[opensc-devel] OpenSC 0.11.11 build
Hi! I built and tested the 0.11.11 version and the pcsc-lite stopped working. The cause is that the shared object that OpenSC tries to find is now libpcsclite.so.1, previously it was libpcsclite.so. Since I didnt have this file, pcsc stopped working. I have fixed this temporarily by making a copy of the file with the right name, and now everything works as before. Was this change intended or was this changed by mistake? Regards, Toni ___ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
Re: [opensc-devel] OpenSC 0.11.11 build
Hello, 2009/10/30 Aventra development developm...@aventra.fi: I built and tested the 0.11.11 version and the pcsc-lite stopped working. The cause is that the shared object that OpenSC tries to find is now libpcsclite.so.1, previously it was libpcsclite.so. Since I didn’t have this file, pcsc stopped working. I have fixed this temporarily by making a copy of the file with the right name, and now everything works as before. Was this change intended or was this changed by mistake? It was a mistake and has already been corrected in subversion revision 3787 http://www.opensc-project.org/opensc/changeset/3787 The default PCSC provider is now libpcsclite.so.1 instead of libpcsclite.so Bye -- Dr. Ludovic Rousseau ___ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
Re: [opensc-devel] OpenSC 0.11.11 build
Am Freitag 30 Oktober 2009 10:42:58 schrieb Aventra development: Hi! I built and tested the 0.11.11 version and the pcsc-lite stopped working. The cause is that the shared object that OpenSC tries to find is now libpcsclite.so.1, previously it was libpcsclite.so. Since I didnt have this file, pcsc stopped working. I have fixed this temporarily by making a copy of the file with the right name, and now everything works as before. on most systems it is the other way round: people always have libpcsclite.so.1 on their systems, but only those who also have the development package installed have libpcsclite.so. maybe you had the same issue earlier and renamed that file? I don't know how someone can end up with libpcsclite.so but without libpcsclite.so.1. Was this change intended or was this changed by mistake? in any case, you can edit opensc.conf and set the filename: # Use specific pcsc provider. # Default: /usr/lib/libpcsclite.so.1 # provider_library = /usr/lib/libpcsclite.so.1 Regards, Andreas ___ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
Re: [opensc-devel] OpenSC 0.11.11 build
Hi, I think this change is for debian based systems that have by default libpcsclite.so.1 and libpcsclite.so is only installed with dev package. Regards, -- Marc Rios Vallès m...@c3po.es C3PO, S.A. http://www.c3po.es C/ Alejandro Goicoechea, 6 Local 9 - 08960 St. Just Desvern, Barcelona Tel. 93 417 99 55 - Fax 93 253 12 80 On Friday 30 October 2009 10:42:58 Aventra development wrote: Hi! I built and tested the 0.11.11 version and the pcsc-lite stopped working. The cause is that the shared object that OpenSC tries to find is now libpcsclite.so.1, previously it was libpcsclite.so. Since I didnt have this file, pcsc stopped working. I have fixed this temporarily by making a copy of the file with the right name, and now everything works as before. Was this change intended or was this changed by mistake? Regards, Toni ___ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel ___ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
[opensc-devel] OpenSC can't read the cards initialized with SafeSign 3.0.20?
