|
List Info Thread: Muscle card support for OpenSC - solved this problem
[1-3]
|
||||||||||||||||||||||||||||
|
about | contact Other archives ( Real Estate discussion Medical topics ) |
||||||||||||||||||||||||||||
Muscle card support for OpenSC - solved this problem |
|
List Info Thread: Muscle card support for OpenSC - solved this problem
[1-3]
|
||||||||||||||||||||||||||||
|
about | contact Other archives ( Real Estate discussion Medical topics ) |
||||||||||||||||||||||||||||
dseven.org> wrote:
>
>>
>> Dejan Gambin wrote on 08/15/06 01:49 PM:
>>> Hi,
>>>
>>> I have been able to solve the problem with
muscle_create_file using
>>> the following:
>>>
>>> - instead of calling mscfs_lookup_local(fs,
file->id,
>>> (u8*)&objectId); I have put:
>>> objectId[0] = fs->currentPath[0];
>>> objectId[1] = fs->currentPath[1];
>>> objectId[2] = (file->id >> 8) &
0xFF;
>>> objectId[3] = file->id & 0xFF;
>>>
>>> and after that modified the call to
msc_create_object to: r =
>>> msc_create_object(card,
bebytes2ulong(objectId), objectSize, read,
>>> write, delete); If I can see,
muscle_create_directory is doing the
>>> similat thing. I don't know if this is the
error but this works for
>>> me on Windows...
>> Folks,
>>
>> Did y'all get to the bottom of this yet? I just ran
into the same
>> problem trying to use a MuscleCard with OpenSC (SVN
trunk) on Solaris
>> x86. I applied Dejan's modification (above), and
the "File not found"
>> problem went away, apparently allowing the PKCS#15
creation to
>> succeed:
>>
>> ~ % pkcs15-init --verbose --create-pkcs15 --profile
pkcs15+onepin
>> --pin 00000000 --so-pin 00000000 --so-puk 00000000
>> Connecting to card in reader SCM SCR 3310
(21120519102745) 00 00...
>> Using card driver Muscle Card Driver.
>> About to create PKCS #15 meta structure.
>> Unspecified PIN [reference 1] required.
>> Please enter Unspecified PIN [reference 1]:
>> ~ % pkcs15-tool --list-pins
>> PIN [User PIN]
>> Com. Flags: 0x3
>> ID : 01
>> Flags : [0x10], initialized
>> Length : min_len:4, max_len:8,
stored_len:8
>> Pad char : 0x00
>> Reference : 1
>> Type : ascii-numeric
>> Path : 3f005015
>>
>> ~ %
>>
>>
>> Now I'm running into an issue when trying to do
key-related stuff -
>> like generate a key-pair, or inject a PKCS#12 file:
>>
>> ~ % pkcs15-init -G rsa/1024 -a 01 -u
digitalSignature --so-pin
>> 00000000 --pin 00000000
>> unable to transmit
>> unable to transmit APDU
>> muscle.c:199:: APDU transmit failed: Transmit
failed
>> muscle.c:225:: Error in partial object update:
Transmit failed
>> card.c:513:: returning with: Transmit failed
>> Failed to generate key: Transmit failed
>> ~ %
>>
>>
>> In the output from pcscd, I see:
>>
>> commands.c:1039:() Command too long (260 bytes) for
max: 253 bytes
>> ifdwrapper.c:735:() Card not transacted: 612
>> winscard.c:1481:() Card not transacted: 0x80100016
>>
> Attached is a gzipped patch that includes Dejan's fix
as well as makes
> the majority of the APDU's that the driver uses of a
more customizable
> length... As opposed to static magic numbers.
> There's also some extra fixes in the PIN command code
so that more
> validation is made.
>
> Please let me know if it fixes the problem... I reduced
the maximum
> payload by 10 bytes (255 -> 245) which should fix
your problem with a
> little room to spare for other reader
incompatibilities.
>
> My next patch will build on this to replace the mixed
up object ID
> system to a simpler straightforward one which will
hopefully reduce the
> confusion on where swaps need to occur (since none will
need to be
> made..)
