Hello, On Sep 14, 2010, at 12:28 PM, jons...@terra.es wrote: > Now that my DNIe has died [1] I'm trying to get dni code to be aware of this > situation. > > ¿What's the standard way to tell libopensc that a card has been invalidated?, > that is: the card is recognized, > but cannot operate with it because manipulation detected, too many pin entry > errors, or so > > Not sure on other cards, but DNIe mark this situation by mean of change on > ATR status code from 03 90 00 to > 0F 65 81 (Memory error). Not sure what to do if detected this situation: > > - The actual code: do not recognize the card as to be handled by the module > - Recognize the card, but return error (¿What is the proper error code?) on > any requested operation
There are two questions: 1) How to handle it internally (libopensc, tools) 2) How to expose it to applications (PKCS#11) The former requires you to detect the situation (note that normal card matching based on ATR can fail now, you need to match the card but then fail on init) and return a proper error code in dnie_init. There is no error code to signal "card is blocked/damaged/unusable-by-policy". For your "corrupt memory" SC_ERROR_MEMORY_FAILURE might be used. For PKCS#11, there is CKR_TOKEN_NOT_RECOGNIZED and CKR_DEVICE_ERROR. SC_ERROR_MEMORY_FAILURE is probably translated to CKR_DEVICE_ERROR. Very card specific diagnostics is not implemented in generic tools. One option might be to create another dnie-tool that would show some specifics of the card with dnie-tool --info -- Martin Paljak @martinpaljak.net +3725156495 _______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
