Your message dated Mon, 01 Mar 2010 06:32:16 +0000
with message-id <[email protected]>
and subject line Bug#505404: fixed in opensc 0.11.13-1
has caused the Debian Bug report #505404,
regarding pkcs15-init fails to delete a certificate on a CryptoFlex eGate
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
505404: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=505404
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: opensc
Version: 0.11.4-5
I'm experimenting with a CryptoFlex eGate 32K USB token, using opensc
with the openct framework. FWIW, this device has a security officer
PIN (and separate PUK) set, as well as a single User PIN (and separate
PUK).
I generated a private key on the card, created an X.509 CSR from it,
signed the CSR with an external CA, and inserted the new certificate
with pkcs15-init --load-certificate.
Then i decided i wanted the device to carry the CA's certificate as
well (though it would not have the CA's private key). I loaded the
CA's cert with --load-certificate as well. But then pkcs15-tool
--show-certificate indicated to me that the CA's certificate was not
marked as an Authority. So i tried to delete the CA's certificate
From the device, and it failed.
Next, i tried to load the same CA's cert but as an authority
explicitly, with:
pkcs15-init --store-certificate cacert.pem --authority
This worked, but i now have 3 certificates on the card instead of 2.
Here's a verbose transcript of a subsequent attempted certificate
delete:
0 pip:~# pkcs15-tool --list-certificate
pkcs15-tool --list-certificate
X.509 Certificate [Certificate]
Flags : 2
Authority: no
Path : 3f0050154545
ID : 45
X.509 Certificate [Certificate]
Flags : 2
Authority: no
Path : 3f0050154546
ID : 46
X.509 Certificate [Certificate]
Flags : 2
Authority: yes
Path : 3f0050154547
ID : 47
0 pip:~# pkcs15-init -D cert --id 46
pkcs15-init -D cert --id 46
[pkcs15-init] iso7816.c:99:iso7816_check_sw: Incorrect parameters in the data
field
[pkcs15-init] card.c:388:sc_delete_file: returning with: Incorrect parameters
in APDU
[pkcs15-init] pkcs15-lib.c:2841:sc_pkcs15init_delete_object:
sc_pkcs15init_delete_by_path failed: -1205
[pkcs15-init] pkcs15-init.c:1213:do_delete_crypto_objects: Failed to delete
object 0: Incorrect parameters in APDU
Deleted 0 objects
Failed to delete object(s): Incorrect parameters in APDU
1 pip:~# pkcs15-init --finalize
pkcs15-init --finalize
Failed to finalizing card: Not supported
1 pip:~# pkcs15-init -D cert --id 46 --verbose --verbose
pkcs15-init -D cert --id 46 --verbose --verbose
[pkcs15-init] sc.c:196:sc_detect_card_presence: called
[pkcs15-init] reader-openct.c:204:openct_reader_detect_card_presence: called
[pkcs15-init] sc.c:201:sc_detect_card_presence: returning with: 1
Connecting to card in reader Schlumberger E-Gate...
[pkcs15-init] card.c:110:sc_connect_card: called
[pkcs15-init] reader-openct.c:228:openct_reader_connect: called
[pkcs15-init] card.c:221:sc_connect_card: card info: Cryptoflex 32K e-gate,
2002, 0x1
[pkcs15-init] card.c:222:sc_connect_card: returning with: 0
Using card driver Schlumberger Multiflex/Cryptoflex.
[pkcs15-init] reader-openct.c:420:openct_reader_lock: called
[pkcs15-init] card.c:675:sc_card_ctl: card_ctl(4) not supported
[pkcs15-init] card.c:532:sc_select_file: called; type=2, path=3f0050154946
[pkcs15-init] card.c:554:sc_select_file: returning with: 0
[pkcs15-init] pkcs15.c:706:sc_pkcs15_bind: called
[pkcs15-init] card.c:532:sc_select_file: called; type=2, path=3f002f00
[pkcs15-init] card.c:554:sc_select_file: returning with: 0
[pkcs15-init] card.c:532:sc_select_file: called; type=2, path=3f005015
[pkcs15-init] card.c:554:sc_select_file: returning with: 0
[pkcs15-init] card.c:532:sc_select_file: called; type=2, path=3f0050155031
[pkcs15-init] card.c:554:sc_select_file: returning with: 0
[pkcs15-init] pkcs15.c:623:sc_pkcs15_bind_internal: The following DFs were
found:
[pkcs15-init] pkcs15.c:633:sc_pkcs15_bind_internal: DF type 8, path
3f0050154401, index 0, count -1
[pkcs15-init] pkcs15.c:633:sc_pkcs15_bind_internal: DF type 0, path
3f0050154402, index 0, count -1
[pkcs15-init] pkcs15.c:633:sc_pkcs15_bind_internal: DF type 1, path
3f0050154403, index 0, count -1
[pkcs15-init] pkcs15.c:633:sc_pkcs15_bind_internal: DF type 4, path
3f0050154404, index 0, count -1
[pkcs15-init] card.c:532:sc_select_file: called; type=2, path=3f0050155032
[pkcs15-init] card.c:554:sc_select_file: returning with: 0
Found OpenSC Card
About to delete object(s).
