394:sc_lock: called
0x7f611ef26700 09:56:18.923 [pkcs15-init] reader-pcsc.c:543:pcsc_lock: called
0x7f611ef26700 09:56:18.924 [pkcs15-init] apdu.c:546:sc_transmit_apdu: called
0x7f611ef26700 09:56:18.924 [pkcs15-init] card.c:394:sc_lock: called
0x7f611ef26700 09:56:18.924 [pkcs15-init] apdu.c:513:sc_transmit: called
0x7f611ef26700 09:56:18.924 [pkcs15-init] apdu.c:367:sc_single_transmit: called
0x7f611ef26700 09:56:18.924 [pkcs15-init] apdu.c:372:sc_single_transmit: CLA:80, INS:C0, P1:2, P2:A4, data(0) (nil)
0x7f611ef26700 09:56:18.924 [pkcs15-init] reader-pcsc.c:269:pcsc_transmit: reader 'Eutron Smart Pocket 00 00'
0x7f611ef26700 09:56:18.924 [pkcs15-init] reader-pcsc.c:270:pcsc_transmit:
Outgoing APDU (5 bytes):
80 C0 02 A4 0D .....
0x7f611ef26700 09:56:18.924 [pkcs15-init] reader-pcsc.c:199:pcsc_internal_transmit: called
0x7f611ef26700 09:56:18.953 [pkcs15-init] reader-pcsc.c:279:pcsc_transmit:
Incoming APDU (15 bytes):
A2 09 01 01 52 00 FF 00 10 00 FF 86 86 90 00 ....R..........
0x7f611ef26700 09:56:18.953 [pkcs15-init] apdu.c:382:sc_single_transmit: returning with: 0 (Success)
0x7f611ef26700 09:56:18.953 [pkcs15-init] apdu.c:535:sc_transmit: returning with: 0 (Success)
0x7f611ef26700 09:56:18.953 [pkcs15-init] card.c:434:sc_unlock: called
0x7f611ef26700 09:56:18.953 [pkcs15-init] card.c:434:sc_unlock: called
0x7f611ef26700 09:56:18.953 [pkcs15-init] reader-pcsc.c:583:pcsc_unlock: called
0x7f611ef26700 09:56:18.959 [pkcs15-init] card.c:307:sc_connect_card: card info name:'Gemplus GPK', type:3160, flags:0x0, max_send/recv_size:255/252
0x7f611ef26700 09:56:18.959 [pkcs15-init] card.c:1345:sc_card_sm_check: called
0x7f611ef26700 09:56:18.959 [pkcs15-init] card.c:1346:sc_card_sm_check: card->sm_ctx.ops.open (nil)
0x7f611ef26700 09:56:18.959 [pkcs15-init] card.c:1351:sc_card_sm_check: returning with: 0 (Success)
0x7f611ef26700 09:56:18.959 [pkcs15-init] card.c:319:sc_connect_card: returning with: 0 (Success)
Using card driver Gemplus GPK.
0x7f611ef26700 09:56:18.959 [pkcs15-init] card.c:394:sc_lock: called
0x7f611ef26700 09:56:18.959 [pkcs15-init] reader-pcsc.c:543:pcsc_lock: called
0x7f611ef26700 09:56:18.959 [pkcs15-init] pkcs15-lib.c:301:sc_pkcs15init_bind: called
0x7f611ef26700 09:56:18.959 [pkcs15-init] card.c:856:sc_card_ctl: called
0x7f611ef26700 09:56:18.959 [pkcs15-init] card.c:863:sc_card_ctl: card_ctl(4) not supported
0x7f611ef26700 09:56:18.959 [pkcs15-init] card.c:698:sc_select_file: called; type=2, path=3f0050154946
0x7f611ef26700 09:56:18.959 [pkcs15-init] card-gpk.c:572:gpk_select_file: called
0x7f611ef26700 09:56:18.959 [pkcs15-init] card.c:394:sc_lock: called
0x7f611ef26700 09:56:18.959 [pkcs15-init] card-gpk.c:535:gpk_select_id: gpk_select_id(0x3F00, kind=0)
0x7f611ef26700 09:56:18.959 [pkcs15-init] apdu.c:546:sc_transmit_apdu: called
0x7f611ef26700 09:56:18.959 [pkcs15-init] card.c:394:sc_lock: called
0x7f611ef26700 09:56:18.959 [pkcs15-init] apdu.c:513:sc_transmit: called
0x7f611ef26700 09:56:18.959 [pkcs15-init] apdu.c:367:sc_single_transmit: called
0x7f611ef26700 09:56:18.959 [pkcs15-init] apdu.c:372:sc_single_transmit: CLA:0, INS:A4, P1:0, P2:0, data(2) 0x7ffc4235d850
0x7f611ef26700 09:56:18.959 [pkcs15-init] reader-pcsc.c:269:pcsc_transmit: reader 'Eutron Smart Pocket 00 00'
0x7f611ef26700 09:56:18.959 [pkcs15-init] reader-pcsc.c:270:pcsc_transmit:
Outgoing APDU (7 bytes):
00 A4 00 00 02 3F 00 .....?.
0x7f611ef26700 09:56:18.960 [pkcs15-init] reader-pcsc.c:199:pcsc_internal_transmit: called
0x7f611ef26700 09:56:18.981 [pkcs15-init] reader-pcsc.c:279:pcsc_transmit:
Incoming APDU (2 bytes):
61 12 a.
0x7f611ef26700 09:56:18.981 [pkcs15-init] apdu.c:382:sc_single_transmit: returning with: 0 (Success)
0x7f611ef26700 09:56:18.981 [pkcs15-init] apdu.c:426:sc_get_response: called
0x7f611ef26700 09:56:18.981 [pkcs15-init] apdu.c:535:sc_transmit: returning with: 0 (Success)
0x7f611ef26700 09:56:18.981 [pkcs15-init] card.c:434:sc_unlock: called
0x7f611ef26700 09:56:18.981 [pkcs15-init] card-gpk.c:535:gpk_select_id: gpk_select_id(0x5015, kind=1)
0x7f611ef26700 09:56:18.981 [pkcs15-init] apdu.c:546:sc_transmit_apdu: called
0x7f611ef26700 09:56:18.981 [pkcs15-init] card.c:394:sc_lock: called
0x7f611ef26700 09:56:18.981 [pkcs15-init] apdu.c:513:sc_transmit: called
0x7f611ef26700 09:56:18.981 [pkcs15-init] apdu.c:367:sc_single_transmit: called
0x7f611ef26700 09:56:18.981 [pkcs15-init] apdu.c:372:sc_single_transmit: CLA:0, INS:A4, P1:1, P2:0, data(2) 0x7ffc4235d850
0x7f611ef26700 09:56:18.981 [pkcs15-init] reader-pcsc.c:269:pcsc_transmit: reader 'Eutron Smart Pocket 00 00'
0x7f611ef26700 09:56:18.981 [pkcs15-init] reader-pcsc.c:270:pcsc_transmit:
Outgoing APDU (7 bytes):
00 A4 01 00 02 50 15 .....P.
0x7f611ef26700 09:56:18.981 [pkcs15-init] reader-pcsc.c:199:pcsc_internal_transmit: called
0x7f611ef26700 09:56:19.001 [pkcs15-init] reader-pcsc.c:279:pcsc_transmit:
Incoming APDU (2 bytes):
6A 82 j.
0x7f611ef26700 09:56:19.001 [pkcs15-init] apdu.c:382:sc_single_transmit: returning with: 0 (Success)
0x7f611ef26700 09:56:19.001 [pkcs15-init] apdu.c:535:sc_transmit: returning with: 0 (Success)
0x7f611ef26700 09:56:19.001 [pkcs15-init] card.c:434:sc_unlock: called
0x7f611ef26700 09:56:19.001 [pkcs15-init] iso7816.c:121:iso7816_check_sw: File not found
0x7f611ef26700 09:56:19.001 [pkcs15-init] card-gpk.c:506:gpk_select: Card returned error: -1201 (File not found)
0x7f611ef26700 09:56:19.001 [pkcs15-init] card.c:434:sc_unlock: called
0x7f611ef26700 09:56:19.001 [pkcs15-init] card-gpk.c:649:gpk_select_file: Unable to select DF: -1201 (File not found)
0x7f611ef26700 09:56:19.001 [pkcs15-init] card.c:720:sc_select_file: 'SELECT' error: -1201 (File not found)
0x7f611ef26700 09:56:19.001 [pkcs15-init] profile.c:338:sc_profile_load: called
0x7f611ef26700 09:56:19.001 [pkcs15-init] profile.c:368:sc_profile_load: Using profile directory '/usr/local/share/opensc'.
0x7f611ef26700 09:56:19.001 [pkcs15-init] profile.c:376:sc_profile_load: Trying profile file /usr/local/share/opensc/pkcs15.profile
0x7f611ef26700 09:56:19.001 [pkcs15-init] profile.c:381:sc_profile_load: profile /usr/local/share/opensc/pkcs15.profile loaded ok
0x7f611ef26700 09:56:19.001 [pkcs15-init] profile.c:385:sc_profile_load: returning with: -1201 (File not found)
0x7f611ef26700 09:56:19.001 [pkcs15-init] pkcs15-lib.c:362:sc_pkcs15init_bind: Failed to load profile 'pkcs15': File not found
0x7f611ef26700 09:56:19.001 [pkcs15-init] pkcs15-lib.c:379:sc_pkcs15init_bind: Load profile error: -1201 (File not found)
Couldn't bind to the card: File not found

ATR match a Gemplus GPK16000 but when try to erase it, somethings is missing.

Thank you for your help.
Giovanni

------------------------------------------------------------------------------
Find and fix application performance issues faster with Applications Manager
Applications Manager provides deep performance insights into multiple tiers of
your business applications. It resolves application problems quickly and
reduces your MTTR. Get your free trial!
https://ad.doubleclick.net/ddm/clk/302982198;130105516;z
_______________________________________________
Opensc-devel mailing list
Opensc-devel <at> lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/opensc-devel

Gmane