Hi,
I modified entersafe.profile, increased some index files' size, now it
supports up to 9 RSA + X.509 certificates.
here is the patch:
Index: src/pkcs15init/entersafe.profile
===
--- src/pkcs15init/entersafe.profile(revision 5
On Sun, 20 Feb 2011 18:57:14 +0800, Martin Paljak
wrote:
Hello,
On Feb 20, 2011, at 10:59 AM, Jean-Michel Pouré - GOOZE wrote:
Le vendredi 18 février 2011 à 13:59 +0800, Xiaoshuo Wu a écrit :
I've added SC_PIN_CMD_GET_INFO handling in entersafe_pin_cmd(),
C_GetTokenInfo() will ge
Hi,
I've added SC_PIN_CMD_GET_INFO handling in entersafe_pin_cmd(),
C_GetTokenInfo() will get PIN retries now, you can run "pkcs11-tool
--test-hotplug" to see if PIN is locked.
Regards, Xiaoshuo
trunk.5121.pin_tries_left.diff
Description: Binary data
_
On Mon, 10 Jan 2011 16:50:37 +0800, Viktor TARASOV
wrote:
> On 09.01.2011 12:41, Martin Paljak wrote:
>>> Proprietary card dump:
>>>
>>> PKCS#15 Card [Gooze ]:
>>> Version: 0
>>> Serial number : 0834493916261110
>>> Manufacturer ID: www.ftsafe.com
On Wed, 30 Jun 2010 14:11:17 +0800, Josef Windorfer
wrote:
> What I want to know is which hash algorithm is used? (e.g. sha1, md5,
> ...)
IMHO it's a chained des algorithm, not HMAC, so there is no specific hash
algorithm used.
___
opensc-devel ma
On Tue, 29 Jun 2010 20:03:36 +0800, Josef Windorfer
wrote:
>> In this case, the MAC is generated by the key "trans_code_ftcos_pk_01c",
>> and the iv(card generated random number).
The iv is different each time.
> With source code and log I found out that the mechanism for the mac is
> cbc-de
On Thu, 17 Jun 2010 19:59:12 +0800, Josef Windorfer
wrote:
> Hi,
>
> i have a feitian pki smart card. I initialise the smart card with
> pkcs15-init --create-pkcs15.
> For all actions the computer sends the GET CHALLENGE command and the
> card returns 8 bytes. After this the computer sends 4 by
On Wed, 09 Jun 2010 19:13:18 +0800, Martin Paljak
wrote:
> This makes sense, with the exception that if it is possible to change
> PIN flags afterwards, it should be possible the set them via command
> line when creating the PIN as well. I'm a bit lost now how this relates
> to profile in
Hello,
When not using "--pin" option in "pkcs15-init -C" command, it will ask for
PIN more than once, so I add the PIN to pincache once it is created.
Here attach the patch, it also remove some unnecessary code.
Regards, Xiaoshuo
trunk.4390.entersafe_fix.diff
Description: Binary data
_
On Thu, 27 May 2010 17:13:15 +0800, Viktor TARASOV
wrote:
Jean-Michel Pouré - GOOZE wrote:
On Thu, 2010-05-27 at 10:32 +0200, Viktor TARASOV wrote:
That's what I would suggest.
Okay. Too bad for users!!!
...
You mean to use the cards initialized with opensc-0.11.13 with the
current
On Wed, 26 May 2010 21:00:52 +0800, Viktor TARASOV
wrote:
> In fact, initialization of Feitian card has been changed --
> it was discussed in thread 'C_SignFinal fails when using a pinpad
> reader':
>
Thank you.
Since entersafe driver only use one pin/puk(sopin) pair, I think we can
add "lo
On Mon, 24 May 2010 23:18:59 +0800, Douglas E. Engert
wrote:
> I do not have any entersafe cards, but looking at the dump and code it
> looks
> like it wrote out the RSA private key. You need an entersafe card expert
> to
> see if it wrote the correct data and if when the code tries to use
On Fri, 21 May 2010 02:41:21 +0800, Andreas Jellinghaus
wrote:
> It would be great if the entersafe driver could be improved
> to the point, where src/test/regression/ test suite works
> with the cards. The test suite provides a very good way for
> us to test many different card features, and m
On Fri, 07 May 2010 18:36:39 +0800, Jan Just Keijser
wrote:
More information for the Feitian folks: I also tried the driver bundle
from the ftsafe website but it only supports the SCR200 card reader, not
the 301 ; what was/am I doing wrong there?
Thank you for testing Feitian products, AFAIK SC
Hello,
Thanks to OpenSC developers and my colleagues' help, I managed to get a
new card supported.
I attached a bzip2 compressed patch, it includes following changes:
1.Support PK/13C, a new Feitian PKI card;
Add three driver file "es_pk13c.profile", "pkcs15-es_pk13c.c" and
"card-es_pk13c.c"
On Sun, 25 Apr 2010 01:43:54 +0800, Viktor TARASOV
wrote:
> Try r4265.
>
Way ahead of me. It works fine, thank you very much!
Seems tmp_path obtained in
http://www.opensc-project.org/opensc/browser/trunk/src/pkcs15init/pkcs15-lib.c?rev=4265#L2811
is not used. I guess this line is to insta
On Thu, 22 Apr 2010 18:55:36 +0800, Viktor TARASOV
wrote:
> One more moment,
> your 'card->caps' should not have SC_CARD_CAP_USE_FCI_AC.
>
> Look at
> http://www.opensc-project.org/opensc/browser/trunk/src/pkcs15init/pkcs15-lib.c#L3063
Sure, I remember that.
__
On Thu, 22 Apr 2010 17:09:37 +0800, Viktor TARASOV
wrote:
> Actually there is no way to update certificates for the cards that do
> not returns ACLs at file selection.
That's sensible.
> The 'sc_pkcs15init_update_certificate' should be modified; it has to
> instantiate certificate file from th
On Wed, 24 Feb 2010 15:34:40 +0800, Andreas Jellinghaus
wrote:
> but I'm still not sure: does this fix a general bug in T0 implementation
> that affects all readers? Or is this a special case for entersafe only?
Sorry for this late reply:
I think that card returns data instead of 61XX is not sp
On Sun, 21 Feb 2010 23:48:58 +0800, Viktor TARASOV
wrote:
> It's looks like the initial content of the newly created file is random
> bytes.
Yes, and I've seen the change in r4047, now it is not random, thank you!
___
opensc-devel mailing list
opensc-
On Sat, 20 Feb 2010 19:41:41 +0800, Andreas Jellinghaus
wrote:
> lets see what everyone else thinks about this, I don't know the
> code well enough myself.
Sorry, I missed something in my first patch, here is the new one:
Index: src/ifd/ifd-epass3k.c
===
Hello,
my colleges and I have been making ePass3000 USB key work with OpenCT.
We found out that new ePass3000 hardware returns data instead of 61XX(to
indicates the number of response bytes still available), so we modified
OpenCT to handle it.
Then sc_pkcs15init_parse_info() could not parse th
On Fri, 19 Feb 2010 23:10:27 +0800, Viktor TARASOV
wrote:
> Hi,
>
> any objections if the following patch would be commited ?
>
> http://www.opensc-project.org/pipermail/opensc-commits/2010-February/008386.html
>
> Kind wishes,
> Viktor.
>
>
Thank you for fixing it, Viktor.
And thank all of you
On Mon, 18 Jan 2010 18:55:56 +0800, Aktiv Co. Aleksey Samsonov
wrote:
> Please see patch in
> http://www.opensc-project.org/pipermail/opensc-devel/2009-November/012863.html
> for interim measures.
That's more subtle, more preferable, I saw its been partly applied in
OpenSC, thank you all!
__
On Sun, 17 Jan 2010 20:36:53 +0800, Xiaoshuo Wu
wrote:
I'd like to hear your plan for these changes so as to help me fix this.
I recovered cache_pin() in rev 3783, renamed it add_pins_to_keycache() and
had some adjustment. When login/change PIN/init PIN/create object
successful, we
Dear Martin:
In my early post(see
http://www.opensc-project.org/pipermail/opensc-user/2009-December/003511.html),
I got this command failed in latest OpenSC version:
pkcs11-tool -a "key.txt" -y data -w ./key.txt --private -l
IMHO, it is likely because of the empty add_pins_to_keycache()
impl
On Mon, 11 Jan 2010 22:17:09 +0800, Martin Paljak
wrote:
Is pkcs15-init fully working? Or is it a Feitian card issue or me not
fully understanding what is possible to do?
pkcs15-init is fully working. The failing assert comes from entersafe
(feitian) driver code.
Thank you for reporting th
On Sat, 09 Jan 2010 19:00:10 +0800, Jean-Michel Pouré wrote:
> I received a couple of recent Feitian PKI smartcards for testing.
> It seems that the PKI smartcard has a new ATR, very similar to
> FTCOS/PK-01C:
>
> opensc-tool --atr
> Using reader with a card: Feitian SCR301 00 00
> 3b:9f:95:81:31
28 matches
Mail list logo
