Re: [opensc-devel] replacing libopensc/ui.[ch]

Helloo On Feb 3, 2010, at 09:09 , Andreas Jellinghaus wrote: > * I think get_pin code interacting with the user should be in the > tools/ directory, not part of a shared library or pkcs#11 module. > so I seperated that code. That's how it should be, yes. > * I removed all the other unused functi

Re: [opensc-devel] Add card minidriver base on trunk.

>a few comments from my side: >* please change all debug strings to english :) Of course it will be the case at end.. >* "opensccm" is a big cryptik, what about "cardmodule" or so? > (if it is in the opensc source code, we know it relates to opensc, > so no need to put "opensc" in the name) Ye

Re: [opensc-devel] Add card minidriver base on trunk.

Le 3 février 2010 09:33, François Leblanc a écrit : >>* I guess opensccm.c uses some template from microsoft? >>  please document in the file header to give credit where due. >>  Using a template of a published API for your own code is fine >>  I guess - no copyright/license issue here. Unless of

[opensc-devel] Fwd: Problems developing with Starcos 2.3

Thank you very much for your kind answers. 2010/1/27 Andreas Jellinghaus Hi Fernando, > > it is best to check the command line utilities like > "pkcs11-tool --test --login" to see if these is a general > problem. if there is not, you could use pkcs#11 spy > (pkcs11-spy.dll) and hook it between y

Re: [opensc-devel] Add card minidriver base on trunk.

>Please send us the licence.rtf so we can check it is LGPL compatible. > >Thanks Ok, join licence.rtf and other. François License.tar.bz2 Description: Binary data smime.p7s Description: S/MIME cryptographic signature ___ opensc-devel mailing list o

[opensc-devel] opensc-pkcs11.so displaying certs differently since opensc 0.11.10?

Hi, i use strongswan ontop of opensc to authenticate to firewalls for vpn- connections. All strongswan-versions have problems using opensc-pkcs11.so of opensc after rev3784 to authenticate with the firewall. opensc 0.11.12 also doesnt work. Installing rev3784 i can establish the connection, with

Re: [opensc-devel] Add card minidriver base on trunk.

Before you can download the CNG SDG you need a live.com/passport account, and sell your soul to microsoft or something like that. Mickey Mouse seems to have done that. inside the SDK there is only cardmod.h, but no example code for writing a cardmod or anything like that. So I guess François wro

Re: [opensc-devel] Add card minidriver base on trunk.

Andreas Jellinghaus wrote: > Before you can download the CNG SDG you need a live.com/passport > account, and sell your soul to microsoft or something like that. It requires looking around a bit, but it is possible to create a passport account using any email address. //Peter

Re: [opensc-devel] Add card minidriver base on trunk.

Am Mittwoch 03 Februar 2010 09:33:11 schrieb François Leblanc: > There are a lot of stuff to do to improve this module (documentation, key > Managing, writing card and so on) this why I need some help but I can't be > helped if nobody can't access the code so It's why I wish to put this base. > Mo

Re: [opensc-devel] opensc-pkcs11.so displaying certs differently since opensc 0.11.10?

Hi Christian, if opensc 0.11.12 doesn't work, does an older version of opensc work? can you create log files with both versions to see the differences. for example - pkcs11-spy log files - opensc-debug.log (debug=10) ? svn revision 3785 is a big merge, not sure how we can access the old trunk b

Re: [opensc-devel] Add card minidriver base on trunk.

Am Mittwoch 03 Februar 2010 10:37:37 schrieb François Leblanc: > >if you used some sample minicard driver template, > >we would need to mention that and have a look at > >its license. but the cng sdk contains nothing > >like that. if you used no template file, then > >there is absolutely no problem

Re: [opensc-devel] opensc-pkcs11.so displaying certs differently since opensc 0.11.10?