>
> New struct:
> struct msc_objid -> msc_objid_t
> New functions:
> sc_path_to_msc_objid(msc_objid*, sc_path*)
> msc_objid_to_sc_path(sc_path*, msc_objid*)
>
> msc_objid's will be passed by value (except in the
conversion
> functions) since they will only be 4 bytes long.
Hi Thomas,
Do you have a more recent patch?
I'm trying to use the SVN trunk source, with your earlier
patch, and
I've had success with Cyberflex Access 64k V1 and Cosmo V5.2
cards, but
I'm having a problem with an older Cyberflex Access 32k V2
SM7.2 card
(yes, I know it's old and decrepit, but I've been able to
use these
cards with the MUSCLE framework before). I've tried various
combinations
of sizing the applet instance and object store, but nothing
seems to
help...
~Iain
# pkcs15-init -C -p pkcs15+onepin --pin 00000000 --puk
00000000
Unspecified PIN [reference 1] required. Please enter
Unspecified PIN
[reference 1]:
# pkcs15-init -vvvvvv -S dseven.p12 -f PKCS12 -a 01 --pin
00000000
sc.c:196:: called sc.c:201:: returning with: 1
Connecting to card in reader SCM SCR 3310 (21120519102755)
00 00...
card.c:110:: called
Requesting reader features ...
matching configured ATRs
matching built-in ATRs
trying driver: muscle
apdu.c:504:: called
card.c:291:: called
card.c:311:: called
matched: Muscle Card Driver
autodetecting CLA byte
trying with 0x00
apdu.c:504:: called
card.c:291:: called
card.c:311:: called
trying with 0xC0
apdu.c:504:: called
card.c:291:: called
card.c:311:: called
trying with 0xB0
apdu.c:504:: called
card.c:291:: called
card.c:311:: called
got strange SWs: 0x6D 0x00
detected CLA byte as 0xB0
SELECT FILE returned 0 bytes
card info: Muscle Card, -1, 0x3
card.c:222:: returning with: 0
Using card driver Muscle Card Driver.
card.c:291:: called
card.c:667:: called
card_ctl(4) not supported
called; type=2, path=3f0050154946
apdu.c:504:: called
card.c:311:: called
apdu.c:504:: called
card.c:311:: called
apdu.c:504:: called
card.c:311:: called
apdu.c:504:: called
card.c:311:: called
apdu.c:504:: called
card.c:311:: called
apdu.c:504:: called
card.c:311:: called
apdu.c:504:: called
card.c:311:: called
card-muscle.c:416:: returning with: 0
card.c:553:: returning with: 0
called; 128 bytes at index 0
READ: Offset: 0 Length: 128
apdu.c:504:: called
apdu.c:504:: called
card.c:311:: called
card.c:311:: called
card-muscle.c:199:: returning with: 128
card.c:429:: returning with: 128
Trying profile file
/opt/ITsmartcard/share/opensc/pkcs15.profile
profile /opt/ITsmartcard/share/opensc/pkcs15.profile loaded
ok
Trying profile file
/opt/ITsmartcard/share/opensc/muscle.profile
profile /opt/ITsmartcard/share/opensc/muscle.profile loaded
ok
pkcs15.c:684:: called
trying normal pkcs15 processing
called; type=2, path=3f002f00
card-muscle.c:416:: returning with: 0
card.c:553:: returning with: 0
called; 128 bytes at index 0
READ: Offset: 0 Length: 128
apdu.c:504:: called
apdu.c:504:: called
card.c:311:: called
card.c:311:: called
card-muscle.c:199:: returning with: 128
card.c:429:: returning with: 128
called, left=128, depth 0
Looking for 'dirRecord', tag 0x11000001
decoding 'dirRecord'
called, left=28, depth 1
Looking for 'aid', tag 0x1000000f
decoding 'aid'
Looking for 'label', tag 0x10000010, OPTIONAL
decoding 'label'
Looking for 'path', tag 0x10000011, OPTIONAL
decoding 'path'
