On 09/06/2011 11:16 PM, Douglas E. Engert wrote: > > > On 9/6/2011 6:21 AM, Nikos Mavrogiannopoulos wrote: >> Hello, >> I'm trying to use the opensc 0.12.x ECDSA support, to allow ECDSA >> signing in gnutls via PKCS #11. However I have no such cards to test it. >> Do you have any suggestion on which card to use? (My only requirement is >> that it must be obtainable without placing a mass order) > > The OpenSC ECDSA code was developed using Oberthur > "ID-One PIV FIPS 201 Validated Dual Interface Smart Card" > These cards were obtained from Oberthur at about $10 each > in small quantities. I do not know their policies on selling to > individuals. > > I know at least one of the other developers obtained some of these > cards. > > I am not sure if the OpenSC ECDSA code was added to any of the other > OpenSC card-*.c drivers. It could be, as Gemalto also says their IAS ECC > card can do ECDSA, and ECDH, > http://www.gemalto.com/products/multiapp_id_ias_ecc/ > > I have not tried these. > > If you get any of the PIV cards, I can fill you in on generating > keys and signing cert requests using the card.
I would be very interested in hearing how to use these cards with opensc. I picked up a couple of "Cosmo V7 128K PIV" cards several months ago from smartcardfocus.com[1]. I could get them to generate keys but generating certificate requests kept asking for a pin. I verified the pin using # piv-tool -A M:9B:03 --send-apdu 00:20:00:80:08:....:FF:FF but that pin didn't work. Edward 1. http://www.smartcardfocus.com/shop/ilp/id~410/p/index.shtml 2. http://www.opensc-project.org/opensc/wiki/PivTool _______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