On Feb 3, 2010, at 11:15 , Christian Horn wrote: > Hi, > > > i use strongswan ontop of opensc to authenticate to firewalls for vpn- > connections. > All strongswan-versions have problems using opensc-pkcs11.so of opensc > after rev3784 to authenticate with the firewall. > opensc 0.11.12 also does

Re: [opensc-devel] Problems developing with Starcos 2.3

Thank you for your answer Viktor. 2010/2/2 Viktor TARASOV > Fernando Sanchez Chaparro wrote: > > Finally, I found how to solve my problem thank to your answers. I > > really appreciate the help I have received from this list. > > > > The problem was that I had initialized the smart card with onl

Re: [opensc-devel] Fwd: Problems developing with Starcos 2.3

>pkcs11-tool -L show me the slots but they are always empty. I've used my >application with the manufacturer libraries and it >works appropriately. So >I think my problem could be related to my opensc configuration. I didn't >modify the opensc.conf file >because i'm using a usual card supported by

Re: [opensc-devel] Add card minidriver base on trunk.

On Feb 3, 2010, at 12:02 , Andreas Jellinghaus wrote: > Am Mittwoch 03 Februar 2010 10:37:37 schrieb François Leblanc: >>> if you used some sample minicard driver template, >>> we would need to mention that and have a look at >>> its license. but the cng sdk contains nothing >>> like that. if you u

Re: [opensc-devel] Add card minidriver base on trunk.

Am Mittwoch 03 Februar 2010 11:50:38 schrieb Martin Paljak: > Things to think about: > > - Will it be part of OpenSC (a cross-platform smart card library) or a > platform specific plugin? - If yes, do we package it with > opensc-x.x.x.tar.gz? it would be fine with me to do that. > - If we incl

Re: [opensc-devel] Add card minidriver base on trunk.

On Feb 3, 2010, at 13:25 , Andreas Jellinghaus wrote: > Am Mittwoch 03 Februar 2010 11:50:38 schrieb Martin Paljak: >> Things to think about: >> >> - Will it be part of OpenSC (a cross-platform smart card library) or a >> platform specific plugin? - If yes, do we package it with >> opensc-x.x.x.ta

Re: [opensc-devel] Add card minidriver base on trunk.

>-Message d'origine- >De : Andreas Jellinghaus [mailto:a...@dungeon.inka.de] >Envoyé : mercredi 3 février 2010 12:26 >À : Martin Paljak >Cc : François Leblanc; opensc-devel@lists.opensc-project.org >Objet : Re: [opensc-devel] Add card minidriver base on trunk. (...) >> - I don't like

Re: [opensc-devel] Fwd: Problems developing with Starcos 2.3

Thank you very much for your answer. I have already solve my problem. The problem was that I had initialized the smart card with only the SO Pin, and therefore the opensc-pkcs11.dll didn't find any slot. Using the onepin profile (pkcs15-init -ECT -p pkcs15+onepin) now I can interact with the smart

Re: [opensc-devel] Add card minidriver base on trunk.

On Feb 3, 2010, at 13:50 , François Leblanc wrote: > Moreover keep in mind more use of opensc is done more usefull and longtime > the project will exist, > > So to give the possibility for all windows application using cryptographics > to use opensc is interesting... Sure, I know the case with w

Re: [opensc-devel] Add card minidriver base on trunk.

Am Mittwoch 03 Februar 2010 12:50:42 schrieb Martin Paljak: [putting card module in opensc source / tar.gz] > I'm not sure it would be the best and only option. so lets discuss alternatives. > It is not about different versioning or anything similar, it is about > packaging and source code organ

Re: [opensc-devel] Add card minidriver base on trunk.

>> > as far as I know both are too much involved in opensc internals to port >> > them to pkcs#11 api. >> >> You have the correct understanding. > >ok, thanks. I Will try to think about it. >> The question here is how the "feature" (pre-opened card handles) is >> implemented inside libopensc. T

Re: [opensc-devel] Add card minidriver base on trunk.

>Sure, I know the case with windows and BaseCSP and why the driver rocks, if finalized and why it is good and important. > >But the way it is included and integrated with the rest of OpenSC should be discussed. I don't like the idea of putting it >"on the same level" with libopensc and I don't lik

Re: [opensc-devel] Problems developing with Starcos 2.3

Fernando Sanchez Chaparro wrote: > Thank you for your answer Viktor. > > 2010/2/2 Viktor TARASOV > > > Fernando Sanchez Chaparro wrote: > > Finally, I found how to solve my problem thank to your answers. I > > really appreciate the help I have recei

Re: [opensc-devel] opensc-pkcs11.so displaying certs differently since opensc 0.11.10?

