hello all, I found errors in running certutil -scinfo 1) Can't open the AT_SIGNATURE key for reader 2) Can't open the At_KEYEXCHANGE key for reader 3) Cannot open the key for reader
A pops dialog show .." A smart card was detected but is not the one required for the current operation. The smart card you are using may be missing required driver software or a required certificate". i can view the certificate in mozilla web browser. to minidrive everything 1) I configure the registry as per minidriver-westcost.reg 2) I configure the opensc-minidriver.inf and change the device ID according to the historical atr bytes 3) install the inf accordingly what else should i do.? On Wed, Jul 4, 2012 at 6:20 PM, Viktor Tarasov <viktor.tara...@gmail.com> wrote: > Hello, > > Le 04/07/2012 03:16, Galoh Haron a écrit : >> I guess i need to clarify the question on pkcs#15 emulator again. >> >> 1) I have created pkcs15-thecard.c and work on sc_pks15emu-thecard_init_ex >> 2) With some code's modification, the command of opensc-tool -i, >> opensc-tool -a opensc -s work. >> 3) Any other steps missing for the emulator to work or perhaps a tiny miny >> write up for developers to work on the emulator ? > > > I would start from implementing the card driver with the basic > 'sc_card_operations' handlers > and testing all the stuff with the opensc-explorer . > > Then make a list of the pre-existing objects (PINs, Pub/Priv keys, certs, > data) that you wish to see exposed with the libopensc/pkcs15 API as the > PKCS#15 objects. > > After that take as example some existing emulator to see how to prepare data > before calling the 'sc_pkcs15emu_add_**' functions > and host to register your 'init_ex' procedure in pkcs15-syn.c . > > Then your can start the testing with the pkcs15-* tools, and finally > minidriver. > > >> >> I am trying to get the minidriver to work with the pkcs#15 emulator. >> Thank you. > > Kind regards, > Viktor. > > >> >> On Mon, Jul 2, 2012 at 10:11 PM, Galoh Haron <grha...@gmail.com >> <mailto:grha...@gmail.com>> wrote: >> >> Hello, >> >> I am trying to emulate a non pkcs#15 smart card with no support for MF >> selection. >> How to test the emulation works? >> Because when i tried to run command pkcs15-tool -r 00, i received >> "Certificate read failed: Invalid ASN.1 object" >> >> Based on the log, >> >> 2012-07-02 22:06:20.293 [pkcs15-tool] >> reader-pcsc.c:176:pcsc_internal_transmit: called >> 2012-07-02 22:06:20.340 >> Incoming APDU data [ 17 bytes] ===================================== >> 84 E4 6C BA 08 7C 97 35 05 07 F1 DA 37 4E B2 90 ..l..|.5....7N.. >> 00 . >> ====================================================================== >> 2012-07-02 22:06:20.340 [pkcs15-tool] card.c:330:sc_unlock: called >> 2012-07-02 22:06:20.340 [pkcs15-tool] card-mykad.c:506:mykad_check_sw: >> called >> 2012-07-02 22:06:20.340 certificate size is 1035 >> 2012-07-02 22:06:20.340 called, left=1031, depth 0 >> 2012-07-02 22:06:20.340 Looking for 'tbsCertificate', tag 0x1000010 >> 2012-07-02 22:06:20.340 decoding 'tbsCertificate' >> 2012-07-02 22:06:20.340 called, left=880, depth 1 >> 2012-07-02 22:06:20.340 Looking for 'version', tag 0x21000000, OPTIONAL >> 2012-07-02 22:06:20.340 decoding 'version' >> 2012-07-02 22:06:20.340 called, left=3, depth 2 >> 2012-07-02 22:06:20.340 Looking for 'version', tag 0x2 >> 2012-07-02 22:06:20.340 decoding 'version' >> 2012-07-02 22:06:20.340 decoding 'version' returned 2 >> 2012-07-02 22:06:20.340 [pkcs15-tool] asn1.c:1394:asn1_decode: returning >> with: 0 (Success) >> 2012-07-02 22:06:20.340 Looking for 'serialNumber', tag 0x2 >> 2012-07-02 22:06:20.340 decoding 'serialNumber' >> 2012-07-02 22:06:20.340 Looking for 'signature', tag 0x1000010 >> 2012-07-02 22:06:20.340 decoding 'signature' >> 2012-07-02 22:06:20.340 Looking for 'issuer', tag 0x1000010 >> 2012-07-02 22:06:20.340 decoding 'issuer' >> 2012-07-02 22:06:20.340 Looking for 'validity', tag 0x1000010 >> 2012-07-02 22:06:20.340 decoding 'validity' >> 2012-07-02 22:06:20.340 Looking for 'subject', tag 0x1000010 >> 2012-07-02 22:06:20.340 decoding 'subject' >> 2012-07-02 22:06:20.340 Looking for 'subjectPublicKeyInfo', tag 0x1000010 >> 2012-07-02 22:06:20.340 decoding 'subjectPublicKeyInfo' >> 2012-07-02 22:06:20.340 sc_pkcs15_pubkey_from_spki 013C1CEF:157 >> 2012-07-02 22:06:20.340 called, left=157, depth 0 >> 2012-07-02 22:06:20.340 Looking for 'algorithm', tag 0x1000010 >> 2012-07-02 22:06:20.340 decoding 'algorithm' >> 2012-07-02 22:06:20.340 called, left=13, depth 1 >> 2012-07-02 22:06:20.340 Looking for 'algorithm', tag 0x6 >> 2012-07-02 22:06:20.340 decoding 'algorithm' >> 2012-07-02 22:06:20.340 Looking for 'nullParam', tag 0x5, OPTIONAL >> 2012-07-02 22:06:20.340 decoding 'nullParam' >> 2012-07-02 22:06:20.340 [pkcs15-tool] asn1.c:1394:asn1_decode: returning >> with: 0 (Success) >> 2012-07-02 22:06:20.340 Looking for 'subjectPublicKey', tag 0x3 >> 2012-07-02 22:06:20.340 decoding 'subjectPublicKey' >> 2012-07-02 22:06:20.340 [pkcs15-tool] asn1.c:1394:asn1_decode: returning >> with: 0 (Success) >> 2012-07-02 22:06:20.340 DEE pk_alg.algorithm=0 >> 2012-07-02 22:06:20.340 called, left=138, depth 0 >> 2012-07-02 22:06:20.340 Looking for 'publicKeyCoefficients', tag >> 0x1000010, OPTIONAL >> 2012-07-02 22:06:20.340 decoding 'publicKeyCoefficients' >> 2012-07-02 22:06:20.340 called, left=135, depth 1 >> 2012-07-02 22:06:20.340 Looking for 'modulus', tag 0x2 >> 2012-07-02 22:06:20.340 decoding 'modulus' >> 2012-07-02 22:06:20.340 Looking for 'exponent', tag 0x2 >> 2012-07-02 22:06:20.340 decoding 'exponent' >> 2012-07-02 22:06:20.340 [pkcs15-tool] asn1.c:1394:asn1_decode: returning >> with: 0 (Success) >> 2012-07-02 22:06:20.340 [pkcs15-tool] asn1.c:1394:asn1_decode: returning >> with: 0 (Success) >> 2012-07-02 22:06:20.340 Looking for 'extensions', tag 0x21000003, >> OPTIONAL >> 2012-07-02 22:06:20.340 decoding 'extensions' >> 2012-07-02 22:06:20.340 called, left=328, depth 2 >> 2012-07-02 22:06:20.340 Looking for 'x509v3', tag 0x1000010, OPTIONAL >> 2012-07-02 22:06:20.340 decoding 'x509v3' >> 2012-07-02 22:06:20.340 called, left=324, depth 3 >> 2012-07-02 22:06:20.340 Looking for 'certificatePolicies', tag >> 0x1000010, OPTIONAL >> 2012-07-02 22:06:20.340 decoding 'certificatePolicies' >> 2012-07-02 22:06:20.340 Looking for 'subjectKeyIdentifier', tag >> 0x1000010, OPTIONAL >> 2012-07-02 22:06:20.340 decoding 'subjectKeyIdentifier' >> 2012-07-02 22:06:20.340 Looking for 'crlDistributionPoints', tag >> 0x1000010, OPTIONAL >> 2012-07-02 22:06:20.340 decoding 'crlDistributionPoints' >> 2012-07-02 22:06:20.340 Looking for 'authorityKeyIdentifier', tag >> 0x1000010, OPTIONAL >> 2012-07-02 22:06:20.340 decoding 'authorityKeyIdentifier' >> 2012-07-02 22:06:20.340 Looking for 'keyUsage', tag 0x1000010, OPTIONAL >> 2012-07-02 22:06:20.340 decoding 'keyUsage' >> 2012-07-02 22:06:20.340 [pkcs15-tool] asn1.c:1394:asn1_decode: returning >> with: 0 (Success) >> 2012-07-02 22:06:20.340 [pkcs15-tool] asn1.c:1394:asn1_decode: returning >> with: 0 (Success) >> 2012-07-02 22:06:20.340 [pkcs15-tool] asn1.c:1394:asn1_decode: returning >> with: 0 (Success) >> 2012-07-02 22:06:20.340 Looking for 'signatureAlgorithm', tag 0x1000010 >> 2012-07-02 22:06:20.340 decoding 'signatureAlgorithm' >> 2012-07-02 22:06:20.340 called, left=13, depth 1 >> 2012-07-02 22:06:20.340 Looking for 'algorithm', tag 0x6 >> 2012-07-02 22:06:20.340 decoding 'algorithm' >> 2012-07-02 22:06:20.340 Looking for 'nullParam', tag 0x5, OPTIONAL >> 2012-07-02 22:06:20.340 decoding 'nullParam' >> 2012-07-02 22:06:20.340 [pkcs15-tool] asn1.c:1394:asn1_decode: returning >> with: 0 (Success) >> 2012-07-02 22:06:20.340 Looking for 'signatureValue', tag 0x3 >> 2012-07-02 22:06:20.340 decoding 'signatureValue' >> 2012-07-02 22:06:20.340 [pkcs15-tool] asn1.c:1394:asn1_decode: returning >> with: 0 (Success) >> 2012-07-02 22:06:20.340 encoding 'serialNumber' >> 2012-07-02 22:06:20.340 type=4, tag=0x02, parm=013C0380, len=16 >> 2012-07-02 22:06:20.340 length of encoded item=18 >> 2012-07-02 22:06:20.340 [pkcs15-tool] card.c:330:sc_unlock: called >> 2012-07-02 22:06:20.340 [pkcs15-tool] pkcs15.c:959:sc_pkcs15_bind: >> returning with: 0 (Success) >> 2012-07-02 22:06:20.340 [pkcs15-tool] >> pkcs15-cert.c:156:sc_pkcs15_read_certificate: called >> 2012-07-02 22:06:20.340 X.509 certificate not found >> 2012-07-02 22:06:20.340 [pkcs15-tool] pkcs15.c:969:sc_pkcs15_unbind: >> called >> 2012-07-02 22:06:20.340 [pkcs15-tool] >> pkcs15-pin.c:596:sc_pkcs15_pincache_clear: called >> 2012-07-02 22:06:20.340 [pkcs15-tool] card.c:330:sc_unlock: called >> 2012-07-02 22:06:20.340 [pkcs15-tool] reader-pcsc.c:548:pcsc_unlock: >> called >> 2012-07-02 22:06:20.340 [pkcs15-tool] card.c:242:sc_disconnect_card: >> called >> 2012-07-02 22:06:20.340 [pkcs15-tool] reader-pcsc.c:498:pcsc_disconnect: >> called >> 2012-07-02 22:06:20.542 [pkcs15-tool] card.c:258:sc_disconnect_card: >> returning with: 0 (Success) >> 2012-07-02 22:06:20.542 [pkcs15-tool] ctx.c:738:sc_release_context: >> called >> 2012-07-02 22:06:20.542 [pkcs15-tool] reader-pcsc.c:736:pcsc_finish: >> called >> >> Obviously I can't used the sc_pkcs15_read_certificate. My card does not >> support pkcs15. >> Or did i misunderstand the whole pkcs#15 emulator concept? >> >> -galoh >> >> >> >> _______________________________________________ >> opensc-devel mailing list >> opensc-devel@lists.opensc-project.org >> http://www.opensc-project.org/mailman/listinfo/opensc-devel > _______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel