On Sun, 2012-02-26 at 19:15 -0500, Andy Walls wrote:
> Anthony Foiani <anthony.foi...@gmail.com> wrote:
>
> >Greetings!
> >
> >I found your message from last fall on the OpenSC devel list:
> >
> >http://www.opensc-project.org/pipermail/opensc-devel/2011-October/017307.html
> >
> >Have you been able to make any progress with this token?
> >
> >I'm in a similar situation, if not more extreme: I would like to
> >support
> >this on an embedded non-x86 target (PowerPC32). So I get to deal with
> >big
> >vs. little endian, on top of everything else.
> >
> >Anyway. If you've made any progress, I'd be very interested to hear
> >about
> >it.
> >
> >Best regards,
> >Anthony Foiani
>
>
> I added basic support for the embedded "card reader" but did nothing
> for the actual embedded "smart card". I got very busy and didn't have
> time to pursue it.
>
> I will post a patch to the list in a day or so.
>
> Regards,
> Andy
As promised here is the patch to OpenCT. It is a simple modified copy
of an OpenCT IFD for another iKey token.
This IFD does just enough to recognize the token and get it initialized.
It also has routines for sending and receiving payloads that should be
T=1 TPDUs (Control Pipe transactions with URBs that perfrom Vendor
Writes with bRequest = 23 (0x17) and Vendor Reads with bRequest = 1
(0x1)). It doesn't do anything fancy like control the LED or actively
reset the reader/device (URBs with Vendor Write and bRequest = 22
(0x16)).
I also have some decoded USB snoops with notes added which may help with
development. I'll clean those up and post them it someone needs them.
Regards,
Andy
--- openct-0.6.18/src/ifd/internal.h.orig 2011-10-30 14:56:04.296516475
-0400
+++ openct-0.6.18/src/ifd/internal.h 2011-10-30 14:56:20.494978740 -0400
@@ -129,6 +129,7 @@ extern void ifd_eutron_register(void);
extern void ifd_gempc_register(void);
extern void ifd_ikey2k_register(void);
extern void ifd_ikey3k_register(void);
+extern void ifd_ikey4k_register(void);
extern void ifd_kaan_register(void);
extern void ifd_pertosmart_ac1030_register(void);
extern void ifd_pertosmart_ac1038_register(void);
--- openct-0.6.18/src/ifd/init.c.orig 2011-10-30 14:55:21.480516407 -0400
+++ openct-0.6.18/src/ifd/init.c 2011-10-30 14:55:38.277391367 -0400
@@ -34,6 +34,7 @@ int ifd_init(void)
ifd_gempc_register();
ifd_ikey2k_register();
ifd_ikey3k_register();
+ ifd_ikey4k_register();
ifd_kaan_register();
ifd_pertosmart_ac1030_register();
ifd_pertosmart_ac1038_register();
--- openct-0.6.18/src/ifd/Makefile.am.orig 2011-10-30 14:46:42.989393044
-0400
+++ openct-0.6.18/src/ifd/Makefile.am 2011-10-30 14:48:32.921052120 -0400
@@ -13,7 +13,7 @@ libifd_la_SOURCES = \
ifd-etoken.c ifd-etoken64.c ifd-eutron.c ifd-gempc.c ifd-ikey2k.c \
ifd-ikey3k.c ifd-kaan.c ifd-pertosmart1030.c ifd-pertosmart1038.c \
ifd-smartboard.c ifd-smph.c ifd-starkey.c ifd-towitoko.c cardman.h \
- ifd-cyberjack.c ifd-rutoken.c ifd-epass3k.c \
+ ifd-cyberjack.c ifd-rutoken.c ifd-epass3k.c ifd-ikey4k.c \
\
proto-gbp.c proto-sync.c proto-t0.c proto-t1.c \
proto-trans.c proto-escape.c \
--- openct-0.6.18/src/ifd/Makefile.in.orig 2011-10-30 14:46:51.866517905
-0400
+++ openct-0.6.18/src/ifd/Makefile.in 2011-10-30 14:52:14.350540529 -0400
@@ -71,6 +71,7 @@ am_libifd_la_OBJECTS = libifd_la-apdu.lo
libifd_la-ifd-smph.lo libifd_la-ifd-starkey.lo \
libifd_la-ifd-towitoko.lo libifd_la-ifd-cyberjack.lo \
libifd_la-ifd-rutoken.lo libifd_la-ifd-epass3k.lo \
+ libifd_la-ifd-ikey4k.lo \
libifd_la-proto-gbp.lo libifd_la-proto-sync.lo \
libifd_la-proto-t0.lo libifd_la-proto-t1.lo \
libifd_la-proto-trans.lo libifd_la-proto-escape.lo \
@@ -272,7 +273,7 @@ libifd_la_SOURCES = \
ifd-etoken.c ifd-etoken64.c ifd-eutron.c ifd-gempc.c ifd-ikey2k.c \
ifd-ikey3k.c ifd-kaan.c ifd-pertosmart1030.c ifd-pertosmart1038.c \
ifd-smartboard.c ifd-smph.c ifd-starkey.c ifd-towitoko.c cardman.h \
- ifd-cyberjack.c ifd-rutoken.c ifd-epass3k.c \
+ ifd-cyberjack.c ifd-rutoken.c ifd-epass3k.c ifd-ikey4k.c \
\