[pkcs15-init] pkcs15.c:1599:sc_pkcs15_read_file: called, path=3f0050154404,
index=0, count=-1
[pkcs15-init] card.c:532:sc_select_file: called; type=2, path=3f0050154404
[pkcs15-init] card.c:554:sc_select_file: returning with: 0
[pkcs15-init] pkcs15.c:1599:sc_pkcs15_read_file: called, path=3f0050154401,
index=0, count=-1
[pkcs15-init] card.c:532:sc_select_file: called; type=2, path=3f0050154401
[pkcs15-init] card.c:554:sc_select_file: returning with: 0
[pkcs15-init] card.c:532:sc_select_file: called; type=2, path=3f005015
[pkcs15-init] card.c:554:sc_select_file: returning with: 0
[pkcs15-init] pkcs15-lib.c:3261:sc_pkcs15init_authenticate: path=3f005015, op=2
[pkcs15-init] card.c:532:sc_select_file: called; type=2, path=3f0050154546
[pkcs15-init] card.c:554:sc_select_file: returning with: 0
[pkcs15-init] pkcs15-lib.c:3261:sc_pkcs15init_authenticate: path=3f0050154546,
op=2
[pkcs15-init] card.c:383:sc_delete_file: called; type=0, path=4546
[pkcs15-init] card-flex.c:726:flex_delete_file: called
[pkcs15-init] iso7816.c:99:iso7816_check_sw: Incorrect parameters in the data
field
[pkcs15-init] card.c:388:sc_delete_file: returning with: Incorrect parameters
in APDU
[pkcs15-init] pkcs15-lib.c:2841:sc_pkcs15init_delete_object:
sc_pkcs15init_delete_by_path failed: -1205
[pkcs15-init] pkcs15-init.c:1213:do_delete_crypto_objects: Failed to delete
object 0: Incorrect parameters in APDU
Deleted 0 objects
Failed to delete object(s): Incorrect parameters in APDU
[pkcs15-init] pkcs15.c:781:sc_pkcs15_unbind: called
[pkcs15-init] reader-openct.c:445:openct_reader_unlock: called
[pkcs15-init] card.c:236:sc_disconnect_card: called
[pkcs15-init] reader-openct.c:275:openct_reader_disconnect: called
[pkcs15-init] card.c:251:sc_disconnect_card: returning with: 0
[pkcs15-init] ctx.c:738:sc_release_context: called
[pkcs15-init] reader-openct.c:178:openct_reader_release: called
[pkcs15-init] reader-openct.c:178:openct_reader_release: called
[pkcs15-init] reader-openct.c:178:openct_reader_release: called
[pkcs15-init] reader-openct.c:178:openct_reader_release: called
[pkcs15-init] reader-openct.c:178:openct_reader_release: called
[pkcs15-init] reader-openct.c:164:openct_reader_finish: called
1 pip:~#
I'm happy to provide more details, if they would be helpful.
--dkg
system info:
0 pip:~# dpkg -l opensc openct
dpkg -l opensc openct
Desired=Unknown/Install/Remove/Purge/Hold
| Status=Not/Inst/Cfg-files/Unpacked/Failed-cfg/Half-inst/trig-aWait/Trig-pend
|/ Err?=(none)/Hold/Reinst-required/X=both-problems (Status,Err: uppercase=bad)
||/ Name Version
Description
+++-====================================-====================================-========================================================================================
ii openct 0.6.14-3
middleware framework for smart card terminals
ii opensc 0.11.4-5
SmartCard utilities with support for PKCS#15 compatible cards
0 pip:~# uname -a
uname -a
Linux pip 2.6.26-1-686 #1 SMP Thu Oct 9 15:18:09 UTC 2008 i686 GNU/Linux
0 pip:~# lsusb
lsusb
Bus 005 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub
Bus 004 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub
Bus 003 Device 003: ID 0973:0001 Schlumberger e-gate Smart Card
Bus 003 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub
Bus 002 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub
Bus 001 Device 003: ID 04f2:b071 Chicony Electronics Co., Ltd
Bus 001 Device 002: ID 0951:1606 Kingston Technology
Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
0 pip:~#
pgp4zgtAwyYxm.pgp
Description: PGP signature
--- End Message ---
--- Begin Message ---
Source: opensc
Source-Version: 0.11.13-1
We believe that the bug you reported is fixed in the latest version of
opensc, which is due to be installed in the Debian FTP archive:
libopensc2-dbg_0.11.13-1_amd64.deb
to main/o/opensc/libopensc2-dbg_0.11.13-1_amd64.deb
libopensc2-dev_0.11.13-1_amd64.deb
to main/o/opensc/libopensc2-dev_0.11.13-1_amd64.deb
libopensc2_0.11.13-1_amd64.deb
to main/o/opensc/libopensc2_0.11.13-1_amd64.deb
mozilla-opensc_0.11.13-1_amd64.deb
to main/o/opensc/mozilla-opensc_0.11.13-1_amd64.deb
opensc_0.11.13-1.debian.tar.bz2
to main/o/opensc/opensc_0.11.13-1.debian.tar.bz2
opensc_0.11.13-1.dsc
to main/o/opensc/opensc_0.11.13-1.dsc
opensc_0.11.13-1_amd64.deb
to main/o/opensc/opensc_0.11.13-1_amd64.deb
opensc_0.11.13.orig.tar.gz
to main/o/opensc/opensc_0.11.13.orig.tar.gz
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Eric Dorland <[email protected]> (supplier of updated opensc package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Mon, 01 Mar 2010 00:58:01 -0500
Source: opensc
Binary: opensc libopensc2-dev libopensc2 libopensc2-dbg mozilla-opensc
Architecture: source amd64
Version: 0.11.13-1
Distribution: unstable
Urgency: low
Maintainer: Eric Dorland <[email protected]>
Changed-By: Eric Dorland <[email protected]>
Description:
libopensc2 - Smart card library with support for PKCS#15 compatible smart card
libopensc2-dbg - Debugging symbols for libopensc2
libopensc2-dev - OpenSC development files
mozilla-opensc - Mozilla plugin for authentication using OpenSC
opensc - Smart card utilities with support for PKCS#15 compatible cards
Closes: 505404 570107
Changes:
opensc (0.11.13-1) unstable; urgency=low
.