Looking for 'ddo', tag 0x11000013, OPTIONAL
not present
asn1.c:1123:: returning with: 0
asn1.c:1123:: returning with: 0
called, left=98, depth 0
called; type=2, path=3f005015
card-muscle.c:416:: returning with: 0
card.c:553:: returning with: 0
called; type=2, path=3f0050155031
card-muscle.c:416:: returning with: 0
card.c:553:: returning with: 0
called; 256 bytes at index 0
READ: Offset: 0 Length: 245
apdu.c:504:: called
apdu.c:504:: called
card.c:311:: called
card.c:311:: called
READ: Offset: f5 Length: 11
apdu.c:504:: called
apdu.c:504:: called
card.c:311:: called
card.c:311:: called
card-muscle.c:199:: returning with: 256
card.c:429:: returning with: 256
called, left=256, depth 0, choice
Looking for 'privateKeys', tag 0x21000000, CHOICE
not present
Looking for 'publicKeys', tag 0x21000001, CHOICE
not present
Looking for 'trustedPublicKeys', tag 0x21000002, CHOICE
not present
Looking for 'secretKeys', tag 0x21000003, CHOICE
not present
Looking for 'certificates', tag 0x21000004, CHOICE
not present
Looking for 'trustedCertificates', tag 0x21000005, CHOICE
not present
Looking for 'usefulCertificates', tag 0x21000006, CHOICE
not present
Looking for 'dataObjects', tag 0x21000007, CHOICE
not present
Looking for 'authObjects', tag 0x21000008, CHOICE
decoding 'authObjects'
called, left=10, depth 1
Looking for 'path', tag 0x1000010
decoding 'path'
called, left=8, depth 2
Looking for 'path', tag 0x4
decoding 'path'
Looking for 'index', tag 0x2, OPTIONAL
not present
Looking for 'length', tag 0x20000000, OPTIONAL
not present
asn1.c:1123:: returning with: 0
asn1.c:1123:: returning with: 0
asn1.c:1122:: returning with: 8
called, left=244, depth 0, choice
The following DFs were found:
DF type 8, path 3f0050154401, index 0, count -1
called; type=2, path=3f0050155032
card-muscle.c:416:: returning with: 0
card.c:553:: returning with: 0
called; 128 bytes at index 0
READ: Offset: 0 Length: 128
apdu.c:504:: called
apdu.c:504:: called
card.c:311:: called
card.c:311:: called
card-muscle.c:199:: returning with: 128
card.c:429:: returning with: 128
called, left=128, depth 0
Looking for 'TokenInfo', tag 0x1000010
decoding 'TokenInfo'
called, left=55, depth 1
Looking for 'version', tag 0x2
decoding 'version'
Looking for 'serialNumber', tag 0x4, OPTIONAL
decoding 'serialNumber'
Looking for 'manufacturerID', tag 0xc, OPTIONAL
decoding 'manufacturerID'
Looking for 'label', tag 0x20000000, OPTIONAL
decoding 'label'
Looking for 'label-tw', tag 0x21000000, OPTIONAL
not present
Looking for 'tokenflags', tag 0x3
decoding 'tokenflags'
Looking for 'seInfo', tag 0x1000010, OPTIONAL
not present
Looking for 'recordInfo', tag 0x21000001, OPTIONAL
not present
Looking for 'supportedAlgorithms', tag 0x21000002, OPTIONAL
not present
Looking for 'issuerId', tag 0x20000003, OPTIONAL
not present
Looking for 'holderId', tag 0x20000004, OPTIONAL
not present
Looking for 'lastUpdate', tag 0x20000005, OPTIONAL
decoding 'lastUpdate'
Looking for 'preferredLanguage', tag 0x13, OPTIONAL
not present
asn1.c:1123:: returning with: 0
asn1.c:1123:: returning with: 0
card.c:311:: called
Found MUSCLE
About to store private key.
error:23076071:PKCS12 routines:PKCS12_parse:mac verify
failure
Please enter passphrase to unlock secret key:
Importing 1 certificates:
0: /SN=MacDonnell/GN=Iain/CN=Iain
MacDonnell/emailAddress=Dseven