Hi, short summary for those following my discussions with marc (we had some private mails in german):
* cardos-info has a card serial * libsiecap has a serial from a file "2f02", as far as I know not a pkcs#15 file (can someone confirm this)? * in pkcs#15 the serial should be in the token info file 5032. but that file has an empty serial in there. * token info is protected by two pins, I guess pin1 and so-pin, so it could be fixed. it also contains 16 unused bytes 00, so the size is not an issue: 3f0050155032 type: wEF, ef structure: transpnt, size: 295 read[NONE] update[CHV116 CHV115] write[CHV116] erase[NEVR] rehab[NEVR] inval[NEVR] sec: 00:74:FF:FF:FF:74:73 prop: 01 * the certificate files on his cards are unprotected for read,write,update, so opensc should be able to write them. 3f00501543044301 type: wEF, ef structure: transpnt, size: 1477 read[NONE] update[NONE] write[NONE] erase[NEVR] rehab[NEVR] inval[NEVR] sec: 00:00:FF:FF:FF:00:00 prop: 00 * but the directory is unprotected for creating files: 3f0050154304 type: DF, size: 128 select[N/A] lock[NEVR] delete[NEVR] create[NONE] rehab[NEVR] inval[NEVR] list[N/A] sec: 00:FF:FF:FF:FF:FF:73:00:00 prop: 01:21:88 so opensc should be able to create files, right? * cert directory file is cDF 4404 and it is pin protected: 3f0050154404 type: wEF, ef structure: linvar(TLV), size: 1024 read[NONE] update[CHV115] write[NEVR] erase[NONE] rehab[NEVR] inval[NEVR] sec: 00:00:00:FF:FF:FF:73 prop: 01 so opensc should be able to update this, too. using "onepin-opensc-pkcs11.so" was wrong in my opinion (5 pin objects, 3 public keys, 3 private keys, 5 certs on the card), so he should use opensc- pkcs11.so. so I have no clue why he cant overwrite or create new certificates, but it should be possible to do that. a debug file might show us what is wrong. 3f0050154404 type: wEF, ef structure: linvar(TLV), size: 1024 read[NONE] update[CHV115] write[NEVR] erase[NONE] rehab[NEVR] inval[NEVR] sec: 00:00:00:FF:FF:FF:73 prop: 01 the serial problem is a siemens bug or a problem related to sigG structures? fixing the situation should be possible with a small program. Regards, Andreas _______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel