Re: [opensc-devel] Java and pkcs11

2011-08-12 Thread Andreas Schwier (ML)
The latest OCF package at [1] has support for smartcardio - so if you
need more than just the APDU interface.

Andreas

[1] http://www.openscdp.org/ocf/download.html

Am 12.08.2011 12:11, schrieb resoli - libero:
 Il giorno mer, 10/08/2011 alle 08.36 +0200, NdK ha scritto:
 On 09/08/2011 20:48, Vlastimil Pavicek wrote:
 I haven't read the whole thread, but you might find this library useful (it 
 is easier to use than JNI/JNA):
 http://jce.iaik.tugraz.at/sic/Products/Core-Crypto-Toolkits/PKCS-11-Wrapper
 Tks.
 Found last night. It's used by j4sign[1] that targets multiple 
 platforms. By its own it seems it's not enough, but it have to be used 
 in parallel with the OCF wrapper (for card detection).
 I'm the main developer of j4sign; as someone already suggested,
 smartcardio is better suited at the moment for interfacing pcsc
 directly.

 j4sign will switch soon to smartcardio .

 bye,
 Roberto Resoli
 I'll have to dig better...

 [1] http://j4sign.sourceforge.net/index.html

 BYtE,
   Diego.

 ___
 opensc-devel mailing list
 opensc-devel@lists.opensc-project.org
 http://www.opensc-project.org/mailman/listinfo/opensc-devel

___
opensc-devel mailing list
opensc-devel@lists.opensc-project.org
http://www.opensc-project.org/mailman/listinfo/opensc-devel


[opensc-devel] Cryptotech Setcos card signing problem

2011-08-12 Thread TMS Brokers / Łukasz Kościesza
Hi all,

I'm trying to sign a file using compiled from sources opensc 12.2.
Card is manufactured by Cryptotech and it has setcos 4.1.1 on board.
The card was initialized by www.sigillum.plhttp://www.sigillum.pl company.
Even though PIN is fine and there are no failures in the card reading process I 
keep on receiving: Security status not satisfied, after sending portion of data 
for signing.
Can anyone point me to some solution?

Here is the part of the logs which I guess is relevant:

0xb7b1d6c0 13:35:27.314 [opensc-pkcs11] 
framework-pkcs15.c:2630:pkcs15_prkey_sign: Initiating signing operation, 
mechanism 0x1.
0xb7b1d6c0 13:35:27.314 [opensc-pkcs11] card.c:292:sc_lock: called
0xb7b1d6c0 13:35:27.314 [opensc-pkcs11] reader-pcsc.c:511:pcsc_lock: called
0xb7b1d6c0 13:35:27.314 [opensc-pkcs11] 
framework-pkcs15.c:3611:reselect_app_df: reselect application df
0xb7b1d6c0 13:35:27.314 [opensc-pkcs11] card.c:571:sc_select_file: called; 
type=2, path=3f00de00
0xb7b1d6c0 13:35:27.314 [opensc-pkcs11] apdu.c:525:sc_transmit_apdu: called
0xb7b1d6c0 13:35:27.314 [opensc-pkcs11] card.c:292:sc_lock: called
0xb7b1d6c0 13:35:27.314 [opensc-pkcs11] reader-pcsc.c:243:pcsc_transmit: reader 
'ACS ACR38U 00 00'
0xb7b1d6c0 13:35:27.314 [opensc-pkcs11] apdu.c:184:sc_apdu_log:
Outgoing APDU data [7 bytes] =
00 A4 08 00 02 DE 00 ...
==
0xb7b1d6c0 13:35:27.314 [opensc-pkcs11] 
reader-pcsc.c:176:pcsc_internal_transmit: called
0xb7b1d6c0 13:35:27.363 [opensc-pkcs11] apdu.c:184:sc_apdu_log:
Incoming APDU data [2 bytes] =
61 2D a-
==
0xb7b1d6c0 13:35:27.363 [opensc-pkcs11] card.c:330:sc_unlock: called
0xb7b1d6c0 13:35:27.363 [opensc-pkcs11] iso7816.c:481:iso7816_select_file: 
returning with: 0 (Success)
0xb7b1d6c0 13:35:27.363 [opensc-pkcs11] card.c:597:sc_select_file: returning 
with: 0 (Success)
0xb7b1d6c0 13:35:27.363 [opensc-pkcs11] 
framework-pkcs15.c:2710:pkcs15_prkey_sign: Selected flags 12. Now computing 
signature for 3 bytes. 512 bytes reserved.
0xb7b1d6c0 13:35:27.363 [opensc-pkcs11] 
pkcs15-sec.c:190:sc_pkcs15_compute_signature: called
0xb7b1d6c0 13:35:27.363 [opensc-pkcs11] 
pkcs15-sec.c:191:sc_pkcs15_compute_signature: security operation flags 0x12
0xb7b1d6c0 13:35:27.363 [opensc-pkcs11] 
pkcs15-sec.c:273:sc_pkcs15_compute_signature: supported algorithm flags 
0x8033, private key usage 0x26
0xb7b1d6c0 13:35:27.363 [opensc-pkcs11] padding.c:273:sc_get_encoding_flags: 
called
0xb7b1d6c0 13:35:27.363 [opensc-pkcs11] padding.c:277:sc_get_encoding_flags: 
iFlags 0x12, card capabilities 0x8033
0xb7b1d6c0 13:35:27.363 [opensc-pkcs11] padding.c:306:sc_get_encoding_flags: 
pad flags 0x10, secure algorithm flags 0x2
0xb7b1d6c0 13:35:27.363 [opensc-pkcs11] padding.c:307:sc_get_encoding_flags: 
returning with: 0 (Success)
0xb7b1d6c0 13:35:27.363 [opensc-pkcs11] 
pkcs15-sec.c:324:sc_pkcs15_compute_signature: DEE flags:0x0012 
alg_info-flags:0x8033 pad:0x0010 sec:0x0002
0xb7b1d6c0 13:35:27.363 [opensc-pkcs11] padding.c:232:sc_pkcs1_encode: called
0xb7b1d6c0 13:35:27.363 [opensc-pkcs11] padding.c:236:sc_pkcs1_encode: hash 
algorithm 0x10, pad algorithm 0x0
0xb7b1d6c0 13:35:27.363 [opensc-pkcs11] padding.c:255:sc_pkcs1_encode: 
returning with: 0 (Success)
0xb7b1d6c0 13:35:27.363 [opensc-pkcs11] card.c:292:sc_lock: called
0xb7b1d6c0 13:35:27.363 [opensc-pkcs11] pkcs15-sec.c:42:select_key_file: called
0xb7b1d6c0 13:35:27.363 [opensc-pkcs11] card.c:571:sc_select_file: called; 
type=2, path=3f00df01efd5
0xb7b1d6c0 13:35:27.363 [opensc-pkcs11] apdu.c:525:sc_transmit_apdu: called
0xb7b1d6c0 13:35:27.363 [opensc-pkcs11] card.c:292:sc_lock: called
0xb7b1d6c0 13:35:27.363 [opensc-pkcs11] reader-pcsc.c:243:pcsc_transmit: reader 
'ACS ACR38U 00 00'
0xb7b1d6c0 13:35:27.363 [opensc-pkcs11] apdu.c:184:sc_apdu_log:
Outgoing APDU data [9 bytes] =
00 A4 08 00 04 DF 01 EF D5 .
==
0xb7b1d6c0 13:35:27.363 [opensc-pkcs11] 
reader-pcsc.c:176:pcsc_internal_transmit: called
0xb7b1d6c0 13:35:27.419 [opensc-pkcs11] apdu.c:184:sc_apdu_log:
Incoming APDU data [2 bytes] =
61 25 a%
==
0xb7b1d6c0 13:35:27.419 [opensc-pkcs11] card.c:330:sc_unlock: called
0xb7b1d6c0 13:35:27.419 [opensc-pkcs11] iso7816.c:481:iso7816_select_file: 
returning with: 0 (Success)
0xb7b1d6c0 13:35:27.419 [opensc-pkcs11] card.c:597:sc_select_file: returning 
with: 0 (Success)
0xb7b1d6c0 13:35:27.419 [opensc-pkcs11] pkcs15-sec.c:68:select_key_file: 
returning with: 0 (Success)
0xb7b1d6c0 13:35:27.419 [opensc-pkcs11] sec.c:66:sc_set_security_env: called
0xb7b1d6c0 13:35:27.419 [opensc-pkcs11] apdu.c:525:sc_transmit_apdu: called

Re: [opensc-devel] Cryptotech Setcos card signing problem

2011-08-12 Thread Douglas E. Engert
It looks like you did not logon to the card.

Did the program ever ask for the pin?

What program are you using?


On 8/12/2011 7:05 AM, TMS Brokers / Łukasz Kościesza wrote:
 Hi all,

 I’m trying to sign a file using compiled from sources opensc 12.2.

 Card is manufactured by Cryptotech and it has setcos 4.1.1 on board.

 The card was initialized by www.sigillum.pl http://www.sigillum.pl company.

 Even though PIN is fine and there are no failures in the card reading process 
 I keep on receiving: Security status not satisfied, after sending portion of 
 data for signing.

 Can anyone point me to some solution?

 Here is the part of the logs which I guess is relevant:

 0xb7b1d6c0 13:35:27.314 [opensc-pkcs11] 
 framework-pkcs15.c:2630:pkcs15_prkey_sign: Initiating signing operation, 
 mechanism 0x1.

 0xb7b1d6c0 13:35:27.314 [opensc-pkcs11] card.c:292:sc_lock: called

 0xb7b1d6c0 13:35:27.314 [opensc-pkcs11] reader-pcsc.c:511:pcsc_lock: called

 0xb7b1d6c0 13:35:27.314 [opensc-pkcs11] 
 framework-pkcs15.c:3611:reselect_app_df: reselect application df

 0xb7b1d6c0 13:35:27.314 [opensc-pkcs11] card.c:571:sc_select_file: called; 
 type=2, path=3f00de00

 0xb7b1d6c0 13:35:27.314 [opensc-pkcs11] apdu.c:525:sc_transmit_apdu: called

 0xb7b1d6c0 13:35:27.314 [opensc-pkcs11] card.c:292:sc_lock: called

 0xb7b1d6c0 13:35:27.314 [opensc-pkcs11] reader-pcsc.c:243:pcsc_transmit: 
 reader 'ACS ACR38U 00 00'

 0xb7b1d6c0 13:35:27.314 [opensc-pkcs11] apdu.c:184:sc_apdu_log:

 Outgoing APDU data [7 bytes] =

 00 A4 08 00 02 DE 00 ...

 ==

 0xb7b1d6c0 13:35:27.314 [opensc-pkcs11] 
 reader-pcsc.c:176:pcsc_internal_transmit: called

 0xb7b1d6c0 13:35:27.363 [opensc-pkcs11] apdu.c:184:sc_apdu_log:

 Incoming APDU data [2 bytes] =

 61 2D a-

 ==

 0xb7b1d6c0 13:35:27.363 [opensc-pkcs11] card.c:330:sc_unlock: called

 0xb7b1d6c0 13:35:27.363 [opensc-pkcs11] iso7816.c:481:iso7816_select_file: 
 returning with: 0 (Success)

 0xb7b1d6c0 13:35:27.363 [opensc-pkcs11] card.c:597:sc_select_file: returning 
 with: 0 (Success)

 0xb7b1d6c0 13:35:27.363 [opensc-pkcs11] 
 framework-pkcs15.c:2710:pkcs15_prkey_sign: Selected flags 12. Now computing 
 signature for 3 bytes. 512 bytes reserved.

 0xb7b1d6c0 13:35:27.363 [opensc-pkcs11] 
 pkcs15-sec.c:190:sc_pkcs15_compute_signature: called

 0xb7b1d6c0 13:35:27.363 [opensc-pkcs11] 
 pkcs15-sec.c:191:sc_pkcs15_compute_signature: security operation flags 0x12

 0xb7b1d6c0 13:35:27.363 [opensc-pkcs11] 
 pkcs15-sec.c:273:sc_pkcs15_compute_signature: supported algorithm flags 
 0x8033, private key usage 0x26

 0xb7b1d6c0 13:35:27.363 [opensc-pkcs11] padding.c:273:sc_get_encoding_flags: 
 called

 0xb7b1d6c0 13:35:27.363 [opensc-pkcs11] padding.c:277:sc_get_encoding_flags: 
 iFlags 0x12, card capabilities 0x8033

 0xb7b1d6c0 13:35:27.363 [opensc-pkcs11] padding.c:306:sc_get_encoding_flags: 
 pad flags 0x10, secure algorithm flags 0x2

 0xb7b1d6c0 13:35:27.363 [opensc-pkcs11] padding.c:307:sc_get_encoding_flags: 
 returning with: 0 (Success)

 0xb7b1d6c0 13:35:27.363 [opensc-pkcs11] 
 pkcs15-sec.c:324:sc_pkcs15_compute_signature: DEE flags:0x0012 
 alg_info-flags:0x8033 pad:0x0010 sec:0x0002

 0xb7b1d6c0 13:35:27.363 [opensc-pkcs11] padding.c:232:sc_pkcs1_encode: called

 0xb7b1d6c0 13:35:27.363 [opensc-pkcs11] padding.c:236:sc_pkcs1_encode: hash 
 algorithm 0x10, pad algorithm 0x0

 0xb7b1d6c0 13:35:27.363 [opensc-pkcs11] padding.c:255:sc_pkcs1_encode: 
 returning with: 0 (Success)

 0xb7b1d6c0 13:35:27.363 [opensc-pkcs11] card.c:292:sc_lock: called

 0xb7b1d6c0 13:35:27.363 [opensc-pkcs11] pkcs15-sec.c:42:select_key_file: 
 called

 0xb7b1d6c0 13:35:27.363 [opensc-pkcs11] card.c:571:sc_select_file: called; 
 type=2, path=3f00df01efd5

 0xb7b1d6c0 13:35:27.363 [opensc-pkcs11] apdu.c:525:sc_transmit_apdu: called

 0xb7b1d6c0 13:35:27.363 [opensc-pkcs11] card.c:292:sc_lock: called

 0xb7b1d6c0 13:35:27.363 [opensc-pkcs11] reader-pcsc.c:243:pcsc_transmit: 
 reader 'ACS ACR38U 00 00'

 0xb7b1d6c0 13:35:27.363 [opensc-pkcs11] apdu.c:184:sc_apdu_log:

 Outgoing APDU data [9 bytes] =

 00 A4 08 00 04 DF 01 EF D5 .

 ==

 0xb7b1d6c0 13:35:27.363 [opensc-pkcs11] 
 reader-pcsc.c:176:pcsc_internal_transmit: called

 0xb7b1d6c0 13:35:27.419 [opensc-pkcs11] apdu.c:184:sc_apdu_log:

 Incoming APDU data [2 bytes] =

 61 25 a%

 ==

 0xb7b1d6c0 13:35:27.419 [opensc-pkcs11] card.c:330:sc_unlock: called

 0xb7b1d6c0 13:35:27.419 [opensc-pkcs11] iso7816.c:481:iso7816_select_file: 
 returning with: 0 (Success)

 0xb7b1d6c0 13:35:27.419 [opensc-pkcs11] 

Re: [opensc-devel] Cryptotech Setcos card signing problem

2011-08-12 Thread TMS Brokers / Łukasz Kościesza
I use pkcs11-tool
pkcs11-tool --module /usr/lib/opensc-pkcs11.so --sign --slot 1 -m RSA-PKCS 
--input-file file.txt  --output-file signature.txt --pin my_pin

It's sending the PIN to the card (I can see it in APDU log a little bit earlier 
in logs).
If I enter wrong PIN it's failing, so it also checks the PIN.

-Original Message-
From: opensc-devel-boun...@lists.opensc-project.org 
[mailto:opensc-devel-boun...@lists.opensc-project.org] On Behalf Of Douglas E. 
Engert
Sent: Friday, August 12, 2011 3:39 PM
To: opensc-devel@lists.opensc-project.org
Subject: Re: [opensc-devel] Cryptotech Setcos card signing problem

It looks like you did not logon to the card.

Did the program ever ask for the pin?

What program are you using?


On 8/12/2011 7:05 AM, TMS Brokers / Łukasz Kościesza wrote:
 Hi all,

 I’m trying to sign a file using compiled from sources opensc 12.2.

 Card is manufactured by Cryptotech and it has setcos 4.1.1 on board.

 The card was initialized by www.sigillum.pl http://www.sigillum.pl company.

 Even though PIN is fine and there are no failures in the card reading process 
 I keep on receiving: Security status not satisfied, after sending portion of 
 data for signing.

 Can anyone point me to some solution?

 Here is the part of the logs which I guess is relevant:

 0xb7b1d6c0 13:35:27.314 [opensc-pkcs11] 
 framework-pkcs15.c:2630:pkcs15_prkey_sign: Initiating signing operation, 
 mechanism 0x1.

 0xb7b1d6c0 13:35:27.314 [opensc-pkcs11] card.c:292:sc_lock: called

 0xb7b1d6c0 13:35:27.314 [opensc-pkcs11] reader-pcsc.c:511:pcsc_lock: called

 0xb7b1d6c0 13:35:27.314 [opensc-pkcs11] 
 framework-pkcs15.c:3611:reselect_app_df: reselect application df

 0xb7b1d6c0 13:35:27.314 [opensc-pkcs11] card.c:571:sc_select_file: called; 
 type=2, path=3f00de00

 0xb7b1d6c0 13:35:27.314 [opensc-pkcs11] apdu.c:525:sc_transmit_apdu: called

 0xb7b1d6c0 13:35:27.314 [opensc-pkcs11] card.c:292:sc_lock: called

 0xb7b1d6c0 13:35:27.314 [opensc-pkcs11] reader-pcsc.c:243:pcsc_transmit: 
 reader 'ACS ACR38U 00 00'

 0xb7b1d6c0 13:35:27.314 [opensc-pkcs11] apdu.c:184:sc_apdu_log:

 Outgoing APDU data [7 bytes] =

 00 A4 08 00 02 DE 00 ...

 ==

 0xb7b1d6c0 13:35:27.314 [opensc-pkcs11] 
 reader-pcsc.c:176:pcsc_internal_transmit: called

 0xb7b1d6c0 13:35:27.363 [opensc-pkcs11] apdu.c:184:sc_apdu_log:

 Incoming APDU data [2 bytes] =

 61 2D a-

 ==

 0xb7b1d6c0 13:35:27.363 [opensc-pkcs11] card.c:330:sc_unlock: called

 0xb7b1d6c0 13:35:27.363 [opensc-pkcs11] iso7816.c:481:iso7816_select_file: 
 returning with: 0 (Success)

 0xb7b1d6c0 13:35:27.363 [opensc-pkcs11] card.c:597:sc_select_file: returning 
 with: 0 (Success)

 0xb7b1d6c0 13:35:27.363 [opensc-pkcs11] 
 framework-pkcs15.c:2710:pkcs15_prkey_sign: Selected flags 12. Now computing 
 signature for 3 bytes. 512 bytes reserved.

 0xb7b1d6c0 13:35:27.363 [opensc-pkcs11] 
 pkcs15-sec.c:190:sc_pkcs15_compute_signature: called

 0xb7b1d6c0 13:35:27.363 [opensc-pkcs11] 
 pkcs15-sec.c:191:sc_pkcs15_compute_signature: security operation flags 0x12

 0xb7b1d6c0 13:35:27.363 [opensc-pkcs11] 
 pkcs15-sec.c:273:sc_pkcs15_compute_signature: supported algorithm flags 
 0x8033, private key usage 0x26

 0xb7b1d6c0 13:35:27.363 [opensc-pkcs11] padding.c:273:sc_get_encoding_flags: 
 called

 0xb7b1d6c0 13:35:27.363 [opensc-pkcs11] padding.c:277:sc_get_encoding_flags: 
 iFlags 0x12, card capabilities 0x8033

 0xb7b1d6c0 13:35:27.363 [opensc-pkcs11] padding.c:306:sc_get_encoding_flags: 
 pad flags 0x10, secure algorithm flags 0x2

 0xb7b1d6c0 13:35:27.363 [opensc-pkcs11] padding.c:307:sc_get_encoding_flags: 
 returning with: 0 (Success)

 0xb7b1d6c0 13:35:27.363 [opensc-pkcs11] 
 pkcs15-sec.c:324:sc_pkcs15_compute_signature: DEE flags:0x0012 
 alg_info-flags:0x8033 pad:0x0010 sec:0x0002

 0xb7b1d6c0 13:35:27.363 [opensc-pkcs11] padding.c:232:sc_pkcs1_encode: called

 0xb7b1d6c0 13:35:27.363 [opensc-pkcs11] padding.c:236:sc_pkcs1_encode: hash 
 algorithm 0x10, pad algorithm 0x0

 0xb7b1d6c0 13:35:27.363 [opensc-pkcs11] padding.c:255:sc_pkcs1_encode: 
 returning with: 0 (Success)

 0xb7b1d6c0 13:35:27.363 [opensc-pkcs11] card.c:292:sc_lock: called

 0xb7b1d6c0 13:35:27.363 [opensc-pkcs11] pkcs15-sec.c:42:select_key_file: 
 called

 0xb7b1d6c0 13:35:27.363 [opensc-pkcs11] card.c:571:sc_select_file: called; 
 type=2, path=3f00df01efd5

 0xb7b1d6c0 13:35:27.363 [opensc-pkcs11] apdu.c:525:sc_transmit_apdu: called

 0xb7b1d6c0 13:35:27.363 [opensc-pkcs11] card.c:292:sc_lock: called

 0xb7b1d6c0 13:35:27.363 [opensc-pkcs11] reader-pcsc.c:243:pcsc_transmit: 
 reader 'ACS ACR38U 00 00'

 0xb7b1d6c0 13:35:27.363 [opensc-pkcs11] apdu.c:184:sc_apdu_log:

 Outgoing APDU data [9 bytes] =

 00 A4 08 00 04 DF 01 

Re: [opensc-devel] Cryptotech Setcos card signing problem

2011-08-12 Thread Douglas E. Engert
Developers,
Could this be a card that is enforcing user_consent. i.e. 
CKA_ALWAYS_AUTHENTICATIE
and the pkcs11-tool is not doing this?

The one card I know that does enforce it (newewr PIV cards), requires the sign
operation to be preceeded immediatley by the presentation of the pin.

Łukasz,
  Can you look at your trace and see if any other operations are sent to the 
card between these too?


On 8/12/2011 8:51 AM, TMS Brokers / Łukasz Kościesza wrote:
 I use pkcs11-tool
 pkcs11-tool --module /usr/lib/opensc-pkcs11.so --sign --slot 1 -m RSA-PKCS 
 --input-file file.txt  --output-file signature.txt --pin my_pin

 It's sending the PIN to the card (I can see it in APDU log a little bit 
 earlier in logs).
 If I enter wrong PIN it's failing, so it also checks the PIN.

 -Original Message-
 From: opensc-devel-boun...@lists.opensc-project.org 
 [mailto:opensc-devel-boun...@lists.opensc-project.org] On Behalf Of Douglas 
 E. Engert
 Sent: Friday, August 12, 2011 3:39 PM
 To: opensc-devel@lists.opensc-project.org
 Subject: Re: [opensc-devel] Cryptotech Setcos card signing problem

 It looks like you did not logon to the card.

 Did the program ever ask for the pin?

 What program are you using?


 On 8/12/2011 7:05 AM, TMS Brokers / Łukasz Kościesza wrote:
 Hi all,

 I’m trying to sign a file using compiled from sources opensc 12.2.

 Card is manufactured by Cryptotech and it has setcos 4.1.1 on board.

 The card was initialized by www.sigillum.plhttp://www.sigillum.pl  company.

 Even though PIN is fine and there are no failures in the card reading 
 process I keep on receiving: Security status not satisfied, after sending 
 portion of data for signing.

 Can anyone point me to some solution?

 Here is the part of the logs which I guess is relevant:

 0xb7b1d6c0 13:35:27.314 [opensc-pkcs11] 
 framework-pkcs15.c:2630:pkcs15_prkey_sign: Initiating signing operation, 
 mechanism 0x1.

 0xb7b1d6c0 13:35:27.314 [opensc-pkcs11] card.c:292:sc_lock: called

 0xb7b1d6c0 13:35:27.314 [opensc-pkcs11] reader-pcsc.c:511:pcsc_lock: called

 0xb7b1d6c0 13:35:27.314 [opensc-pkcs11] 
 framework-pkcs15.c:3611:reselect_app_df: reselect application df

 0xb7b1d6c0 13:35:27.314 [opensc-pkcs11] card.c:571:sc_select_file: called; 
 type=2, path=3f00de00

 0xb7b1d6c0 13:35:27.314 [opensc-pkcs11] apdu.c:525:sc_transmit_apdu: called

 0xb7b1d6c0 13:35:27.314 [opensc-pkcs11] card.c:292:sc_lock: called

 0xb7b1d6c0 13:35:27.314 [opensc-pkcs11] reader-pcsc.c:243:pcsc_transmit: 
 reader 'ACS ACR38U 00 00'

 0xb7b1d6c0 13:35:27.314 [opensc-pkcs11] apdu.c:184:sc_apdu_log:

 Outgoing APDU data [7 bytes] =

 00 A4 08 00 02 DE 00 ...

 ==

 0xb7b1d6c0 13:35:27.314 [opensc-pkcs11] 
 reader-pcsc.c:176:pcsc_internal_transmit: called

 0xb7b1d6c0 13:35:27.363 [opensc-pkcs11] apdu.c:184:sc_apdu_log:

 Incoming APDU data [2 bytes] =

 61 2D a-

 ==

 0xb7b1d6c0 13:35:27.363 [opensc-pkcs11] card.c:330:sc_unlock: called

 0xb7b1d6c0 13:35:27.363 [opensc-pkcs11] iso7816.c:481:iso7816_select_file: 
 returning with: 0 (Success)

 0xb7b1d6c0 13:35:27.363 [opensc-pkcs11] card.c:597:sc_select_file: returning 
 with: 0 (Success)

 0xb7b1d6c0 13:35:27.363 [opensc-pkcs11] 
 framework-pkcs15.c:2710:pkcs15_prkey_sign: Selected flags 12. Now computing 
 signature for 3 bytes. 512 bytes reserved.

 0xb7b1d6c0 13:35:27.363 [opensc-pkcs11] 
 pkcs15-sec.c:190:sc_pkcs15_compute_signature: called

 0xb7b1d6c0 13:35:27.363 [opensc-pkcs11] 
 pkcs15-sec.c:191:sc_pkcs15_compute_signature: security operation flags 0x12

 0xb7b1d6c0 13:35:27.363 [opensc-pkcs11] 
 pkcs15-sec.c:273:sc_pkcs15_compute_signature: supported algorithm flags 
 0x8033, private key usage 0x26

 0xb7b1d6c0 13:35:27.363 [opensc-pkcs11] padding.c:273:sc_get_encoding_flags: 
 called

 0xb7b1d6c0 13:35:27.363 [opensc-pkcs11] padding.c:277:sc_get_encoding_flags: 
 iFlags 0x12, card capabilities 0x8033

 0xb7b1d6c0 13:35:27.363 [opensc-pkcs11] padding.c:306:sc_get_encoding_flags: 
 pad flags 0x10, secure algorithm flags 0x2

 0xb7b1d6c0 13:35:27.363 [opensc-pkcs11] padding.c:307:sc_get_encoding_flags: 
 returning with: 0 (Success)

 0xb7b1d6c0 13:35:27.363 [opensc-pkcs11] 
 pkcs15-sec.c:324:sc_pkcs15_compute_signature: DEE flags:0x0012 
 alg_info-flags:0x8033 pad:0x0010 sec:0x0002

 0xb7b1d6c0 13:35:27.363 [opensc-pkcs11] padding.c:232:sc_pkcs1_encode: called

 0xb7b1d6c0 13:35:27.363 [opensc-pkcs11] padding.c:236:sc_pkcs1_encode: hash 
 algorithm 0x10, pad algorithm 0x0

 0xb7b1d6c0 13:35:27.363 [opensc-pkcs11] padding.c:255:sc_pkcs1_encode: 
 returning with: 0 (Success)

 0xb7b1d6c0 13:35:27.363 [opensc-pkcs11] card.c:292:sc_lock: called

 0xb7b1d6c0 13:35:27.363 [opensc-pkcs11] pkcs15-sec.c:42:select_key_file: 
 called

 0xb7b1d6c0 13:35:27.363 [opensc-pkcs11] 

[opensc-devel] libp11 engine_pkcs11 support for ECDSA keys

2011-08-12 Thread Felipe Blauth
Hello.

I've started using engine_pkcs11 to access PKCS #11 tokens from OpenSSL
EVP_PKEY's trough ENGINE_load_key_type_key methods. It works very well
with RSA keys, but it doesn't recognize ECDSA keys.

Searching trough the web, I've found that Douglas had a patch for it at
http://www.mail-archive.com/opensc-devel@lists.opensc-project.org/msg07785.html.


Was that ever incorporated? I couldn't find in the latest snapshots.

Thank you very much.

-- 
Felipe Menegola Blauth
___
opensc-devel mailing list
opensc-devel@lists.opensc-project.org
http://www.opensc-project.org/mailman/listinfo/opensc-devel

Re: [opensc-devel] PIN caching problems with pkcs11-helper 1.08

2011-08-12 Thread Alon Bar-Lev
Jonatan,
Can you please try the attached patch and see if it helps?
Thanks!

On Thu, Aug 11, 2011 at 11:20 AM, Alon Bar-Lev alon.bar...@gmail.com wrote:

 Martin,

 The openssl engine is called with 0x24 buffer size and expect it to be
 encrypted by private key with same length.

 Prototype:
 ---
 static
 int
 __pkcs11h_openssl_enc (
        IN int flen,
        IN const unsigned char *from,
        OUT unsigned char *to,
        IN OUT RSA *rsa,
        IN int padding
 ) {
 ---

 I may got this wrong.
 Will investigate.

 On Thu, Aug 11, 2011 at 10:38 AM, Martin Paljak mar...@martinpaljak.net 
 wrote:
  Hello,
 
  2011/8/11 Jonatan Åkerlind jonatan.akerl...@sgsstudentbostader.se:
  We have a setup using the Aladdin eToken PRO USB device for certificate
  storage using opensc/openct to interface it with openvpn. Works fine but
  with pkcs11-helper 1.08 we need to enter the PIN code twice at openvpn
  startup and then once at each renegotiation. Confirmed with various
  versions of openvpn (2.1.4/2.2.1), opensc (0.11.13, 0.12.1) and openct
  (0.6.20), common thing is that it works with pkcs11-helper 1.07 (the PIN
  caching seems ok and only asks for the pin code once at startup and no
  more) but with pkcs11-helper 1.08 the PIN caching does not work.
 
  Attached is a log from openvpn with verbosity 99 (gives a lot of info)
  using pkcs11-helper 1.08. It contains the startup and a couple of
  renegotiations filtered to only include lines with pkcs in them.
 
  This might be relevant:
 
  PKCS#11: __pkcs11h_certificate_doPrivateOperation entry
  certificate=0x72ebb0, op=0, mech_type=1, source=0x7fff40fa3be0,
               source_size=0024, target=0x757936,
  *p_target_size=0024
 
  the target size is the same as input size, which makes one of the
  operations fail with CKR_BUFFER_TOO_SMALL and will trigger another
  try, which will mean another PIN entry. Probably something else is
  fishy as well.
  ___
  opensc-devel mailing list
  opensc-devel@lists.opensc-project.org
  http://www.opensc-project.org/mailman/listinfo/opensc-devel
Index: lib/pkcs11h-openssl.c
===
--- lib/pkcs11h-openssl.c	(revision 205)
+++ lib/pkcs11h-openssl.c	(revision 207)
@@ -291,7 +291,7 @@
 	pkcs11h_certificate_t certificate = __pkcs11h_openssl_get_pkcs11h_certificate (rsa);
 	PKCS11H_BOOL session_locked = FALSE;
 	CK_RV rv = CKR_FUNCTION_FAILED;
-	size_t tlen = (size_t)flen;
+	size_t tlen;
 
 	_PKCS11H_ASSERT (from!=NULL);
 	_PKCS11H_ASSERT (to!=NULL);
@@ -312,6 +312,8 @@
 		goto cleanup;
 	}
 
+	tlen = (size_t)RSA_size(rsa);
+
 	if ((rv = pkcs11h_certificate_lockSession (certificate)) != CKR_OK) {
 		goto cleanup;
 	}
Index: lib/pkcs11h-certificate.c
===
--- lib/pkcs11h-certificate.c	(revision 205)
+++ lib/pkcs11h-certificate.c	(revision 207)
@@ -961,16 +961,17 @@
 			rv
 		);
 
+		if (rv == CKR_BUFFER_TOO_SMALL  op != __pkcs11h_private_op_unwrap) {
+			certificate-operation_active = TRUE;
+		}
+
 		if (target != NULL) {
 			if (rv != CKR_OK) {
 goto retry;
 			}
 		}
 		else {
-			if (
-rv == CKR_OK ||
-rv == CKR_BUFFER_TOO_SMALL
-			) {
+			if (rv == CKR_OK) {
 if (op != __pkcs11h_private_op_unwrap) {
 	certificate-operation_active = TRUE;
 }
@@ -994,6 +995,10 @@
 		}
 
 		if (!op_succeed) {
+			if (rv == CKR_BUFFER_TOO_SMALL) {
+goto cleanup;
+			}
+
 			/*
 			 * OpenSC workaround
 			 * It still allows C_FindObjectsInit when
___
opensc-devel mailing list
opensc-devel@lists.opensc-project.org
http://www.opensc-project.org/mailman/listinfo/opensc-devel

Re: [opensc-devel] libp11 engine_pkcs11 support for ECDSA keys

2011-08-12 Thread Douglas E. Engert
No it has not been incorporated because it requires an OpenSSL
internal header file ecs_locl.h, thus making it impractical to
compile in to any package.

This is a known bug:

http://rt.openssl.org/Ticket/Display.html?id=2459user=guestpass=guest

It also appeared on the OpenSSL mailing list.

The patch should still work. Please try it, and you can
also add comments to the OpenSSL bug report.


On 8/12/2011 2:12 PM, Felipe Blauth wrote:
 Hello.

 I've started using engine_pkcs11 to access PKCS #11 tokens from OpenSSL 
 EVP_PKEY's trough ENGINE_load_key_type_key methods. It works very well 
 with RSA keys, but it doesn't recognize ECDSA keys.

 Searching trough the web, I've found that Douglas had a patch for it at 
 http://www.mail-archive.com/opensc-devel@lists.opensc-project.org/msg07785.html.

 Was that ever incorporated? I couldn't find in the latest snapshots.

 Thank you very much.

 --
 Felipe Menegola Blauth



 ___
 opensc-devel mailing list
 opensc-devel@lists.opensc-project.org
 http://www.opensc-project.org/mailman/listinfo/opensc-devel

-- 

  Douglas E. Engert  deeng...@anl.gov
  Argonne National Laboratory
  9700 South Cass Avenue
  Argonne, Illinois  60439
  (630) 252-5444
___
opensc-devel mailing list
opensc-devel@lists.opensc-project.org
http://www.opensc-project.org/mailman/listinfo/opensc-devel


Re: [opensc-devel] Cryptotech Setcos card signing problem

2011-08-12 Thread TMS Brokers / Łukasz Kościesza
OK, I'm attaching the log file:
And I was able to sniff USB communication with card reader with native windows 
middleware for comparition:
01 A0 00 07 - 00 A4 08 00 02 DF 01
01 00 00 02 - 61 22
01 A0 00 05 - 00 C0 00 00 22
01 00 00 24 - (40 bytes - some id?)
01 A0 00 05 - 00 20 00 81 00
01 00 00 02 - 63 C3
01 A0 00 07 - 00 0A 08 00 02 DF 01
01 00 00 02 - 61 22
01 A0 00 05 - 00 C0 00 00 22
01 00 00 24 - (40 bytes - some id?)
01 A0 00 0D - 00 20  (PIN!)
01 00 00 02 - 90 00
01 A0 00 05 - 00 20 00 81 00
01 00 00 02 - 90 00
01 A0 00 07 - A4 08 00 02 DF 01
01 00 00 02 - 61 22
01 A0 00 05 - 00 20 00 81 00
01 00 00 02 - 90 00
01 A0 00 07 - A4 08 00 02 DF 01
01 00 00 02 - 61 22
01 A0 00 0C - 00 22 41 B6 07 80 01 02 81 02 EF D5
01 00 00 02 - 90 00
01 A0 00 28 - (44 bytes) (data to be signed?)
01 00 00 02 - 61 80
01 A0 00 05 - 00 C0 00 00 80
01 00 00 82 - (64 bytes) (signature?)
   (64 bytes)
01 A0 00 07 - 00 A4 08 00 02 DF 01
01 00 00 02 - 61 22
01 A0 00 05 - 00 20 00 81 00
01 00 00 02 - 63 C3

0xb7ad06c0 17:20:11.660 [opensc-pkcs11] ctx.c:659:sc_context_create: 
===
0xb7ad06c0 17:20:11.660 [opensc-pkcs11] ctx.c:660:sc_context_create: opensc 
version: 0.12.2
0xb7ad06c0 17:20:11.679 [opensc-pkcs11] reader-pcsc.c:657:pcsc_init: PC/SC 
options: connect_exclusive=0 disconnect_action=1 transaction_end_action=0 
reconnect_action=0 enable_pinpad=1
0xb7ad06c0 17:20:11.726 [opensc-pkcs11] reader-pcsc.c:870:pcsc_detect_readers: 
called
0xb7ad06c0 17:20:11.726 [opensc-pkcs11] reader-pcsc.c:878:pcsc_detect_readers: 
Probing pcsc readers
0xb7ad06c0 17:20:11.726 [opensc-pkcs11] reader-pcsc.c:900:pcsc_detect_readers: 
Establish pcsc context
0xb7ad06c0 17:20:11.727 [opensc-pkcs11] reader-pcsc.c:948:pcsc_detect_readers: 
Found new pcsc reader 'ACS ACR38U 00 00'
0xb7ad06c0 17:20:11.727 [opensc-pkcs11] reader-pcsc.c:277:refresh_attributes: 
ACS ACR38U 00 00 check
0xb7ad06c0 17:20:11.727 [opensc-pkcs11] reader-pcsc.c:301:refresh_attributes: 
current  state: 0x0022
0xb7ad06c0 17:20:11.727 [opensc-pkcs11] reader-pcsc.c:302:refresh_attributes: 
previous state: 0x
0xb7ad06c0 17:20:11.727 [opensc-pkcs11] reader-pcsc.c:356:refresh_attributes: 
card present, changed
0xb7ad06c0 17:20:11.727 [opensc-pkcs11] reader-pcsc.c:979:pcsc_detect_readers: 
Requesting reader features ...
0xb7ad06c0 17:20:11.764 [opensc-pkcs11] reader-pcsc.c:993:pcsc_detect_readers: 
ACS ACR38U 00 00:SCardConnect(SHARED): 0x
0xb7ad06c0 17:20:11.764 [opensc-pkcs11] 
reader-pcsc.c:760:detect_reader_features: called
0xb7ad06c0 17:20:11.765 [opensc-pkcs11] 
reader-pcsc.c:767:detect_reader_features: ACS ACR38U 00 00:SCardControl failed: 
0x8014
0xb7ad06c0 17:20:11.765 [opensc-pkcs11] reader-pcsc.c:1023:pcsc_detect_readers: 
returning with: 0 (Success)
0xb7ad06c0 17:20:11.765 [opensc-pkcs11] misc.c:323:load_pkcs11_parameters: 
PKCS#11 options: plug_and_play=1 max_virtual_slots=16 slots_per_card=4 
hide_empty_tokens=1 lock_login=0 pin_unblock_style=0 zero_ckaid_for_ca_certs=0
0xb7ad06c0 17:20:11.765 [opensc-pkcs11] slot.c:90:create_slot: Creating slot 
with id 0x0
0xb7ad06c0 17:20:11.765 [opensc-pkcs11] slot.c:90:create_slot: Creating slot 
with id 0x1
0xb7ad06c0 17:20:11.765 [opensc-pkcs11] slot.c:90:create_slot: Creating slot 
with id 0x2
0xb7ad06c0 17:20:11.765 [opensc-pkcs11] slot.c:90:create_slot: Creating slot 
with id 0x3
0xb7ad06c0 17:20:11.765 [opensc-pkcs11] slot.c:90:create_slot: Creating slot 
with id 0x4
0xb7ad06c0 17:20:11.765 [opensc-pkcs11] sc.c:195:sc_detect_card_presence: called
0xb7ad06c0 17:20:11.765 [opensc-pkcs11] 
reader-pcsc.c:364:pcsc_detect_card_presence: called
0xb7ad06c0 17:20:11.765 [opensc-pkcs11] reader-pcsc.c:277:refresh_attributes: 
ACS ACR38U 00 00 check
0xb7ad06c0 17:20:11.765 [opensc-pkcs11] reader-pcsc.c:293:refresh_attributes: 
returning with: 0 (Success)
0xb7ad06c0 17:20:11.765 [opensc-pkcs11] 
reader-pcsc.c:369:pcsc_detect_card_presence: returning with: 1
0xb7ad06c0 17:20:11.765 [opensc-pkcs11] sc.c:200:sc_detect_card_presence: 
returning with: 1
0xb7ad06c0 17:20:11.765 [opensc-pkcs11] slot.c:188:card_detect: ACS ACR38U 00 
00: Detecting smart card
0xb7ad06c0 17:20:11.766 [opensc-pkcs11] sc.c:195:sc_detect_card_presence: called
0xb7ad06c0 17:20:11.766 [opensc-pkcs11] 
reader-pcsc.c:364:pcsc_detect_card_presence: called
0xb7ad06c0 17:20:11.766 [opensc-pkcs11] reader-pcsc.c:277:refresh_attributes: 
ACS ACR38U 00 00 check
0xb7ad06c0 17:20:11.766 [opensc-pkcs11] reader-pcsc.c:293:refresh_attributes: 
returning with: 0 (Success)
0xb7ad06c0 17:20:11.766 [opensc-pkcs11] 
reader-pcsc.c:369:pcsc_detect_card_presence: returning with: 1
0xb7ad06c0 17:20:11.766 [opensc-pkcs11] sc.c:200:sc_detect_card_presence: 
returning with: 1
0xb7ad06c0 17:20:11.766 [opensc-pkcs11] slot.c:224:card_detect: ACS ACR38U 00 
00: First seen the card
0xb7ad06c0 17:20:11.766 [opensc-pkcs11] slot.c:232:card_detect: ACS ACR38U 00 
00: Connecting ...
0xb7ad06c0 17:20:11.766 [opensc-pkcs11] 

Re: [opensc-devel] Cryptotech Setcos card signing problem

2011-08-12 Thread TMS Brokers / Łukasz Kościesza
0xb7ad06c0 17:20:12.324 [opensc-pkcs11] card.c:330:sc_unlock: called
0xb7ad06c0 17:20:12.324 [opensc-pkcs11] card.c:330:sc_unlock: called
0xb7ad06c0 17:20:12.324 [opensc-pkcs11] iso7816.c:320:iso7816_process_fci: 
processing FCI bytes
0xb7ad06c0 17:20:12.324 [opensc-pkcs11] iso7816.c:325:iso7816_process_fci:   
file identifier: 0x5306
0xb7ad06c0 17:20:12.324 [opensc-pkcs11] iso7816.c:339:iso7816_process_fci:   
bytes in file: 52
0xb7ad06c0 17:20:12.324 [opensc-pkcs11] iso7816.c:351:iso7816_process_fci:   
shareable: no
0xb7ad06c0 17:20:12.324 [opensc-pkcs11] iso7816.c:371:iso7816_process_fci:   
type: working EF
0xb7ad06c0 17:20:12.324 [opensc-pkcs11] iso7816.c:373:iso7816_process_fci:   EF 
structure: 1
0xb7ad06c0 17:20:12.325 [opensc-pkcs11] card.c:597:sc_select_file: returning 
with: 0 (Success)
0xb7ad06c0 17:20:12.325 [opensc-pkcs11] card.c:422:sc_read_binary: called; 52 
bytes at index 0
0xb7ad06c0 17:20:12.325 [opensc-pkcs11] apdu.c:525:sc_transmit_apdu: called
0xb7ad06c0 17:20:12.325 [opensc-pkcs11] card.c:292:sc_lock: called
0xb7ad06c0 17:20:12.325 [opensc-pkcs11] reader-pcsc.c:243:pcsc_transmit: reader 
'ACS ACR38U 00 00'
0xb7ad06c0 17:20:12.325 [opensc-pkcs11] apdu.c:184:sc_apdu_log:
Outgoing APDU data [5 bytes] =
00 B0 00 00 34 4
==
0xb7ad06c0 17:20:12.325 [opensc-pkcs11] 
reader-pcsc.c:176:pcsc_internal_transmit: called
0xb7ad06c0 17:20:12.352 [opensc-pkcs11] apdu.c:184:sc_apdu_log:
Incoming APDU data [   54 bytes] =
30 32 30 0C 0C 0A 53 65 74 45 49 44 20 50 49 4E 020...SetEID PIN
30 03 04 01 04 A1 1D 30 1B 03 02 02 0C 0A 01 01 0..0
02 01 04 02 01 08 80 01 81 04 01 00 30 06 04 04 0...
3F 00 DF 01 90 00   ?.
==
0xb7ad06c0 17:20:12.352 [opensc-pkcs11] card.c:330:sc_unlock: called
0xb7ad06c0 17:20:12.352 [opensc-pkcs11] iso7816.c:151:iso7816_read_binary: 
returning with: 52
0xb7ad06c0 17:20:12.352 [opensc-pkcs11] card.c:455:sc_read_binary: returning 
with: 52
0xb7ad06c0 17:20:12.352 [opensc-pkcs11] card.c:330:sc_unlock: called
0xb7ad06c0 17:20:12.352 [opensc-pkcs11] reader-pcsc.c:548:pcsc_unlock: called
0xb7ad06c0 17:20:12.358 [opensc-pkcs11] pkcs15.c:1944:sc_pkcs15_read_file: 
returning with: 0 (Success)
0xb7ad06c0 17:20:12.358 [opensc-pkcs11] pkcs15.c:1640:sc_pkcs15_parse_df: 
bufsize 52; first tag 0x30
0xb7ad06c0 17:20:12.358 [opensc-pkcs11] pkcs15.c:1649:sc_pkcs15_parse_df: rv 0
0xb7ad06c0 17:20:12.358 [opensc-pkcs11] pkcs15.c:1676:sc_pkcs15_parse_df: 
returning with: 0 (Success)
0xb7ad06c0 17:20:12.358 [opensc-pkcs11] 
framework-pkcs15.c:885:pkcs15_create_tokens: Found 1 authentication objects
0xb7ad06c0 17:20:12.358 [opensc-pkcs11] pkcs15.c:1603:sc_pkcs15_parse_df: 
called; path=3f00de005301, type=0, enum=0
0xb7ad06c0 17:20:12.358 [opensc-pkcs11] pkcs15.c:1865:sc_pkcs15_read_file: 
called; path=3f00de005301, index=0, count=-1
0xb7ad06c0 17:20:12.358 [opensc-pkcs11] card.c:292:sc_lock: called
0xb7ad06c0 17:20:12.358 [opensc-pkcs11] reader-pcsc.c:511:pcsc_lock: called
0xb7ad06c0 17:20:12.358 [opensc-pkcs11] card.c:571:sc_select_file: called; 
type=2, path=3f00de005301
0xb7ad06c0 17:20:12.358 [opensc-pkcs11] apdu.c:525:sc_transmit_apdu: called
0xb7ad06c0 17:20:12.358 [opensc-pkcs11] card.c:292:sc_lock: called
0xb7ad06c0 17:20:12.358 [opensc-pkcs11] reader-pcsc.c:243:pcsc_transmit: reader 
'ACS ACR38U 00 00'
0xb7ad06c0 17:20:12.358 [opensc-pkcs11] apdu.c:184:sc_apdu_log:
Outgoing APDU data [9 bytes] =
00 A4 08 00 04 DE 00 53 01 ...S.
==
0xb7ad06c0 17:20:12.358 [opensc-pkcs11] 
reader-pcsc.c:176:pcsc_internal_transmit: called
0xb7ad06c0 17:20:12.414 [opensc-pkcs11] apdu.c:184:sc_apdu_log:
Incoming APDU data [2 bytes] =
61 14 a.
==
0xb7ad06c0 17:20:12.414 [opensc-pkcs11] apdu.c:525:sc_transmit_apdu: called
0xb7ad06c0 17:20:12.414 [opensc-pkcs11] card.c:292:sc_lock: called
0xb7ad06c0 17:20:12.414 [opensc-pkcs11] reader-pcsc.c:243:pcsc_transmit: reader 
'ACS ACR38U 00 00'
0xb7ad06c0 17:20:12.414 [opensc-pkcs11] apdu.c:184:sc_apdu_log:
Outgoing APDU data [5 bytes] =
00 C0 00 00 14 .
==
0xb7ad06c0 17:20:12.414 [opensc-pkcs11] 
reader-pcsc.c:176:pcsc_internal_transmit: called
0xb7ad06c0 17:20:12.423 [opensc-pkcs11] apdu.c:184:sc_apdu_log:
Incoming APDU data [   22 bytes] =
6F 12 81 02 00 4D 82 01 01 83 02 53 01 86 02 01 oM.S
41 8A 01 07 90 00   A.
==
0xb7ad06c0 