proto-gbp.c proto-sync.c proto-t0.c proto-t1.c \
proto-trans.c proto-escape.c \
@@ -409,6 +410,7 @@ distclean-compile:
@AMDEP_TRUE@@am__include@
@am__quote@./$(DEPDIR)/libifd_la-ifd-gempc.Plo@am__quote@
@AMDEP_TRUE@@am__include@
@am__quote@./$(DEPDIR)/libifd_la-ifd-ikey2k.Plo@am__quote@
@AMDEP_TRUE@@am__include@
@am__quote@./$(DEPDIR)/libifd_la-ifd-ikey3k.Plo@am__quote@
+@AMDEP_TRUE@@am__include@
@am__quote@./$(DEPDIR)/libifd_la-ifd-ikey4k.Plo@am__quote@
@AMDEP_TRUE@@am__include@
@am__quote@./$(DEPDIR)/libifd_la-ifd-kaan.Plo@am__quote@
@AMDEP_TRUE@@am__include@
@am__quote@./$(DEPDIR)/libifd_la-ifd-pertosmart1030.Plo@am__quote@
@AMDEP_TRUE@@am__include@
@am__quote@./$(DEPDIR)/libifd_la-ifd-pertosmart1038.Plo@am__quote@
@@ -682,6 +684,13 @@ libifd_la-ifd-ikey3k.lo: ifd-ikey3k.c
@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE)
$(depcomp) @AMDEPBACKSLASH@
@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS)
--mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS)
$(CPPFLAGS) $(libifd_la_CFLAGS) $(CFLAGS) -c -o libifd_la-ifd-ikey3k.lo `test
-f 'ifd-ikey3k.c' || echo '$(srcdir)/'`ifd-ikey3k.c
+libifd_la-ifd-ikey4k.lo: ifd-ikey4k.c
+@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS)
--mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS)
$(CPPFLAGS) $(libifd_la_CFLAGS) $(CFLAGS) -MT libifd_la-ifd-ikey4k.lo -MD -MP
-MF $(DEPDIR)/libifd_la-ifd-ikey4k.Tpo -c -o libifd_la-ifd-ikey4k.lo `test -f
'ifd-ikey4k.c' || echo '$(srcdir)/'`ifd-ikey4k.c
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/libifd_la-ifd-ikey4k.Tpo
$(DEPDIR)/libifd_la-ifd-ikey4k.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='ifd-ikey4k.c'
object='libifd_la-ifd-ikey4k.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE)
$(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS)
--mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS)
$(CPPFLAGS) $(libifd_la_CFLAGS) $(CFLAGS) -c -o libifd_la-ifd-ikey4k.lo `test
-f 'ifd-ikey4k.c' || echo '$(srcdir)/'`ifd-ikey4k.c
+
libifd_la-ifd-kaan.lo: ifd-kaan.c
@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS)
--mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS)
$(CPPFLAGS) $(libifd_la_CFLAGS) $(CFLAGS) -MT libifd_la-ifd-kaan.lo -MD -MP -MF
$(DEPDIR)/libifd_la-ifd-kaan.Tpo -c -o libifd_la-ifd-kaan.lo `test -f
'ifd-kaan.c' || echo '$(srcdir)/'`ifd-kaan.c
@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/libifd_la-ifd-kaan.Tpo
$(DEPDIR)/libifd_la-ifd-kaan.Plo
--- openct-0.6.18/src/ifd/ifd-ikey4k.c.orig 2011-10-30 14:46:21.127394309
-0400
+++ openct-0.6.18/src/ifd/ifd-ikey4k.c 2011-10-30 14:43:58.298393989 -0400
@@ -0,0 +1,181 @@
+/*
+ * driver for SafeNet iKey 4000 devices
+ *
+ * Copyright (C) 2003, Andreas Jellinghaus <a...@dungeon.inka.de>
+ * Copyright (C) 2003, Olaf Kirch <o...@suse.de>
+ * Copyright (C) 2011, Andy Walls <awa...@md.metrocast.net>
+ */
+
+#include "internal.h"
+#include <stdlib.h>
+#include <string.h>
+
+/*
+ * Initialize the device
+ */
+static int ikey4k_open(ifd_reader_t * reader, const char *device_name)
+{
+ ifd_device_t *dev;
+ ifd_device_params_t params;
+
+ reader->name = "SafeNet iKey 4000";
+ reader->nslots = 1;
+ if (!(dev = ifd_device_open(device_name)))
+ return -1;
+ if (ifd_device_type(dev) != IFD_DEVICE_TYPE_USB) {
+ ct_error("ikey4k: device %s is not a USB device", device_name);
+ ifd_device_close(dev);
+ return -1;
+ }
+
+ params = dev->settings;
+ params.usb.interface = 0;
+ if (ifd_device_set_parameters(dev, ¶ms) < 0) {
+ ct_error("ikey4k: setting parameters failed", device_name);
+ ifd_device_close(dev);
+ return -1;
+ }
+
+ reader->device = dev;
+
+ return 0;
+}
+
+/*
+ * Power up the reader
+ */
+static int ikey4k_activate(ifd_reader_t * reader)
+{
+ return 0;
+}
+
+static int ikey4k_deactivate(ifd_reader_t * reader)
+{
+ return -1;
+}
+
+/*
+ * Card status - always present
+ */
+static int ikey4k_card_status(ifd_reader_t * reader, int slot, int *status)
+{
+ *status = IFD_CARD_PRESENT;
+ return 0;
+}
+
+/*
+ * Reset - nothing to be done?
