A tiny patch that fixes several warnings on signedess and lost of
precision:
---
diff --git a/src/tools/util.c b/src/tools/util.c
index b146567..53989f3 100644
--- a/src/tools/util.c
+++ b/src/tools/util.c
@@ -136,9 +136,9 @@ void
El jue, 30-06-2011 a las 19:58 +0300, Thomas Grenman escribió:
Hi
It seems to me that the card (or the relevant applet) is programmed to
return 6A88 instead of 6A82. Just to be sure: what happens if you try
opensc-explorer and try to cd to any non-existent DF with debug on,
Yes, the
El jue, 30-06-2011 a las 20:58 +0200, Frank Morgner escribió:
On Thursday, June 30 at 07:08PM, Juan Antonio Martinez wrote:
In OpenDNIe[1] we had a similar problem: on SM establishment we need to
override default meaning of some error codes, to get a common SM error
and parse it. I solved
Playing with OpenDNIe on MacOSX 10.6 I found a nasty ¿bug?¿feature?:
Once the PIN is entered, the keychain layer remembers it forever :-(
By mean of a friend's report I found this link:
http://lists.apple.com/archives/apple-cdsa/2008/May/msg3.html
Cutpaste:
The smart card support code in
El mar, 07-06-2011 a las 17:38 +0300, Martin Paljak escribió:
Hello,
[...]
It would be nice to split some focus areas to people who would deal with
them on daily basis, like Windows, OSX, PKCS#11, Initialization, PKCS#15
conformance/libopensc core and set up separate builders for those
El jue, 02-06-2011 a las 20:34 +0200, Ludovic Rousseau escribió:
2011/6/2 Martin Paljak mar...@martinpaljak.net:
A question: how many current commiters don't yet use Git (and/or git-svn)
for OpenSC development?
I :-)
But I don't mind changing for Git.
Current SVN commiters would have
El vie, 06-05-2011 a las 16:43 +0200, Jean-Michel Pouré - GOOZE
escribió:
Le vendredi 06 mai 2011 à 17:24 +0300, Martin Paljak a écrit :
But daily smart card usage usually means using different applications.
OK. But shared mode does not work very well, especially with OpenSSH and
Iceweasel
El mar, 26-04-2011 a las 16:25 +0200, Jean-Michel Pouré - GOOZE
escribió:
Le mardi 26 avril 2011 à 16:38 +0300, Martin Paljak a écrit :
For the sake of purity, I don^t think that --list-public-keys should
display a fake public key object, which does NOT exist on the card in
relevant PKCS#15
El mar, 26-04-2011 a las 22:53 +0200, Juan Antonio Martinez escribió:
[...]
One option would be to remove public key files from emulation
(like the Estonian eID),
Perhaps I'll need some help: pkcs15-dnie.c just parses pkcs15 data
from card, and patches some file paths and ID's... no clear
El jue, 03-02-2011 a las 16:28 +0200, Martin Paljak escribió:
Hello,
On Jan 26, 2011, at 10:09 AM, Ludovic Rousseau wrote:
I just found the page SmartCardPKI [1] on the seek-for-android
project. The goal is to build OpenSC for Android. They provide a patch
[2] but I do not remember reading
El jue, 21-04-2011 a las 10:03 +0200, NdK escribió:
The problem I have is to read a file with an unknown length.
How is that possible? Aren't file sizes fixed at file creation time?
Have I missed something?
IIUC, when you issue a SELECT_FILE, you can see its size, too. I'm confused.
Sure:
Hi all:
In our development on OpenDNIe[1] We've writen a dnie-tool to get
extra, non pkcs15 related card info.
Martin proposed me to use eidenv tool as common tool to display these
extra data, and if requested setup environment for calling an external
application.
Studing eidenv code and how I
By mean of [1] we've compiled opensc for windows (no cardmod)
pkcs11 works fine, but I've found an strange behaviour with
opensc-tool -l:
- Once a card is inserted, Card present flag is set to
yes regardless the card is or not inserted in reader
- When using several readers, opensc-tool
Yes, sure.
By parsing EF(PukDF) and EF(PrivkDF) on Ceres and DNIe cards,
I've found that they uses to same EF to store public and private keys
( by storeing together modulus, public, and private exponent),
so direct retrieval of public keys (as pkcs15-tool --read-public-key
ID does) fails with
Using opensc from svn:
[jantonio@router opensc]$ src/tools/pkcs11-tool -lO
error: Failed to load pkcs11 module
Aborting.
Looking at src/pkcs11/pkcs11-tool.c seems that opt_module
variable is not properly initialized thus C_LoadModule
is called with NULL as module name...
Is a bug so strange
El mié, 09-03-2011 a las 10:29 +0100, Viktor TARASOV escribió:
Hello,
On 09.03.2011 09:39, jons...@terra.es wrote:
Trying to optimize DNIe card driver, I'd like to cache current df to avoid
extra select_file()'s
[...]
Also, I've noticed that sc_(un)lock() clears sc_card_cache. Is this
$ pkcs15-tool -k
Using reader with a card: SCM SCR 335 [CCID Interface] (504012DD) 00 00
Failed to connect to card: Unresponsive card (correctly inserted?)
-8--
Just issuing multiple times the same command (w/o touching the card or
the reader!) solves the issue.
That is interesting.
As the wrapper is used for built-in APDU ciphering and mac-ing, you should
instead propose a solution for the secure messaging infrastructure in
OpenSC
(ItaCNS, DNIe, IAS/ECC, Feitian have code that deals with it). As you use
builtin keys for only specific APDU-s this should be the
El jue, 17-02-2011 a las 16:50 +0100, Frank Morgner escribió:
On Monday, February 14 at 12:22PM, jons...@terra.es wrote:
In the testing process of OpenDNIe I've found a problem related with
concurrent
access to opensc-pkcs11 library.
(from a previous mail from Douglas)
Does the card
As you know, I've been working last 4 month with people at Cenatic[1]
in two areas:
1- Maintenance[2] of DGP's DNIe GPL OpenSC driver in synch with OpenSC
trunk and releases (0.11.13 and 0.12.0). At this moment Cenatic
repository contains an up-to-date, working driver under LGPL license.
In fact,
El lun, 07-02-2011 a las 23:58 +0100, Andre Zepezauer escribió:
On Fri, 2011-02-04 at 23:31 +0100, Juan Antonio Martinez wrote:
About visibility of certificates and keys patch, notice that
DNIe requires the user to enter pin for just read (neither
signature nor authentication) user
El jue, 03-02-2011 a las 23:58 +0100, Andre Zepezauer escribió:
There is a problem with reading of public keys and certificates. Try to
do it manually with opensc-explorer. If it fails with some error like
'security status not satisfied' then you can login via:
verify CHV1 31:32:33:34 (ID of
El mar, 01-02-2011 a las 20:18 +0100, Andre Zepezauer escribió:
Hello Juan Antonio,
On Mon, 2011-01-31 at 20:15 +0100, Juan Antonio Martinez wrote:
Any hint to start debugging?
If you are using opensc-trunk, then try this one:
Great!! works fine for me. Thanks a lot.
Please, commit patch
Hi all:
In my debugging process for the new Spanish DNIe LGPL card driver [1],
I've found a problem with pkcs11-tool -O: returns a warning about
invalid RSA public key size:
--
...
warning: PKCS11 function C_GetAttributeValue(MODULUS_BITS) failed: rv =
El lun, 03-01-2011 a las 13:01 +0100, Viktor TARASOV escribió:
Hi,
I propose to introduce the following short form to insert debug messages of
the 'normal' level.
Any objections?
Fine, but thinks that we need a way to get finer debug tuning:
Not sure... perhaps it's time for introduction
[ ... ]
Going for log4c or similar would IMHO be a total overkill,
as is implementing anything internal that is designed for RFU.
Focus should be on things related to smart cards, not logging :)
If you want debug logging, too much is better than too little
(you can always use grep). Under
FYI: Not sure if this is intentional, but some warnings are shown at
piv-tool.c
.
piv-tool.c: En la función ‘gen_key’:
piv-tool.c:252: aviso: exceso de elementos en el inicializador de struct
piv-tool.c:252: aviso: (cerca de la inicialización de ‘keydata’)
Offending line piv-tool.c#252
I've just published first bytes of Cenatic's (and mine) LGPL version of
Spanish DNIe OpenSC driver
svn checkout https://svn.forge.morfeo-project.org/opendnie/opendnie
It's in a very early stage: many functions needs to be completed, and
SM is only in skeleton. At this moment is a just compile.
El jue, 28-10-2010 a las 09:08 +0200, Peter Stuge escribió:
Juan Antonio Martinez wrote:
No need to change iso7816, just check for hooks in card driver
I'll think some way to encode this.
Attached comes my patch proposal
I've tried to be as less intrussive as posible
I think
Working in new code for DNIe card, I've found a problem:
sc_transmit_apdu() must be overriden to allow secure messaging
routine perform apdu wrapping when SM is on
I've coded a kind of virtual channel that hides SM issues from
my code. Every sc_transmit_apdu() call is translated into
El mar, 26-10-2010 a las 11:58 +0200, Peter Stuge escribió:
Juan Antonio Martinez wrote:
An ideal solution for me (and for the other people that is working
with SM cards) would be adding a new card operation
card_transmit_apdu(), that defaults in iso7816.c to
sc_transmit_apdu(), but can
El mar, 26-10-2010 a las 12:52 +0200, Juan Antonio Martinez escribió:
No need to change iso7816, just check for hooks in card driver
I'll think some way to encode this.
Attached comes my patch proposal
I've tried to be as less intrussive as posible
Comments, suggestions and blames
Some people here suggest that DBus could be a solution for asking user
to enter pin or confirm signature operation, as commonly done for 3G
modems and Bluetooth devices
Afaik, DBus is supported in Linux, windows[1], and MacOs[2]
So -in theory- is possible to get a general and portable solution
( As Spanish authorities finally said No-no to allow re-licensing GPL'd
DNIe code for inclusion in OpenSC, me an some others have started a
written-from-scratch OpenSC DNIe module. We are next to start writing
sm code... )
At lun, 11-10-2010 a las 09:56 +0300, Martin Paljak wrote:
[]
There
Hi all:
As you already know, Spanish authorities finally said no about the
possibility of re-licensing DNIe bits under LGPL for inclusion into
OpenSC.
So me and some others at spain have decided to start writing from
scratch a new OpenSC DNIe module under LGPL for inclusion into the
project.
El lun, 11-10-2010 a las 13:49 +0200, Ludovic Rousseau escribió:
Hello,
2010/10/11 Juan Antonio Martinez jons...@terra.es:
- What is the licensing politics for OpenSC modules?
* Need to assign copyright to OpenSC Project?
No
* Can we re-license as GPL for use outside the OpenSC scope
I've received a (final?) response from Direccion General de la Policía
(DGP) about a question I sent them about the posibility of
dual-licensing DNIe code under LGPL for inclusion into OpenSC:
---
En cuanto a sus observaciones
El lun, 21-06-2010 a las 15:13 +0200, Alejandro Vargas escribió:
2010/6/16 jons...@terra.es jons...@terra.es:
- Decide how to handle with private and non-published keys
in source code. Alternatively try to get permission from
DGP to publis our reverse-engineered keys
What about
El mié, 18-06-2008 a las 23:29 +0200, Michael Grünewald escribió:
Hello,
during work for a seminar about smartcards and linux I found pam_pkcs11,
which works really nice. But I think there is a major security issue in the
card_eventmgr/pkcs11_cardmgr configuration samples. The screensaver is
39 matches
Mail list logo