Re: [opensc-devel] Cryptotech Setcos card signing problem

2011-08-12 Thread TMS Brokers / Łukasz Kościesza
0xb7ad06c0 17:20:13.248 [opensc-pkcs11] apdu.c:184:sc_apdu_log:
Outgoing APDU data [5 bytes] =
00 B0 01 00 00 .
==
0xb7ad06c0 17:20:13.248 [opensc-pkcs11] 
reader-pcsc.c:176:pcsc_internal_transmit: called
0xb7ad06c0 17:20:13.323 [opensc-pkcs11] apdu.c:184:sc_apdu_log:
Incoming APDU data [  258 bytes] =
SWIPPED OFF CERTIFICATE DATA
90 00   ..
==
0xb7ad06c0 17:20:13.323 [opensc-pkcs11] card.c:330:sc_unlock: called
0xb7ad06c0 17:20:13.323 [opensc-pkcs11] iso7816.c:151:iso7816_read_binary: 
returning with: 256
0xb7ad06c0 17:20:13.323 [opensc-pkcs11] card.c:455:sc_read_binary: returning 
with: 256
0xb7ad06c0 17:20:13.323 [opensc-pkcs11] card.c:422:sc_read_binary: called; 256 
bytes at index 512
0xb7ad06c0 17:20:13.323 [opensc-pkcs11] apdu.c:525:sc_transmit_apdu: called
0xb7ad06c0 17:20:13.323 [opensc-pkcs11] card.c:292:sc_lock: called
0xb7ad06c0 17:20:13.323 [opensc-pkcs11] reader-pcsc.c:243:pcsc_transmit: reader 
'ACS ACR38U 00 00'
0xb7ad06c0 17:20:13.323 [opensc-pkcs11] apdu.c:184:sc_apdu_log:
Outgoing APDU data [5 bytes] =
00 B0 02 00 00 .
==
0xb7ad06c0 17:20:13.323 [opensc-pkcs11] 
reader-pcsc.c:176:pcsc_internal_transmit: called
0xb7ad06c0 17:20:13.398 [opensc-pkcs11] apdu.c:184:sc_apdu_log:
Incoming APDU data [  258 bytes] =
SWIPPED OFF CERTIFICATE DATA
90 00   ..
==
0xb7ad06c0 17:20:13.398 [opensc-pkcs11] card.c:330:sc_unlock: called
0xb7ad06c0 17:20:13.398 [opensc-pkcs11] iso7816.c:151:iso7816_read_binary: 
returning with: 256
0xb7ad06c0 17:20:13.398 [opensc-pkcs11] card.c:455:sc_read_binary: returning 
with: 256
0xb7ad06c0 17:20:13.398 [opensc-pkcs11] card.c:422:sc_read_binary: called; 256 
bytes at index 768
0xb7ad06c0 17:20:13.398 [opensc-pkcs11] apdu.c:525:sc_transmit_apdu: called
0xb7ad06c0 17:20:13.398 [opensc-pkcs11] card.c:292:sc_lock: called
0xb7ad06c0 17:20:13.398 [opensc-pkcs11] reader-pcsc.c:243:pcsc_transmit: reader 
'ACS ACR38U 00 00'
0xb7ad06c0 17:20:13.398 [opensc-pkcs11] apdu.c:184:sc_apdu_log:
Outgoing APDU data [5 bytes] =
00 B0 03 00 00 .
==
0xb7ad06c0 17:20:13.398 [opensc-pkcs11] 
reader-pcsc.c:176:pcsc_internal_transmit: called
0xb7ad06c0 17:20:13.473 [opensc-pkcs11] apdu.c:184:sc_apdu_log:
Incoming APDU data [  258 bytes] =
SWIPPED OFF CERTIFICATE DATA
90 00   ..
==
0xb7ad06c0 17:20:13.473 [opensc-pkcs11] card.c:330:sc_unlock: called
0xb7ad06c0 17:20:13.473 [opensc-pkcs11] iso7816.c:151:iso7816_read_binary: 
returning with: 256
0xb7ad06c0 17:20:13.473 [opensc-pkcs11] card.c:455:sc_read_binary: returning 
with: 256
0xb7ad06c0 17:20:13.473 [opensc-pkcs11] card.c:422:sc_read_binary: called; 256 
bytes at index 1024
0xb7ad06c0 17:20:13.473 [opensc-pkcs11] apdu.c:525:sc_transmit_apdu: called
0xb7ad06c0 17:20:13.473 [opensc-pkcs11] card.c:292:sc_lock: called
0xb7ad06c0 17:20:13.473 [opensc-pkcs11] reader-pcsc.c:243:pcsc_transmit: reader 
'ACS ACR38U 00 00'
0xb7ad06c0 17:20:13.473 [opensc-pkcs11] apdu.c:184:sc_apdu_log:
Outgoing APDU data [5 bytes] =
00 B0 04 00 00 .
==
0xb7ad06c0 17:20:13.473 [opensc-pkcs11] 
reader-pcsc.c:176:pcsc_internal_transmit: called
0xb7ad06c0 17:20:13.550 [opensc-pkcs11] apdu.c:184:sc_apdu_log:
Incoming APDU data [  258 bytes] =
SWIPPED OFF CERTIFICATE DATA
90 00   ..
==
0xb7ad06c0 17:20:13.550 [opensc-pkcs11] card.c:330:sc_unlock: called
0xb7ad06c0 17:20:13.550 [opensc-pkcs11] iso7816.c:151:iso7816_read_binary: 
returning with: 256
0xb7ad06c0 17:20:13.550 [opensc-pkcs11] card.c:455:sc_read_binary: returning 
with: 256
0xb7ad06c0 17:20:13.550 [opensc-pkcs11] card.c:422:sc_read_binary: called; 176 
bytes at index 1280
0xb7ad06c0 17:20:13.550 [opensc-pkcs11] apdu.c:525:sc_transmit_apdu: called
0xb7ad06c0 17:20:13.550 [opensc-pkcs11] card.c:292:sc_lock: called
0xb7ad06c0 17:20:13.550 [opensc-pkcs11] reader-pcsc.c:243:pcsc_transmit: reader 
'ACS ACR38U 00 00'
0xb7ad06c0 17:20:13.550 [opensc-pkcs11] apdu.c:184:sc_apdu_log:
Outgoing APDU data [5 bytes] =
00 B0 05 00 B0 .