Hi folks, I have a CryptoCombo FIPS device, which I believe contains the same hardware as a CryptoIdentity FIPS. Eutron's website claims that both devices use a Philips P8WE5032 chip, with "mask" G&D StarCOS SPK 2.4.
Eutron offers a closed source driver for some old Linux distributions. They have a PC/SC driver and then a PKCS#11 layer on top, called SafeSign. Of course the driver doesn't work on my modern Ubuntu installation. :( There are five CryptoIdentity models, but only the FIPS and ITSEC-P models utilize the SafeSign API kit (in my mail exchange with Eutron, they hinted at being tied into some agreement with SafeSign). The other three they don't offer support for in Linux, although they say that the ITSEC-I version (which has the Infineon SLE 66CX32xP chip, with "mask" Siemens CardOS M4.01(a)) may work with OpenSC. This is now the second device I've bought that is useless in my Linux environment, and it is sad because I bought this device specifically because Eutron claimed Linux support. I want to get this working with an open source driver, half on principle now. Questions: 1) How should I begin? I'm experienced with low-level serial protocols, so I'm not afraid to try this if you guys thing it is a reasonable idea. However, I'm new to OpenSC's code structure. 2) On the OpenSC features page, StarCOS SPK 2.3 is listed. Can 2.4 really be much different? Anyone know anything about this? 3) Would I want to implement a PC/SC driver, just like Eutron? Or would it make more sense to do this in OpenCT? 4) What about the PKCS#11 layer? Is it enough to get the PC/SC device working and then OpenSC can take over from there? Or could there be additional proprietary protocol going on between pcsc and SafeSign? 5) The device claims to support PKCS#15. I thought this was a hardware protocol standard, and would mean instant OpenSC compatibility, but I guess I was wrong? (I read now that it's more of a filesystem layout, how uninteresting...) 6) Anyone know about the legality of reverse-engineering protocols like this? What about using the binary driver as a reference? Thanks, -Justin _______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
