As you know, I've been working last 4 month with people at Cenatic[1] in two areas:
1- Maintenance[2] of DGP's DNIe GPL OpenSC driver in synch with OpenSC
trunk and releases (0.11.13 and 0.12.0). At this moment Cenatic
repository contains an up-to-date, working driver under LGPL license.
In fact, the Police website points[8] to Cenatic pages.
2- Development[3] of a new, written from scratch LGPL driver, intended
to be integrated into OpenSC mainstream. This work has reached public
testing beta stage, that is: driver compiles, works, and passes all
my tests, but need still some bug hunting and code reworking to make
it a "real" OpenSC card driver
Today, OpenDNIe code has successfully passed all my tests, including:
- OpenSC commandline tools checks
- Certificate and signature verification at Official DNIe validation
website[9]
- Digital signature and signature validation for OpenOffice documents
It has been tested in Fedora 13 and 14 (32 bits)
There are still some items that needs to take care on:
- Code stability and quality
* Pass the beta stage and get it as close as possible to zero
(known) bugs
* Define the tests process required to be accepted by DGP and OpenSC
* I've found some driver locks in Fedora 14. Driver seems to freeze 30
seconds, and then restart without any noticed problem.
Fedora 13 does not show this problem, so I suspect any pcsc-lite or
libccid problem (Andreas?)
* Pass (again) valgrind and clang checks. Look for memory leaks
- Legal revision of the code
* Certification issues
* License issues. Checks against Official DGP driver looking for
LGPL/GPL conflicts or undocummented code
* Specific DNIe user-interface requirements (i18n,user consent)
* Recopilatory of Manuals, development diary[7], references and
code sources
- Coding style and docs
* Debugging and trace points
* Indentation to openSC style
* In-code documentation and Manuals
* HOWTO's for properly setup
- Requirements to get integration with OpenSC mainstream
* Patches to mainstream to add dnie driver and SM wrapping
* Porting some common code from dnie files to opensc
* DNIe "particularities" ("user consent" popup, SM, OpenSSL)
* Discussion on the best way to integrate every SM based cards
* Move the repository from Cenatic SVN to OpenSC git
I'm really happy and proud with this adventure. And I'm sure
that the results will be pleasant for All.
Some technical data: DNIe LGPL driver consists in 5 files and some
glue code:
- card-dnie.c: DNIe Card Driver (read-only, no pkcs15-init data)
- cwa14890.c: Driver independent implementation of Sections 8 and 9
of CWA-14890-1 Standard for Secure Messaging
- cwa14890.h: Declaration of a "cwa provider API", to interface card
drivers with cwa vendor independent code
- cwa-dnie.c: DNIe data provider (local IFD auth) for cwa14890.h API
- pkcs15-dnie: pkcs15 emulation layer. Thanks to André Zepezauer for
help
- Glue code to add DNIe card driver to OpenSC
- A patch in sc_transmit_apdu() to allow wrapping for SM code,
if requested in card_operations data structure
Code is available and up to date at Cenatic SVN repository
(Snapshot synced to OpenSC SVN r5192)
http://forja.cenatic.es/frs/download.php/1153/opensc-opendnie-0.12.1-svn.tar.gz
(SVN repository)
svn checkout
https://svn.forge.morfeo-project.org/opendnie/opensc-opendnie
Cheers
Juan Antonio Martínez
[1] http://opendnie.cenatic.es/
[2] http://forja.cenatic.es/frs/?group_id=160
[3] http://forja.cenatic.es/scm/?group_id=160
[4] http://www.opensc-project.org/mailman/listinfo/opensc-devel
[5] http://www.kriptopolis.org/identidad
[6] http://fosdem.org/2011/
[7] https://forja.cenatic.es/developer/diary.php?diary_user=5382
[8] http://www.dnielectronico.es/seccion_integradores/recursos.html
[9] http://www.dnielectronico.es/como_utilizar_el_dnie/verificar.html
( and many other links :-)
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
