On Wed, 2010-11-03 at 15:21 +0100, Andre Zepezauer wrote: > On Wed, 2010-11-03 at 10:48 +0100, Viktor TARASOV wrote: > > Andre Zepezauer wrote: > > > On Tue, 2010-11-02 at 21:54 +0000, Mr Dash Four wrote: > > > > > >>> Opensc-explorer shows me the content of CIAInfo.bin without > > >>> pin-verification. Does that answer your question? > > >>> > > >>> > > >> Yeah, just about. Why do you think that is? Could this be a > > >> manufacturer-related issue? > > >> > > > > > > No, that's a new bug in OpenSC. Somewhere in the framework (especially > > > in pkcs15init), the access conditions are handled the wrong way. > > > > > > > What card are you using? > > What card profile are you using? > > Can you post here the debug (=8) logs from your > > card initialization and 'create data object' sequence, please? > > > > > > With CardOS v4.3b I'm getting the expected results: > > > > # cardos-tool -f > > Using reader with a card: OmniKey CardMan 3121 00 00 > > card in administrative state, ok > > > > # pkcs15-init -E > > Using reader with a card: OmniKey CardMan 3121 00 00 > > > > # pkcs15-init -C --label "IDX-SCM" -P --auth-id 53434D --so-pin > > "12345678" --so-puk "123456" --pin "9999" --puk "8888" > > Using reader with a card: OmniKey CardMan 3121 00 00 > > > > # pkcs15-init -W ../tests/sha1.hex --label "MyLabel" --application-name > > "MyData" --application-id "1.2.3.4.5.6" --auth-id 53434D --pin "9999" > > Using reader with a card: OmniKey CardMan 3121 00 00 > > Security officer PIN [Security Officer PIN] required. > > Please enter Security officer PIN [Security Officer PIN]: > > > > # pkcs15-tool -C > > Using reader with a card: OmniKey CardMan 3121 00 00 > > Reading data object <0> > > applicationName: MyData > > Label: MyLabel > > applicationOID: 1.2.3.4.5.6 > > Path: 3f0050153403 > > Auth ID: 53434d > > > > # opensc-explorer > > OpenSC Explorer version 0.12.0-rc1 > > Using reader with a card: OmniKey CardMan 3121 00 00 > > OpenSC [3F00]> cd 5015 > > OpenSC [3F00/5015]> cat 3403 > > read failed: Security status not satisfied > > ACL for operation: CHV3 > > OpenSC [3F00/5015]> verify CHV3 39:39:39:39:00:00:00:00 > > Code correct. > > OpenSC [3F00/5015]> cat 3403 > > 00000000: 66 37 65 34 30 63 32 30 34 39 66 39 34 32 66 33 f7e40c2049f942f3 > > 00000010: 65 34 35 64 39 36 34 37 34 32 34 30 30 33 34 39 e45d964742400349 > > 00000020: 64 36 64 30 63 65 37 34 0A d6d0ce74. > > OpenSC [3F00/5015]> > > $pkcs15-init -C -c cardos -p pkcs15 --so-pin=12345678 > Unblock Code for New User PIN (Optional - press return for no PIN). > Please enter User unblocking PIN (PUK): [[return]] > > $pkcs15-init -W CIAInfo.bin --application-id "1.2.3" -l "MyObject" -a ff > Security officer PIN [Security Officer PIN] required. > Please enter Security officer PIN [Security Officer PIN]: 12345678 > > Now use opensc-explorer. Yesterday I had this working with user-pins > too. Will try to reproduce that later.
The FID of all the data objects I created was 33XX (i.e 3303, 3304). These object where all public. But at the moment I don't know how I managed to create always these objects. _______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
