[opensc-devel] ACR122U + MyEID dual interface
Hi all. Just received $subj and started testing. Too bad the cards aren't recognized by default: $ opensc-tool -a -n Using reader with a card: ACS ACR122U PICC Interface 00 00 3b:85:80:01:4d:79:45:49:44:78 Unsupported card Is it only matter of unknown ATR and I can safely use force myeid? Or should I add support for 'em digging in the code (for this, help from Aventra would be really welcome -- big task!). Is it possible to make that reader handle multiple cards in parallel (both placed on the reader)? PS: the card in MyLogin for Windows kit reports an ATR of 3B 8F 80 01 80 4F 0C A0 00 00 03 06 03 00 01 00 00 00 00 6A Does someone know something about this card? Tks, Diego. ___ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
Re: [opensc-devel] ACR122U + MyEID dual interface
Hello, On Thu, May 24, 2012 at 4:21 PM, NdK ndk.cla...@gmail.com wrote: Hi all. Just received $subj and started testing. Too bad the cards aren't recognized by default: $ opensc-tool -a -n Using reader with a card: ACS ACR122U PICC Interface 00 00 3b:85:80:01:4d:79:45:49:44:78 Unsupported card I'm not certain about all ACS products, but one of the 122 reader marketed as tikitag/touchatag is CCID, but it requires a special APDU wrapping to actually talk to the RF interface. Maybe this reader is similar. Martin Is it only matter of unknown ATR and I can safely use force myeid? Or should I add support for 'em digging in the code (for this, help from Aventra would be really welcome -- big task!). Is it possible to make that reader handle multiple cards in parallel (both placed on the reader)? PS: the card in MyLogin for Windows kit reports an ATR of 3B 8F 80 01 80 4F 0C A0 00 00 03 06 03 00 01 00 00 00 00 6A Does someone know something about this card? Tks, Diego. ___ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel ___ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
[opensc-devel] libccid + keyboard
Hi all, Just accidentally I came across some lines in Lodovic's blog. For the latest version of licccid-1.4.6, he writes: Disable SPE for HP USB CCID Smartcard Keyboard. The reader is bogus and unsafe. I am not sure what SPE for HP... means, but I certainly hope I can still use it for our smartcards as we have a couple of thousands of those keyboards. I hope that it is just an obscure extra feature. Hans __ Dit bericht kan informatie bevatten die niet voor u is bestemd. Indien u niet de geadresseerde bent of dit bericht abusievelijk aan u is toegezonden, wordt u verzocht dat aan de afzender te melden en het bericht te verwijderen. De Staat aanvaardt geen aansprakelijkheid voor schade, van welke aard ook, die verband houdt met risico's verbonden aan het elektronisch verzenden van berichten. This message may contain information that is not intended for you. If you are not the addressee or if this message was sent to you by mistake, you are requested to inform the sender and delete the message. The State accepts no liability for damage of any kind resulting from the risks inherent in the electronic transmission of messages. ___ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
Re: [opensc-devel] libccid + keyboard
2012/5/24 j.witvl...@mindef.nl: Hi all, Hello, Just accidentally I came across some lines in Lodovic's blog. For the latest version of licccid-1.4.6, he writes: Disable SPE for HP USB CCID Smartcard Keyboard. The reader is bogus and unsafe. I am not sure what SPE for HP... means, but I certainly hope I can still use it for our smartcards as we have a couple of thousands of those keyboards. I hope that it is just an obscure extra feature. SPE is Secure PIN Entry. In this mode the PIN is entered on the keyboard (numeric pad) and sent directly to the smart card without going to the host. See the note at [1]. I do not have such a keyboard myself. So I can't tell you more about the problems. Bye [1] http://pcsclite.alioth.debian.org/ccid/unsupported.html#0x03F00x1024 -- Dr. Ludovic Rousseau ___ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
Re: [opensc-devel] ACR122U + MyEID dual interface
On 24/05/2012 15:39, Martin Paljak wrote: Too bad the cards aren't recognized by default: $ opensc-tool -a -n Using reader with a card: ACS ACR122U PICC Interface 00 00 3b:85:80:01:4d:79:45:49:44:78 Unsupported card I'm not certain about all ACS products, but one of the 122 reader marketed as tikitag/touchatag is CCID, but it requires a special APDU wrapping to actually talk to the RF interface. Maybe this reader is similar. I think this one is well supported: its driver sources have 'rousseau' in nearly all headers :) Seems Ludovic got a contract with ACS (I hope for him) in 2009... If I insert one of the cards in the contact reader, I get the same ATR as standard MyEID cards: $ opensc-tool -a -n Using reader with a card: Gemalto GemPC Twin 00 00 3b:f5:18:00:00:81:31:fe:45:4d:79:45:49:44:9a MyEID cards with PKCS#15 applet But (obviously) if I place it on NFC reader I can't use it: $ pkcs15-init -C --pin --puk Using reader with a card: ACS ACR122U PICC Interface 01 00 Couldn't bind to the card: Not supported Is there any way I could force pkcs15-init in recognizing it as myeid (like -c myeid for pkcs11-tool)? BTW for the other ATR (3b:8f:80:01:80:4f:0c:a0:00:00:03:06:03:00:01:00:00:00:00:6a) I already found: it's a Mifare One card (just tested with others I had around). BYtE, Diego. ___ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
Re: [opensc-devel] ACR122U + MyEID dual interface
2012/5/24 NdK ndk.cla...@gmail.com: I think this one is well supported: its driver sources have 'rousseau' in nearly all headers :) Seems Ludovic got a contract with ACS (I hope for him) in 2009... ACS forked my CCID driver. I got no contract with ACS. Your ACS ACR122U PICC Interface reader should work with my CCID driver. I have no answer regarding OpenSC support. Bye -- Dr. Ludovic Rousseau ___ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
Re: [opensc-devel] ACR122U + MyEID dual interface
On 24/05/2012 17:56, NdK wrote: Found some docs. Actually the reader's docs from ACS, that seems really well-written (API_ACR122U_v2.01). BTW for the other ATR (3b:8f:80:01:80:4f:0c:a0:00:00:03:06:03:00:01:00:00:00:00:6a) I already found: it's a Mifare One card (just tested with others I had around). 3b : initial header 8f : t0 80 : td1 4f : td2 80 : t1 4f : Tk: Application identifier presence indicator 0c : Tk: length a00306: Tk: registered application provider identifier (RID) 03 : Tk: standard (14443-*3*) 0001: Tk: card 'name' * : RFU 6a : tck (xor from t0 to Tk) Card name: 0001: Mifare 1K 0002: Mifare 4K 0003: Mifare ultralight 0026: Mifare mini f004: Topaz and Jewel f011: FeliCa 212K f022: FeliCa 424K ff: SAK (undefined) Maybe it's worth updating ATR table. HIH. BYtE, Diego. ___ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
Re: [opensc-devel] ACR122U + MyEID dual interface
On 24/05/2012 18:33, Ludovic Rousseau wrote: ACS forked my CCID driver. I got no contract with ACS. Argh! Your ACS ACR122U PICC Interface reader should work with my CCID driver. Seems so. Might be useful to look at the differences? BYtE, Diego. ___ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
[opensc-devel] SIM
Hi all, From what i learned, it seems that GSM-sims hold their info in specific EF's on the smartcard. Although they miss the directory structure normally found on cards, is there any reason why i should not be able to read thsoe EF's? I mean, when inserting a SIM into a reader, i get the ATR, but nothing more. I hoped that opensc-explorer could read them. Do those cards require special middleware (like those from safesign) or is there an other reason why i can not read them? Hans ___ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
Re: [opensc-devel] libccid + keyboard
On Thu, 2012-05-24 at 17:48 +0300, Martin Paljak wrote: Hello, SPE is Secure PIN entry. Depending on the exact version of your reader (there are several) the S in SPE can be bogus: http://martinpaljak.net/2011/03/19/insecure-hp-usb-smart-card-keyboard/ The reader will still function as a standard reader, but the PIN entry through numpad is disabled. Martin huge sigh of relief On a personal note: i wouldn't mind if that part got disabled, Actually, i always use the top row on the keyboard, instead of the numeric-pad. For those ultra-secure-solutions people should use a dedicate reader+pinpad, class-3 preferably (with own window) Our security department might think otherwise. I'll check with them. But i think they won't make a big fuss, as for home and travelling purposes they've bought 50,000 folded readers. All our workplaces in the office are equipped with those HP-keyboards, i think that SPE should not be required there ;-) Hans ___ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
Re: [opensc-devel] SIM
2012/5/24 Hans Witvliet h...@a-domani.nl: Hi all, Hello, From what i learned, it seems that GSM-sims hold their info in specific EF's on the smartcard. Although they miss the directory structure normally found on cards, is there any reason why i should not be able to read thsoe EF's? I mean, when inserting a SIM into a reader, i get the ATR, but nothing more. I hoped that opensc-explorer could read them. Do those cards require special middleware (like those from safesign) or is there an other reason why i can not read them? A SIM is not a PKI card. So I am not surprised if OpenSC tools can't use a SIM. I wrote 3 articles [1] in my blog about programs to read and interact with a SIM card. A SIM card is much more easy to use since the commands are standardised and the documentation is public. You do not have that, in general, for a PKI card. Bye [1] http://ludovicrousseau.blogspot.fr/search/label/sim -- Dr. Ludovic Rousseau ___ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel