that's a very interesting patch !
I've been trying to get a similar eToken PRO (32K) to work and ended up
using the Aladdin RTE software. My eToken PRO also lists '4.2B' but the
problem lies/lied with the OS version
OS Version: 200.9 (unknown Version)
with your patch the 'opensc-tool' and
Hi Jan,
Jan Just Keijser wrote:
that's a very interesting patch !
I've been trying to get a similar eToken PRO (32K) to work and ended up
using the Aladdin RTE software. My eToken PRO also lists '4.2B' but the
problem lies/lied with the OS version
OS Version: 200.9 (unknown Version)
Hi Eddy,
hmmm I was hoping to get cross-platform cross-software pkcs11 support to
work. However, pkcs15-init also fails on me, BTW:
./pkcs15-init -C -v -v -v
[pkcs15-init] sc.c:196:sc_detect_card_presence: called
[pkcs15-init] reader-openct.c:207:openct_reader_detect_card_presence: called
Mmhhh... didn't you say previously that you were using an eToken Pro
32K? It recognizes it as 64K??? Guess there must be something wrong in
that case... Can you confirm the token type and version?
Jan Just Keijser wrote:
Hi Eddy,
hmmm I was hoping to get cross-platform cross-software pkcs11
yes it's an eToken PRO 32K ; I've always seen this thing reported by
OpenSC as a 64k card but I figured this was due to bad support for these
cards.
./cardos-info -v -v -v
Connecting to card in reader Aladdin eToken PRO 64k...
Using card driver Siemens CardOS.
Info : CardOS V4.2B (C) Siemens
Jan Just Keijser wrote:
yes it's an eToken PRO 32K ; I've always seen this thing reported by
OpenSC as a 64k card but I figured this was due to bad support for these
cards.
Nope...that's simply wrong. Another call for Nils ;-)
Guess we'll need another debugging session here...
Eddy Nigg (StartCom Ltd.) wrote:
Hi Jan,
Jan Just Keijser wrote:
that's a very interesting patch !
I've been trying to get a similar eToken PRO (32K) to work and ended up
using the Aladdin RTE software. My eToken PRO also lists '4.2B' but the
problem lies/lied with the OS version
OS
Douglas E. Engert wrote:
Sounds like a emulation routine could be writen. Has anyone looked
at that? I would assume you would want to use the same certificates
as used with Windows and the vendor's other software.
One could maybe receive the relevant docs from Aladdin, but to all of my
the reason we started looking at eToken's was to make grid access
*easier*, not harder ;-)
(see
http://www.nikhef.nl/pub/projects/grid/gridwiki/index.php/Using_an_Aladdin_eToken_PRO_to_store_grid_certificates
for a writeup on how to use Aladdin's RTE software to access eToken's
from Linux)
Eddy Nigg (StartCom Ltd.) wrote:
Douglas E. Engert wrote:
Sounds like a emulation routine could be writen. Has anyone looked
at that? I would assume you would want to use the same certificates
as used with Windows and the vendor's other software.
One could maybe receive the relevant docs
So in your case, would you be willing to convert to using an all OpenSC
solution, dropping the use the the Aladdin's RTE software? But what is
the (commercial) GUI on Windows. What does it do for you user's that
OpenSC on Windows can not do? Is this a missing CSP?
Jan Just Keijser wrote:
the
On 6/11/07, Ludovic Rousseau [EMAIL PROTECTED] wrote:
This new version contains the patches from RedHat to use NSS instead
of OpenSSL and many other improvements they made. See the
ChangeLog.svn file for an exhaustive list.
Hi!
Great!
I am curios, why did you switch to NSS?
BTW: We can
Alon Bar-Lev wrote:
On 6/11/07, Ludovic Rousseau [EMAIL PROTECTED] wrote:
This new version contains the patches from RedHat to use NSS instead
of OpenSSL and many other improvements they made. See the
ChangeLog.svn file for an exhaustive list.
Hi!
Great!
I am curios, why did you
Cornelius Kölbel wrote:
Hi,
unfortunately I guess at the moment it will not make it easier for your
users. The integration of smartcards is not seamless into any linux
distribution yet.
Even if all opensc software is installed and your token/smartcard is
recognized, the user will still have
Thanks!
NSS seems to be overkill for most requirements...
But I understand the maintenance argument, but I don't think
maintaining NSS is simpler thank OpenSSL... :)
BTW: Slotevents and multi provider is offered by pkcs11-helper as
well, so solution may be much simpler :)
Best Regards,
Alon
I did not get any comments back on my note from 6/8 but have some
more information. on the same subject.
Looking at framework-pkcs11.c, it looks like there is a bug in the
handling of auth_count, if there is more then one pin, and one
of the pins is a SC_PKCS15_PIN_FLAG_SO_PIN
The for loop at
Jan Just Keijser wrote:
Hi Eddy,
hmmm I was hoping to get cross-platform cross-software pkcs11 support to
work. However, pkcs15-init also fails on me, BTW:
./pkcs15-init -C -v -v -v
[pkcs15-init] sc.c:196:sc_detect_card_presence: called
[pkcs15-init]
Hi Nils,
this is with Eddy's patch; before that I was never able to get this far ;-)
also, I can dump the contents of my etoken now using
./opensc-tool -f
and even a 'get' a file using opensc-explorer seems to work now, except
for the fact that I don't know what type of file it actually gets
Jan Just Keijser wrote:
Hi Nils,
this is with Eddy's patch; before that I was never able to get this far ;-)
also, I can dump the contents of my etoken now using
./opensc-tool -f
and even a 'get' a file using opensc-explorer seems to work now, except
for the fact that I don't know what
On Mon, Jun 11, 2007 at 08:22:34PM +0200, Jan Just Keijser wrote:
However, before a fully-opensc solution works I would have to make
sure that
- initializing our etokens works, including setting of a
non-default SOPIN
- generating and storing X509 certificates works
- integration with
Jan Just Keijser wrote:
Right now I've got it boiled down to
- install a single RPM (for RHEL4, Fedora Core 5/6, OpenSuSE 10.x) or
install one or two .deb packages on Debian or Ubuntu
- follow instructions on how to add the libetpkcs11.so module to Firefox
and/or Thunderbird
this seems to
21 matches
Mail list logo