+ * We should do something to make it come back with all state zapped
+ */
+static int ikey4k_card_reset(ifd_reader_t * reader, int slot, void *atr,
+ size_t size)
+{
+ ifd_device_t *dev = reader->device;
+ unsigned char buffer[256];
+ int rc, n, atrlen;
+
+ unsigned char expect5[] =
+ { 0x13, 0x68, 0x01, 0x10, 0x2d, 0x2d, 0xc0, 0x81, 0x84, 0x60 };
+ unsigned char expect11[] = { 0xff, 0x11, 0x11, 0xff };
+
+ if (ifd_usb_control(dev, 0xc1, 0x00, 0, 0, buffer, 0x40, -1) != 0x40
+ || memcmp(buffer, expect5, sizeof(expect5)) != 0
+ || ifd_usb_control(dev, 0x41, 0x16, 0, 0, buffer, 00, -1) != 0
+ || ifd_usb_control(dev, 0xc1, 0x01, 0, 0, buffer, 02, -1) != 1
+ || buffer[0] != 00)
+ goto failed;
+
+ rc = ifd_usb_control(dev, 0x41, 0x16, 0x2005, 0, buffer, 0, 1000);
+ if (rc < 0)
+ goto failed;
+
+ rc = ifd_usb_control(dev, 0xc1, 0x01, 0, 0, buffer, 0x20, 1000);
+ if (rc <= 0)
+ goto failed;
+
+ n = buffer[0];
+ if (n + 1 > rc)
+ goto failed;
+ if (n > IFD_MAX_ATR_LEN)
+ goto failed;
+
+ if (n > size)
+ n = size;
+ atrlen = n;
+ memcpy(atr, buffer + 1, atrlen);
+
+ if (ifd_usb_control(dev, 0x41, 0x16, 0x0002, 0, buffer, 0, -1) != 0
+ || ifd_usb_control(dev, 0xc1, 0x01, 0, 0, buffer, 04, -1) != 4
+ || memcmp(buffer, expect11, sizeof(expect11)) != 0)
+ goto failed;
+
+ return atrlen;
+
+ failed:
+ ct_error("ikey4k: failed to activate token");
+ return -1;
+}
+
+/*
+ * Select a protocol. We override this function to be able to set the T=1 IFSC
+ */
+static int ikey4k_set_protocol(ifd_reader_t * reader, int nslot, int proto)
+{
+ ifd_slot_t *slot = &reader->slot[nslot];
+ int r;
+
+ if (!(slot->proto = ifd_protocol_new(proto, reader, slot->dad)))
+ return -1;
+
+ if (proto == IFD_PROTOCOL_T1) {
+ r = ifd_protocol_set_parameter(slot->proto,
+ IFD_PROTOCOL_T1_IFSC, 256);
+ if (r < 0)
+ return r;
+ }
+
+ return 0;
+}
+
+/*
+ * Send/receive routines
+ */
+static int ikey4k_send(ifd_reader_t * reader, unsigned int dad,
+ const unsigned char *buffer, size_t len)
+{
+ int value, idx;
+ value = buffer[1] << 8 | buffer[0];
+ idx = buffer[3] << 8 | buffer[2];
+
+ return ifd_usb_control(reader->device, 0x41, 0x17, value, idx,
+ (void *)&buffer[4], len - 4, -1);
+}
+
+static int ikey4k_recv(ifd_reader_t * reader, unsigned int dad,
+ unsigned char *buffer, size_t len, long timeout)
+{
+ return ifd_usb_control(reader->device, 0xc1, 0x01, 0, 0,
+ buffer, 255, timeout);
+}
+
+/*
+ * Driver operations
+ */
+static struct ifd_driver_ops ikey4k_driver;
+
+/*
+ * Initialize this module
+ */
+void ifd_ikey4k_register(void)
+{
+ ikey4k_driver.open = ikey4k_open;
+ ikey4k_driver.activate = ikey4k_activate;
+ ikey4k_driver.deactivate = ikey4k_deactivate;
+ ikey4k_driver.card_status = ikey4k_card_status;