Hi, I am quite new to the APDU and OpenSC world. I have a GD Mobile microSD smart card that has been initialized using SafeSign 3.0.20. SafeSign/AET says that they are PKCS#15 compliant. When I try to read certificates from this card using OpenSC, I am able to see a proper listing of the certificates on the card. But when I try to list pins (or write certificates) - I run into problems. I am attaching a log for the list- pins option. It seems to be able to read the PIN and PUK fields but gets stuck in challenge- response I will be grateful if any of you can guide how to go about solving this issue. Regards, Narasayya command: pkcs15-tool.exe --list-pins - [pkcs15-tool] sc.c:196:sc_detect_card_presence: called [pkcs15-tool] reader-pcsc.c:266:refresh_slot_attributes: called [pkcs15-tool] sc.c:201:sc_detect_card_presence: returning with: 1 [pkcs15-tool] sc.c:196:sc_detect_card_presence: called [pkcs15-tool] reader-pcsc.c:266:refresh_slot_attributes: called [pkcs15-tool] sc.c:201:sc_detect_card_presence: returning with: 1 Connecting to card in reader Mobile Security Card 0001 0... [pkcs15-tool] card.c:111:sc_connect_card: called [pkcs15-tool] reader-pcsc.c:266:refresh_slot_attributes: called After connect protocol = 2 Requesting reader features ... SCardControl failed 0001 matching configured ATRs matching built-in ATRs trying driver: cardos ATR : 3b:80:80:01:01 ATR try : 3b:e2:00:ff:c1:10:31:fe:55:c8:02:9c ignored - wrong length ATR try : 3b:e9:00:ff:c1:10:31:fe:55:00:64:05:00:c8:02:31:80:00:47 ignored - wrong length ATR try : 3b:fb:98:00:ff:c1:10:31:fe:55:00:64:05:20:47:03:31:80:00:90:00:f3 ignored - wrong length ATR try : 3b:fc:98:00:ff:c1:10:31:fe:55:c8:03:49:6e:66:6f:63:61:6d:65:72:65:28 ignored - wrong length ATR try : 3b:f4:98:00:ff:c1:10:31:fe:55:4d:34:63:76:b4 ignored - wrong length ATR try : 3b:f2:18:00:ff:c1:0a:31:fe:55:c8:06:8a ignored - wrong length trying driver: cardos ATR : 3b:80:80:01:01 ATR try : 3b:e2:00:ff:c1:10:31:fe:55:c8:02:9c ignored - wrong length ATR try : 3b:e9:00:ff:c1:10:31:fe:55:00:64:05:00:c8:02:31:80:00:47 ignored - wrong length ATR try : 3b:fb:98:00:ff:c1:10:31:fe:55:00:64:05:20:47:03:31:80:00:90:00:f3 ignored - wrong length ATR try : 3b:fc:98:00:ff:c1:10:31:fe:55:c8:03:49:6e:66:6f:63:61:6d:65:72:65:28 ignored - wrong length ATR try : 3b:f4:98:00:ff:c1:10:31:fe:55:4d:34:63:76:b4 ignored - wrong length ATR try : 3b:f2:18:00:ff:c1:0a:31:fe:55:c8:06:8a ignored - wrong length trying driver: flex ATR : 3b:80:80:01:01 ATR try : 3b:95:15:40:20:68:01:02:00:00 ignored - wrong length ATR try : 3B:95:15:40:FF:68:01:02:02:01 ignored - wrong length ATR try : 3B:95:15:40:FF:68:01:02:02:04 ignored - wrong length ATR try : 3B:85:40:20:68:01:01:05:01 ignored - wrong length ATR try : 3B:95:94:40:FF:63:01:01:02:01 ignored - wrong length ATR try : 3B:95:15:40:FF:63:01:01:02:01 ignored - wrong length ATR try : 3B:95:18:40:FF:64:02:01:01:02 ignored - wrong length ATR try : 3B:95:18:40:FF:62:01:01:00:00 ignored - wrong length ATR try : 3B:95:18:40:FF:62:01:02:01:04 ignored - wrong length ATR try : 3B:95:18:40:FF:62:04:01:01:05 ignored - wrong length ATR try : 3b:95:15:40:ff:68:01:02:45:47 ignored - wrong length ATR try : 3B:E2:00:00:40:20:49:06 ignored - wrong length ATR try : 3B:E2:00:00:40:20:49:05 ignored - wrong length ATR try : 3B:E2:00:00:40:20:49:07 ignored - wrong length ATR try : 3B:85:40:20:68:01:01:03:05 ignored - wrong length ATR try : 3B:02:14:50 ignored - wrong length ATR try : 3B:19:14:55:90:01:02:01:00:05:04:B0 ignored - wrong length ATR try : 3B:32:15:00:06:80 ignored - wrong length ATR try : 3B:32:15:00:06:95 ignored - wrong length ATR try : 3B:19:14:59:01:01:0F:01:00:05:08:B0 ignored - wrong length ATR try : 3B:19:14:55:90:01:01:01:00:05:08:B0 ignored - wrong length ATR try : 3B:16:94:81:10:06:01:81:3F ignored - wrong length ATR try : 3B:16:94:81:10:06:01:81:2F ignored - wrong length trying driver: cyberflex ATR : 3b:80:80:01:01 ATR try : 3b:95:15:40:20:68:01:02:00:00 ignored - wrong length ATR try : 3B:95:15:40:FF:68:01:02:02:01 ignored - wrong length ATR try : 3B:95:15:40:FF:68:01:02:02:04 ignored - wrong length ATR try : 3B:85:40:20:68:01:01:05:01 ignored - wrong length ATR try : 3B:95:94:40:FF:63:01:01:02:01 ignored - wrong length ATR try : 3B:95:15:40:FF:63:01:01:02:01 ignored - wrong length ATR try : 3B:95:18:40:FF:64:02:01:01:02 ignored - wrong length ATR try : 3B:95:18:40:FF:62:01:01:00:00 ignored - wrong length ATR try : 3B:95:18:40:FF:62:01:02:01:04 ignored - wrong length ATR try : 3B:95:18:40:FF:62:04:01:01:05 ignored - wrong length ATR try : 3b:95:15:40:ff:68:01:02:45:47 ignored - wrong length ATR try : 3B:E2:00:00:40:20:49:06 ignored - wrong length ATR try : 3B:E2:00:00:40:20:49:05 ignored - wrong length ATR try : 3B:E2:00:00:40:20:49:07 ignored - wrong length ATR try : 3B:85:40:20:68:01:01:03:05 ignored - wrong
[opensc-devel] PKCS11 Keystore load problem
Hi, I'm trying to use opensc-Java to load a PKI SmartCard and read it to sign something. This is my test: PKCS11Provider p = new PKCS11Provider(aetpkss1.dll); KeyStore ks = KeyStore.getInstance(PKCS11, p); ks.load(null, 1234.toCharArray()); This code Works fine when the smart card doesn't contain a privateKey, but if it contains a privateKey, the following error happens: Exception in thread main org.opensc.pkcs11.wrap.PKCS11Exception: C_GetAttributeValue failed for attribute 289. (CKR_ATTRIBUTE_TYPE_INVALID) at org.opensc.pkcs11.wrap.PKCS11Object.getULongAttributeNative(Native Method) at org.opensc.pkcs11.wrap.PKCS11Object.getULongAttribute(PKCS11Object.java:10 9) at org.opensc.pkcs11.wrap.PKCS11Key.init(PKCS11Key.java:90) at org.opensc.pkcs11.wrap.PKCS11PrivateKey.init(PKCS11PrivateKey.java:57) at org.opensc.pkcs11.wrap.PKCS11NeRSAPrivateKey.init(PKCS11NeRSAPrivateKey. java:52) at org.opensc.pkcs11.wrap.PKCS11PrivateKey.makePrivateKey(PKCS11PrivateKey.ja va:89) at org.opensc.pkcs11.wrap.PKCS11PrivateKey.getPrivateKeys(PKCS11PrivateKey.ja va:124) at org.opensc.pkcs11.spi.PKCS11KeyStoreSpi.engineLoad(PKCS11KeyStoreSpi.java: 510) at org.opensc.pkcs11.spi.PKCS11KeyStoreSpi.engineLoad(PKCS11KeyStoreSpi.java: 478) at java.security.KeyStore.load(Unknown Source) Does anyone can help me? Thanks in advance. https://www.certisign.com.br/ https://www.certisign.com.br/ Kelly Hayashi Desenvolvedora Java (11) 4501 2128 Certisign Certificadora Digital certisign.com.br https://www.certisign.com.br/ image001.jpg smime.p7s Description: S/MIME cryptographic signature ___ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
Re: [opensc-devel] pkcs15 init, problem with the profile
Hello, Aventra development: Does the other drivers work when initializing a card, and is the ACL set correctly? The ACL is set correctly for Rutoken. Example (Rutoken ECP): $ pkcs15-init -E -C --so-pin 87654321 --so-puk 21 1.txt 1.txt attached See: card.c:362:sc_create_file: called; type=2, path=3f002f00, size=128 - card-rtecp.c:239:set_sec_attr_from_acl - card-rtecp.c:780:rtecp_construct_fci - card-rtecp.c:561:rtecp_create_file: returning with: 0 [pkcs15-init] ctx.c:735:sc_context_create: === [pkcs15-init] ctx.c:736:sc_context_create: opensc version: 0.11.9-svn [pkcs15-init] reader-openct.c:79:openct_reader_init: called [pkcs15-init] sc.c:196:sc_detect_card_presence: called [pkcs15-init] reader-openct.c:194:openct_reader_detect_card_presence: called [pkcs15-init] sc.c:201:sc_detect_card_presence: returning with: 1 [pkcs15-init] sc.c:196:sc_detect_card_presence: called [pkcs15-init] reader-openct.c:194:openct_reader_detect_card_presence: called [pkcs15-init] sc.c:201:sc_detect_card_presence: returning with: 1 [pkcs15-init] card.c:110:sc_connect_card: called [pkcs15-init] reader-openct.c:218:openct_reader_connect: called [pkcs15-init] card.c:140:sc_connect_card: matching configured ATRs [pkcs15-init] card.c:182:sc_connect_card: matching built-in ATRs [pkcs15-init] card.c:188:sc_connect_card: trying driver: cardos [pkcs15-init] card.c:188:sc_connect_card: trying driver: cardos [pkcs15-init] card.c:188:sc_connect_card: trying driver: flex [pkcs15-init] card.c:188:sc_connect_card: trying driver: cyberflex [pkcs15-init] card.c:188:sc_connect_card: trying driver: gpk [pkcs15-init] card.c:188:sc_connect_card: trying driver: gemsafeV1 [pkcs15-init] card-gemsafeV1.c:120:gemsafe_match_card: called [pkcs15-init] card.c:188:sc_connect_card: trying driver: miocos [pkcs15-init] card.c:188:sc_connect_card: trying driver: mcrd [pkcs15-init] card.c:188:sc_connect_card: trying driver: asepcos [pkcs15-init] card.c:188:sc_connect_card: trying driver: setcos [pkcs15-init] card.c:285:sc_lock: called [pkcs15-init] reader-openct.c:410:openct_reader_lock: called [pkcs15-init] card.c:312:sc_unlock: called [pkcs15-init] reader-openct.c:437:openct_reader_unlock: called [pkcs15-init] card.c:188:sc_connect_card: trying driver: starcos [pkcs15-init] card.c:188:sc_connect_card: trying driver: tcos [pkcs15-init] card.c:188:sc_connect_card: trying driver: openpgp [pkcs15-init] card.c:188:sc_connect_card: trying driver: jcop [pkcs15-init] card.c:188:sc_connect_card: trying driver: oberthur [pkcs15-init] card.c:188:sc_connect_card: trying driver: belpic [pkcs15-init] card.c:188:sc_connect_card: trying driver: atrust-acos [pkcs15-init] card.c:188:sc_connect_card: trying driver: muscle [pkcs15-init] card.c:285:sc_lock: called [pkcs15-init] reader-openct.c:410:openct_reader_lock: called [pkcs15-init] card.c:312:sc_unlock: called [pkcs15-init] reader-openct.c:437:openct_reader_unlock: called [pkcs15-init] muscle.c:276:msc_select_applet: returning with: -1200 [pkcs15-init] card.c:188:sc_connect_card: trying driver: incrypto34 [pkcs15-init] card.c:188:sc_connect_card: trying driver: piv [pkcs15-init] card-piv.c:1769:piv_match_card: called [pkcs15-init] card-piv.c:493:piv_find_aid: called [pkcs15-init] card.c:285:sc_lock: called [pkcs15-init] reader-openct.c:410:openct_reader_lock: called [pkcs15-init] card.c:312:sc_unlock: called [pkcs15-init] reader-openct.c:437:openct_reader_unlock: called [pkcs15-init] iso7816.c:99:iso7816_check_sw: Function not supported [pkcs15-init] card.c:285:sc_lock: called [pkcs15-init] reader-openct.c:410:openct_reader_lock: called [pkcs15-init] card.c:312:sc_unlock: called [pkcs15-init] reader-openct.c:437:openct_reader_unlock: called [pkcs15-init] iso7816.c:99:iso7816_check_sw: Function not supported [pkcs15-init] card-piv.c:576:piv_find_aid: returning with: -1208 [pkcs15-init] card.c:188:sc_connect_card: trying driver: acos5 [pkcs15-init] card.c:188:sc_connect_card: trying driver: akis [pkcs15-init] card.c:188:sc_connect_card: trying driver: entersafe [pkcs15-init] card-entersafe.c:101:entersafe_match_card: called [pkcs15-init] card.c:188:sc_connect_card: trying driver: rutoken [pkcs15-init] card-rutoken.c:129:rutoken_match_card: called [pkcs15-init] card-rutoken.c:135:rutoken_match_card: returning with: 0 [pkcs15-init] card.c:188:sc_connect_card: trying driver: rutoken_ecp [pkcs15-init] card-rtecp.c:50:rtecp_match_card: returning with: 1 [pkcs15-init] card.c:196:sc_connect_card: matched: Rutoken ECP driver [pkcs15-init] card-rtecp.c:83:rtecp_init: returning with: 0 [pkcs15-init] card.c:221:sc_connect_card: card info: Rutoken ECP card, 0, 0x0 [pkcs15-init] card.c:222:sc_connect_card: returning with: 0 [pkcs15-init] card.c:285:sc_lock: called [pkcs15-init] reader-openct.c:410:openct_reader_lock: called [pkcs15-init] card.c:668:sc_card_ctl: called [pkcs15-init] card.c:675:sc_card_ctl: card_ctl(4) not supported [pkcs15-init] card.c:532:sc_select_file: called; type=2,
Re: [opensc-devel] OpenSC 0.11.11 released today
Johannes Becker kirjoitti: Hello, when configuring OpenSC 0.11.11 under Debian lenny and squeeze I get PC/SC support: no NSPlugin support:no I have installed libpcsclite-dev (Version: 1.4.102-1) What else do I need? By the way: opensc doesn't work as it comes with Debian squeeze pcsc_scan detects reader and card, but opensc-tool doesn't find the reader. Same in Ubuntu 9.10 (64 bit). There seems to be a missing symbolic link. This helped me: sudo ln -s /lib/libpcsclite.so.1.0.0 /usr/lib/libpcsclite.so.1 btw, I think *some* reader support (either pcsclite or opensc) should be on by default and there should be some warning if no reader support is configured. These could save a lot of time from the newcomers.. Hannu Regards Johannes ___ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel smime.p7s Description: S/MIME Cryptographic Signature ___ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
Re: [opensc-devel] OpenSC 0.11.11 released today
Moi Hannu, On 29.10.2009, at 19:46, Hannu Kotipalo wrote: btw, I think *some* reader support (either pcsclite or opensc) should be on by default and there should be some warning if no reader support is configured. These could save a lot of time from the newcomers.. Well, CT-API is built in but it always requires configuration, so it really doesn't matter. OpenSC comes by default on most distros with support for both PC/SC and OpenCT. libccid and openct on .deb systems should conflict each other, because they both grab CCID devices which can cause confusion and troubles (as seen on list) Thanks, -- Martin Paljak http://martin.paljak.pri.ee +372.515.6495 ___ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
Re: [opensc-devel] SVN how to
can you try again? it works for me here (linux, ubuntu 9.04, subversion). or maybe you are using a web proxy that is causing problems? or some firewall/filter/transparent proxy that causes problems? in that case try https instead of http. Good luck! Regards, Andreas ___ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
Re: [opensc-devel] OpenSC 0.11.11 released today
On Thu, Oct 29, 2009 at 7:46 PM, Hannu Kotipalo ha...@kotipalo.fi wrote: btw, I think *some* reader support (either pcsclite or opensc) should be on by default and there should be some warning if no reader support is configured. These could save a lot of time from the newcomers.. If you build the package configure it to whatever you want. One defaults is bad for others. If you don't know what to place, look at your favorite distribution pre-packaged configuration. Alon. ___ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
