Hi Persival! On this years LinuxTag in Wiesbaden, Germany, Aladdin donated two eTokens to me and I tried to do exactly what you are asking for, namely writing a PKCS15-emulation for the Aladdin proprietary file layout.
Writing the source is relatively simple, just have a look at one of the existing pkcs15-????.c files. The hard part is reverse engineering the token. You must find out where the keys and certs are and by what security mechanisms they are protected. Of course you can ask Aladdin and they will tell you - but only after signing a NDA. I used an USB-sniffer instead :-). Unfortunately the login-process uses some sort of challenge-response mechanism (GET CHALLENGE command followed by EXTERNAL AUTH) So far I have absolutely no idea how to compute the response from a given challenge. I do know where the certs and keys are, and I do know all APDUs that are necessary. So the response-computation is the only missing information. If someone has this missing piece of information - please let me know. Peter _______________________________________________________________________ Viren-Scan für Ihren PC! Jetzt für jeden. Sofort, online und kostenlos. Gleich testen! http://www.pc-sicherheit.web.de/freescan/?mc=022222 _______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