* New upstream release. (Closes: #570107, #505404)
* libtool.m4: Delete spurious libtool.m4 that was picked up somewhere.
Checksums-Sha1:
295bc44041f5685c5faf6fe2ecf2f1abf6a0b68c 1338 opensc_0.11.13-1.dsc
408b374286004c3df15ec17856f69fd4c2a1aceb 1513327 opensc_0.11.13.orig.tar.gz
eb353b21565965ff455cebd00a16be56dee85d24 9381 opensc_0.11.13-1.debian.tar.bz2
b2f1b4a979ebc40acacebb7192bc6706112b06ac 339880 opensc_0.11.13-1_amd64.deb
4bc30bd278993a7bee7637aa59e6d35e91337bcc 861034
libopensc2-dev_0.11.13-1_amd64.deb
d52543b173e1449829752e381060e390db1b855e 702870 libopensc2_0.11.13-1_amd64.deb
60f58d7d89d351951eaffff1a31ca07a6db68fcf 1392488
libopensc2-dbg_0.11.13-1_amd64.deb
c2c2617210b6c0c490859782f75d71f441acc411 191602
mozilla-opensc_0.11.13-1_amd64.deb
Checksums-Sha256:
c9f32b00bf87f23818531c89e14988d1ec3bbdd5474d964906966b831da45268 1338
opensc_0.11.13-1.dsc
a9a42d6d51fb500f34248fcd0d4083c99d25bc5e74df60fe4efa19b5b4e6d890 1513327
opensc_0.11.13.orig.tar.gz
a697830eff2648d4c75714fbfd244d7d476b436d7a48ad202674376d43dcf217 9381
opensc_0.11.13-1.debian.tar.bz2
26d8bc04f03021bab19678f9c2ac0258bdf1b4e7a146ffd0f014d0707ce18a54 339880
opensc_0.11.13-1_amd64.deb
e4624ee5e927fed9e4d39d21eb0419ff3dd317a0282e51218116c342b9645c33 861034
libopensc2-dev_0.11.13-1_amd64.deb
1a49a1402baddefe9fec963f9f237b1cffa0f1848cbe3dc20f9947a0a55a482b 702870
libopensc2_0.11.13-1_amd64.deb
05515f4d1f9abe7f00fb226cecd0314ebf798c81b229b61d134a5b41187e5130 1392488
libopensc2-dbg_0.11.13-1_amd64.deb
be351547d5173707575cb575ab7289bec791f2210a64b58a4a447ee6aa21ef99 191602
mozilla-opensc_0.11.13-1_amd64.deb
Files:
d84815308e8b8452d5a9569008a34083 1338 utils extra opensc_0.11.13-1.dsc
98fa151e947941f9c3f27420fdf47c11 1513327 utils extra opensc_0.11.13.orig.tar.gz
703ff80ed929d30158c24a701f55aa26 9381 utils extra
opensc_0.11.13-1.debian.tar.bz2
ec4862f70761dbbef679feedf5c8320d 339880 utils extra opensc_0.11.13-1_amd64.deb
15042bce48c948c4274fc92e36f85dd7 861034 libdevel optional
libopensc2-dev_0.11.13-1_amd64.deb
5987ac169bb52bc9df536f19a3a60570 702870 libs optional
libopensc2_0.11.13-1_amd64.deb
7edfaf6dcd5231d76a2e1937fc8ad5c7 1392488 debug extra
libopensc2-dbg_0.11.13-1_amd64.deb
06f434423d30810fdae100ae18faa2be 191602 web extra
mozilla-opensc_0.11.13-1_amd64.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iD8DBQFLi1t9YemOzxbZcMYRAvqAAKCQFOMPccI9Opn+74/3vg+vTzS+FQCfdL/d
B69mJstVxZOpMXeP6upQ7QE=
=r+gn
-----END PGP SIGNATURE-----
--- End Message ---