On Wed, Feb 03, 2010 at 12:04:11PM +0200, Martin Paljak wrote: > On Feb 3, 2010, at 11:15 , Christian Horn wrote: > > > > i use strongswan ontop of opensc to authenticate to firewalls for vpn- > > connections. > > All strongswan-versions have problems using opensc-pkcs11.so of opensc > > after rev

Re: [opensc-devel] Problems developing with Starcos 2.3

Am Mittwoch 03 Februar 2010 14:50:15 schrieb Viktor TARASOV: > In cryptoshop.com there is 'developer version of the StarCOS SPK 2.3'. > Is it similar to the card that your are using? Can this card be > initialized and used with OpenSC ? should be fine. I only have a "rainbow ikey 3000", but it con

Re: [opensc-devel] opensc-pkcs11.so displaying certs differently since opensc 0.11.10?

On Wed, Feb 03, 2010 at 10:56:01AM +0100, Andreas Jellinghaus wrote: > > if opensc 0.11.12 doesn't work, does an older version of opensc work? 0.11.9 works, 0.11.10 is broken for this. pinned down to rev3784, thats the last one working. Ontop everything but 3 files can be applied to still have it

Re: [opensc-devel] Problems developing with Starcos 2.3

Andreas Jellinghaus wrote: > Am Mittwoch 03 Februar 2010 14:50:15 schrieb Viktor TARASOV: > >> In cryptoshop.com there is 'developer version of the StarCOS SPK 2.3'. >> Is it similar to the card that your are using? Can this card be >> initialized and used with OpenSC ? >> > > should be fin

Re: [opensc-devel] Add card minidriver base on trunk.

On Feb 3, 2010, at 14:28 , Andreas Jellinghaus wrote: >> Consolidating platform components to the opensc svn is good, mungling it >> down the existing source structure not necessarily so good. > > the diffstat is: > configure.ac | 31 > etc/opensc.conf.in|

Re: [opensc-devel] Problems developing with Starcos 2.3

On Feb 3, 2010, at 17:34 , Viktor TARASOV wrote: > Should I use OpenCT? install ifdHandler from SafeNet? If you have an alternative driver than OpenCT, you can use it (and thus use it on non-linux platforms as well) "From where to get USB token drivers" should be written out clearly in the wiki

Re: [opensc-devel] opensc-pkcs11.so displaying certs differently since opensc 0.11.10?

Am Mittwoch 03 Februar 2010 16:02:22 schrieb Christian Horn: > On Wed, Feb 03, 2010 at 10:56:01AM +0100, Andreas Jellinghaus wrote: > > if opensc 0.11.12 doesn't work, does an older version of opensc work? > > 0.11.9 works, 0.11.10 is broken for this. so it has to be between 3715 and 3777. > pin

Re: [opensc-devel] Problems developing with Starcos 2.3

Am Mittwoch 03 Februar 2010 16:34:41 schrieb Viktor TARASOV: > Andreas Jellinghaus wrote: > > Am Mittwoch 03 Februar 2010 14:50:15 schrieb Viktor TARASOV: > >> In cryptoshop.com there is 'developer version of the StarCOS SPK 2.3'. > >> Is it similar to the card that your are using? Can this card be

Re: [opensc-devel] Problems developing with Starcos 2.3

Am Mittwoch 03 Februar 2010 16:41:12 schrieb Martin Paljak: > I only have epass3k and e-gate tokens. Any good tokens that speak CCID/ICCD > and cost less than 50€ and have a JavaCard or some other decent native OS > inside? Aladdin and Athena seem nice but the price tag is not OK for a > toy. w

Re: [opensc-devel] Problems developing with Starcos 2.3

Andreas Jellinghaus wrote: > Am Mittwoch 03 Februar 2010 16:34:41 schrieb Viktor TARASOV: > >> Andreas Jellinghaus wrote: >> >>> Am Mittwoch 03 Februar 2010 14:50:15 schrieb Viktor TARASOV: >>> In cryptoshop.com there is 'developer version of the StarCOS SPK 2.3'. Is it sim

Re: [opensc-devel] Add card minidriver base on trunk.

Am Mittwoch 03 Februar 2010 16:37:31 schrieb Martin Paljak: > > so the only variable I see is the placement of opensccm.c > > (and the name for it - "cardmod.c" is ok for you?). > > Yes. > > > in my opinion a single source file could be placed in a seperate > > directory. and we can either create

Re: [opensc-devel] Problems developing with Starcos 2.3

On Feb 3, 2010, at 17:52 , Andreas Jellinghaus wrote: > Am Mittwoch 03 Februar 2010 16:41:12 schrieb Martin Paljak: >> I only have epass3k and e-gate tokens. Any good tokens that speak CCID/ICCD >> and cost less than 50€ and have a JavaCard or some other decent native OS >> inside? Aladdin and Athe

[opensc-devel] PIN cache issue

Hi Martin, imho, in sc_pkcs15_pincache_entry it would be useful to include path and pin_reference. The first one is useful for the 'local' PINs, the second is useful when looking for the PIN cache that corresponds to some ACL byte. Maybe pin cache should be attached not to 'pkcs15_card', but to

Re: [opensc-devel] Problems developing with Starcos 2.3

Am Mittwoch 03 Februar 2010 17:27:17 schrieb Martin Paljak: > I also have SIM size readers but that's not the same as a sturdy > keychainable token. Probably the durability is the major piece in the > price tag. my experience with some tokens is not so good. if you do bad things every token bre

Re: [opensc-devel] Problems developing with Starcos 2.3

Andreas Jellinghaus wrote: what about the cyberflex tokens from axalto? I think they are still sold. They were discontinued some time ago, but some vendors still have a few in stock. Too bad, they and Cryptoflex were my favorite cards. Aladdin USB tokens are ok I guess. One problem with Alad

[opensc-devel] serial number of USB smart card adapters

Hi! We are developing an Open Source security token (based on the OpenPGP Card) which works as a smart card adapter. ( https://www.privacyfoundation.de/crypto_stick/ ) We discovered that Windows seems to cache each USB smart card adapter (probably each USB device) which was once connected to the s

Re: [opensc-devel] serial number of USB smart card adapters

On Feb 3, 2010, at 20:31 , Crypto Stick wrote: > according to its serial number noted in USB interface. To avoid privacy > issues due to this behaviour we would like to replace the individual USB > serial number of the Crypto Stick with a generic one (e.g. ...). I > am wondering if this might r

Re: [opensc-devel] Problems developing with Starcos 2.3

2010/2/3 Andreas Jellinghaus : > Am Mittwoch 03 Februar 2010 17:27:17 schrieb Martin Paljak: >> I also have SIM size readers but that's not the same as a sturdy >>  keychainable token. Probably the durability is the major piece in the >>  price tag. > > my experience with some tokens is not so good

Re: [opensc-devel] PIN cache issue

On Feb 3, 2010, at 18:41 , Viktor TARASOV wrote: > Maybe pin cache should be attached not to 'pkcs15_card', but to the PIN > 'pkcs15_object' ? > In object info there are path, reference, flags, ... Why not. If objects get destroyed and don't leak it would probably be as good. -- Martin Paljak h

Re: [opensc-devel] Problems developing with Starcos 2.3

Am Mittwoch 03 Februar 2010 20:17:09 schrieb Martin Paljak: > I really would like to have something that would withstand my usage > (be waterproof and mudproof, withstand being in a keyring with keys > etc) but at the same time be standards compliant (CCID) and have a > reasonably good chip inside.

Re: [opensc-devel] Problems developing with Starcos 2.3

On Feb 3, 2010, at 21:31 , Andreas Jellinghaus wrote: >> Can't remember how it was with the 1.0/1.1 card, which I still have >> (but it got locked up a long time ago). V2.0 supports x509 >> certificates. > > ah, nice. does opensc support the new cards too? No. http://www.opensc-project.org/opens

Re: [opensc-devel] serial number of USB smart card adapters

Hi Jan, my experience is this: the usb level serial number is ignored. the pkcs#15 structure can contain a serial number, and opensc can print it. but usualy that is ignored too. the certificate and the rsa private key are the important parts, and if the certificate matches something (e.g. can b

Re: [opensc-devel] Problems developing with Starcos 2.3

Am Mittwoch 03 Februar 2010 19:24:16 schrieb Jim Rees: > Andreas Jellinghaus wrote: > > what about the cyberflex tokens from axalto? I think they are still sold. > > They were discontinued some time ago, but some vendors still have a few in > stock. Too bad, they and Cryptoflex were my favorit

Re: [opensc-devel] Add card minidriver base on trunk.

