Thomas Harning wrote on 09/14/06 12:17 PM:
On Wed, 13 Sep 2006 16:32:57 -0700
Iain MacDonnell <[EMAIL PROTECTED]> wrote:
Dejan Gambin wrote on 08/15/06 01:49 PM:
Hi,
I have been able to solve the problem with muscle_create_file using
the following:
- instead of calling mscfs_lookup_local(fs, file->id,
(u8*)&objectId); I have put:
objectId[0] = fs->currentPath[0];
objectId[1] = fs->currentPath[1];
objectId[2] = (file->id >> 8) & 0xFF;
objectId[3] = file->id & 0xFF;
and after that modified the call to msc_create_object to: r =
msc_create_object(card, bebytes2ulong(objectId), objectSize, read,
write, delete); If I can see, muscle_create_directory is doing the
similat thing. I don't know if this is the error but this works for
me on Windows...
Folks,
Did y'all get to the bottom of this yet? I just ran into the same
problem trying to use a MuscleCard with OpenSC (SVN trunk) on Solaris
x86. I applied Dejan's modification (above), and the "File not found"
problem went away, apparently allowing the PKCS#15 creation to
succeed:
~ % pkcs15-init --verbose --create-pkcs15 --profile pkcs15+onepin
--pin 00000000 --so-pin 00000000 --so-puk 00000000
Connecting to card in reader SCM SCR 3310 (21120519102745) 00 00...
Using card driver Muscle Card Driver.
About to create PKCS #15 meta structure.
Unspecified PIN [reference 1] required.
Please enter Unspecified PIN [reference 1]:
~ % pkcs15-tool --list-pins
PIN [User PIN]
Com. Flags: 0x3
ID : 01
Flags : [0x10], initialized
Length : min_len:4, max_len:8, stored_len:8
Pad char : 0x00
Reference : 1
Type : ascii-numeric
Path : 3f005015
~ %
Now I'm running into an issue when trying to do key-related stuff -
like generate a key-pair, or inject a PKCS#12 file:
~ % pkcs15-init -G rsa/1024 -a 01 -u digitalSignature --so-pin
00000000 --pin 00000000
unable to transmit
unable to transmit APDU
muscle.c:199:: APDU transmit failed: Transmit failed
muscle.c:225:: Error in partial object update: Transmit failed
card.c:513:: returning with: Transmit failed
Failed to generate key: Transmit failed
~ %
In the output from pcscd, I see:
commands.c:1039:() Command too long (260 bytes) for max: 253 bytes
ifdwrapper.c:735:() Card not transacted: 612
winscard.c:1481:() Card not transacted: 0x80100016
Attached is a gzipped patch that includes Dejan's fix as well as makes
the majority of the APDU's that the driver uses of a more customizable
length... As opposed to static magic numbers.
There's also some extra fixes in the PIN command code so that more
validation is made.
Please let me know if it fixes the problem... I reduced the maximum
payload by 10 bytes (255 -> 245) which should fix your problem with a
little room to spare for other reader incompatibilities.
Definitely making progress! I've been able to import a PKCS#12 file,
and see the cert and private key objects afterwards. I do see one
"File not found" message during the import, though - not sure if it
matters (see transcript below). I'll try to find a cert/key-pair that
I can actually do useful stuff with and test that next...
Thanks!
~Iain
~ % pkcs15-init -v -C --pin 00000000 --puk 00000000 --so-pin 00000000
--so-puk 00000000 -p pkcs15+onepin
Connecting to card in reader SCM SCR 3310 (21120519102745) 00 00...
Using card driver Muscle Card Driver.
About to create PKCS #15 meta structure.
Unspecified PIN [reference 1] required.
Please enter Unspecified PIN [reference 1]:
~ % pkcs15-init -v -S imtest2.p12 -f PKCS12 -a 01
Connecting to card in reader SCM SCR 3310 (21120519102745) 00 00...
Using card driver Muscle Card Driver.
Found MUSCLE
About to store private key.
error:23076071:PKCS12 routines:PKCS12_parse:mac verify failure
Please enter passphrase to unlock secret key:
Importing 1 certificates:
0: /O=.../CN=Iain MacDonnell
User PIN required.
Please enter User PIN:
muscle.c:241:: returning with: File not found
~ % pkcs15-tool --dump --pin 00000000
PKCS#15 Card [MUSCLE]:
Version : 1
Serial number : 0000
Manufacturer ID: Identity Alliance
Last update : 20060914220418Z
Flags : EID compliant
PIN [User PIN]
Com. Flags: 0x3
ID : 01
Flags : [0x10], initialized
Length : min_len:4, max_len:8, stored_len:8
Pad char : 0x00
Reference : 1
Type : ascii-numeric
Path : 3f005015
Private RSA Key [Private Key]
Com. Flags : 3
Usage : [0x10C], sign, signRecover, derive
Access Flags: [0x1D], sensitive, alwaysSensitive, neverExtract,
local
ModLength : 1024
Key ref : 0
Native : yes
Path : 3f005015
Auth ID : 01
ID : 45
X.509 Certificate [/O=.../CN=Iain MacDonnell]
Flags : 2
Authority: no
Path : 3f0050153145
ID : 45
~ % pkcs11-tool --list-objects --pin 00000000
Private Key Object; RSA
label: Private Key
ID: 45
Usage: sign
Certificate Object, type = X.509 cert
label: /O=.../CN=Iain MacDonnell
ID: 45
Public Key Object; RSA 1024 bits
label: /O=.../CN=Iain MacDonnell
ID: 45
Usage: encrypt, verify
~ %
_______________________________________________
Muscle mailing list
Muscle@lists.musclecard.com
http://lists.drizzle.com/mailman/listinfo/muscle