+ ikey4k_driver.card_reset = ikey4k_card_reset;
+ ikey4k_driver.set_protocol = ikey4k_set_protocol;
+ ikey4k_driver.send = ikey4k_send;
+ ikey4k_driver.recv = ikey4k_recv;
+
+ ifd_driver_register("ikey4k", &ikey4k_driver);
+}
--- openct-0.6.18/solaris/openct.conf-dist.orig 2011-10-30 15:21:39.992516476
-0400
+++ openct-0.6.18/solaris/openct.conf-dist 2011-10-30 15:24:04.737518540
-0400
@@ -52,6 +52,11 @@ driver ikey3k {
usb:04b9/1300,
};
};
+driver ikey4k {
+ ids = {
+ usb:04b9/1206,
+ };
+};
driver cardman {
ids = {
usb:076b/0596, # OMNIKEY CardMan 2020
--- openct-0.6.18/etc/openct.usermap.orig 2011-10-30 15:26:00.430391387
-0400
+++ openct-0.6.18/etc/openct.usermap 2011-10-30 15:29:38.238391017 -0400
@@ -18,6 +18,8 @@ openct 0x0003 0x073d 0x0005
openct 0x0003 0x04b9 0x1200 0x0000 0x0000
0x00 0x00 0x00 0x00 0x00
0x00 0x00000000
# ikey3k
openct 0x0003 0x04b9 0x1300 0x0000 0x0000
0x00 0x00 0x00 0x00 0x00
0x00 0x00000000
+# ikey4k
+openct 0x0003 0x04b9 0x1206 0x0000 0x0000
0x00 0x00 0x00 0x00 0x00
0x00 0x00000000
# starkey
openct 0x0003 0x096e 0x0005 0x0000 0x0000
0x00 0x00 0x00 0x00 0x00
0x00 0x00000000
# cardman
--- openct-0.6.18/etc/openct.udev.in.orig 2011-10-30 15:25:38.213391328
-0400
+++ openct-0.6.18/etc/openct.udev.in 2011-10-30 15:27:44.555394434 -0400
@@ -38,6 +38,8 @@ SYSFS{idVendor}=="073d", SYSFS{idProduct
SYSFS{idVendor}=="04b9", SYSFS{idProduct}=="1200", RUN+="@udevdir@/openct_usb"
# ikey3k
SYSFS{idVendor}=="04b9", SYSFS{idProduct}=="1300", RUN+="@udevdir@/openct_usb"
+# ikey4k
+SYSFS{idVendor}=="04b9", SYSFS{idProduct}=="1206", RUN+="@udevdir@/openct_usb"
# starkey
SYSFS{idVendor}=="096e", SYSFS{idProduct}=="0005", RUN+="@udevdir@/openct_usb"
# cardman
--- openct-0.6.18/etc/openct.conf.in.orig 2011-10-30 15:25:26.162516480
-0400
+++ openct-0.6.18/etc/openct.conf.in 2011-10-30 15:26:49.781540842 -0400
@@ -98,6 +98,11 @@ driver ikey3k {
usb:04b9/1300,
};
};
+driver ikey4k {
+ ids = {
+ usb:04b9/1206,
+ };
+};
driver starkey {
ids = {
usb:096e/0005,
--- openct-0.6.18/etc/openct.udev.modalias.in.orig 2011-10-30
15:25:52.214391522 -0400
+++ openct-0.6.18/etc/openct.udev.modalias.in 2011-10-30 15:28:23.123428697
-0400
@@ -27,6 +27,8 @@ ENV{MODALIAS}=="usb:v073Dp0005*", RUN+="
ENV{MODALIAS}=="usb:v04B9p1200*", RUN+="@udevdir@/openct_usb"
# ikey3k
ENV{MODALIAS}=="usb:v04B9p1300*", RUN+="@udevdir@/openct_usb"
+# ikey4k
+ENV{MODALIAS}=="usb:v04B9p1206*", RUN+="@udevdir@/openct_usb"
# starkey
ENV{MODALIAS}=="usb:v096Ep0005*", RUN+="@udevdir@/openct_usb"
# cardman
_______________________________________________
opensc-devel mailing list
opensc-devel@lists.opensc-project.org
http://www.opensc-project.org/mailman/listinfo/opensc-devel