Andreas Jellinghaus wrote: > > The header can not be included in the package for > > licensing reasons? > > yes, microsoft doesn't license it for distribution. that is stupid, > but well... it should be part of the plattform SDK too, Are you sure that the file is not one of the files in the SDK

Re: [opensc-devel] serial number of USB smart card adapters

Andreas Jellinghaus wrote: > > Do you assume any problems with a generic USB serial number especially > > when using the stick (or several sticks at the same time) with OpenSC? .. > I guess that isn't done and a missing serial is not a big issue. >From a USB point-of-view, it is a disaster to have

Re: [opensc-devel] Add card minidriver base on trunk.

Am Mittwoch 03 Februar 2010 21:18:51 schrieb Peter Stuge: > Are you sure that the file is not one of the files in the SDK which > are in fact freely re-distributable? There is a list of files in the > SDK which can be re-distributed. The header file is in Includes/. The list of files you may distr

Re: [opensc-devel] Problems developing with Starcos 2.3

Andreas Jellinghaus wrote: hmm. is that new? the resellers I know did sell etokens fine, even if I wanted to buy only one or two and no software. It could just be my vendor. We are encouraged to use CDW. ___ opensc-devel mailing list opensc-deve

Re: [opensc-devel] serial number of USB smart card adapters

Wouldn't it be possible to have random numbers? - Original Message - From: "Peter Stuge" To: Sent: Wednesday, February 03, 2010 21:34 Subject: Re: [opensc-devel] serial number of USB smart card adapters Andreas Jellinghaus wrote: > > Do you assume any problems with a generic USB seria

[opensc-devel] replace getpass?

man getpass: This function is obsolete. Do not use it. also this function reads from /dev/tty. why? it would be much easier if it read from stdin, so we can passwords from a script. (command line options are visible to other users and stay in the shell history file, so putting a secret pin

Re: [opensc-devel] Add card minidriver base on trunk.

Hello, >ok. hmm, but if we create an extra dll for the card module, the >original name "opensccm" might be better. move the file >to "cardmod/opensccm.c" and create "opensccm.dll"? >is that ok for you. Ok, to be more clear I suggest "opensc-cardmod.dll"... >> dll-s are OK if they have a purpo

Re: [opensc-devel] [opensc-commits] svn opensc changed[3994] fold ui.c/h into pkcs15-init.

On Feb 4, 2010, at 08:33 , webmas...@opensc-project.org wrote: > Revision: 3994 > Author: aj > Date: 2010-02-04 06:33:33 + (Thu, 04 Feb 2010) > > Log Message: > --- > fold ui.c/h into pkcs15-init. Shouldn't this code be put into util.c and used by pkcs15-tool and pkcs15-crypto

Re: [opensc-devel] opensc-pkcs11.so displaying certs differently since opensc 0.11.10?

On Wed, Feb 03, 2010 at 04:46:02PM +0100, Andreas Jellinghaus wrote: > Am Mittwoch 03 Februar 2010 16:02:22 schrieb Christian Horn: > > > pinned down to rev3784, thats the last one working. > > doesn't help much. 3785 is a huge merge of trunk into branches/martin/0.12. Maybe this helps in nearin

Re: [opensc-devel] Add card minidriver base on trunk.

On Feb 4, 2010, at 09:38 , François Leblanc wrote: > So I plan to: > > - Move libopensc/opensccm.c to cardmod/cardmod.c -> build opensc-cardmod.dll Perfect. > - Update code to transmit SCARDHANDLE and SCARDCONTEXT by "env" to > reader-pcsc.c I'm not saying that the environment variable approach i

Re: [opensc-devel] replace getpass?

Won't work for Windows, you need to handle this and none interactive run as well. Anyway, I did not find any replacement to getpass() so I keep using it. On Thu, Feb 4, 2010 at 9:38 AM, Andreas Jellinghaus wrote: > > man getpass: >       This function is obsolete.  Do not use it. > > also this f

Re: [opensc-devel] serial number of USB smart card adapters

Am 03.02.2010 21:50, schrieb Anders Rundgren: > Wouldn't it be possible to have random numbers? Yes, this is indeed at possible solution but over time on Windows this might result in a lot of cached information for each time the (same) stick is connected. We should investigate this caching mechani