Hi,
I bought IAS/ECC card from Gemalto, here are some commands to identify the
card :
*opensc-tool --reader 2 --atr*
ATR : 3B:7F:96:00:00:00:31:B8:64:40:70:14:10:73:94:01:80:82:90:00
*opensc-tool --reader 2 --name*
IAS/ECC Gemalto
*pkcs15-tool --dump*
Using reader with a card: OMNIKEY CardMan 5x21 0
PKCS#15 Card [ECC eID]:
Version : 2
Serial number : 984000001079955F
Manufacturer ID: Gemalto
Flags : Read-only, Login required
Global PIN [Card PIN]
Com. Flags: 0x2
ID : C1
Flags : [0x810], initialized, exchangeRefData
Length : min_len:4, max_len:4, stored_len:4
Pad char : 0x00
Reference : 0x1
Type : ascii-numeric
Tries left: 3
ACLs : change:<always>; verify:<always>; unlock:CHV#2;
put_data:<ne
ver>; get_data:<always>;
Global PIN [Card PUK]
Com. Flags: 0x2
ID : 02
Flags : [0x858], unblock-disabled, initialized, unblockingPin,
exchangeRefData
Length : min_len:4, max_len:4, stored_len:4
Pad char : 0x00
Reference : 0x2
Type : ascii-numeric
Tries left: 3
ACLs : change:<always>; verify:<always>; unlock:<never>;
put_data:<never>; get_data:<always>;
Local PIN [Signature PIN]
Com. Flags: 0x2
ID : 82
Flags : [0x812], local, initialized, exchangeRefData
Length : min_len:6, max_len:6, stored_len:6
Pad char : 0x00
Reference : 0x82
Type : ascii-numeric
Path : e828bd080fd2504543432d654944
Tries left: 3
ACLs : change:<always>; verify:<always>; unlock:SCB#D8;
put_data:<never>; get_data:<always>;
Local PIN [Signature PUK]
Com. Flags: 0x2
ID : 83
Flags : [0x85A], local, unblock-disabled, initialized,
unblockingPin
, exchangeRefData
Length : min_len:6, max_len:6, stored_len:6
Pad char : 0x00
Reference : 0x83
Type : ascii-numeric
Path : e828bd080fd2504543432d654944
ACLs : change:SM#83; verify:SM#83; unlock:<never>;
put_data:<never>; get_data:<always>;
Reading data object <0>
applicationName: IasEccRoot
Label: EF.SN
applicationOID: NONE
Path: F0496173456363526F6F74::d003
Auth ID:
Data Object (12 bytes): < 5A 0A 92 50 98 40 00 00 10 79 95 5F >
*pkcs15-tool.exe --list-applications*
Using reader with a card: SpringCard CSB6 Family Contact 0
ECC eID
AID: E828BD080FD2504543432D654944
DDO:
ECC Generic PKI
AID: E828BD080FD25047656E65726963
DDO:
The purpose is to store a certificate inside ECC Generic PKI through OpenSC,
in order to do Smartcard Logon to a Windows XP.
*My question :* is option "--bind-to-aid E828BD080FD25047656E65726963" the
correct option to select my 2nd application ? If so, why is this command
failing ?
pkcs15-init --generate-key rsa/1024 --auth-id 01
--bind-to-aid E828BD080FD25047656E65726963 --pin 1234 -v
Using reader with a card: SpringCard CSB6 Family Contact 0
Connecting to card in reader SpringCard CSB6 Family Contact 0...
Using card driver IAS-ECC.
Found ECC eID
About to generate key.
TODO: Check if native IAS middleware accepts the meaningfull path value.
Failed to generate key: Card command failed
Thanks for your advice !!!
Benjamin ALLEMAND
_______________________________________________
opensc-devel mailing list
[email protected]
http://www.opensc-project.org/mailman/listinfo/opensc-devel
