[EMAIL PROTECTED] tools]$ ./opensc-tool -a Connecting to card in reader E-Gate 0 0... Using card driver: Schlumberger Multiflex/Cryptoflex Card ATR: 3B 95 18 40 FF 62 01 02 01 04 ;[EMAIL PROTECTED]
Also, if it notes that it is using the generic card driver, you may need to add the ATR you get to the top of opensc/src/libopensc/card-flex.c before using some of the other tools/functionality of opensc.
BTW- if you plan on using pkcs15-init from opensc, make sure you update flex.profile witht the correct AUT1 value (aka the AAK/transport key)! If you don't, it will try to use a bogus transport key to open the card (I think it tries twice per execution). It only takes three bad authentication attempts to render the transport key blocked, which means you can't ever change the root structure of the card again. I blocked one of my cards doing this. :'(
From there, you can do what ever you want. I haven't found a solid set of tools yet (Muscle, OpenSC, or otherwise) which seem to do everything with my Cryptoflex, but I can get some basic file structures set up and generate some keys. I've been using opensc-0.7.0, but it sounds like the CVS version has some good improvements, so I'm about to check that out. I think ultimately, anything beyond the very basic will require sending APDU's directly (e.g. that's the only way I could do RSA crypto thus far).
What do you want to do with your cards, btw?
Phil
Steve Myers wrote:
Philip, first off, thanks!! for getting an e-gate driver started. I've been hoping some kind person who knows more about pcsc drivers would write one. I've already got an e-gate card but don't know much about the muscle software yet. Here's how my testing went:
System: RedHat 7.3 Kernel: 2.4.18-19.7.x
Hardware: ASUS P4PE MB with P4 CPU
1. downloaded the installed pcsc-lite-1.1.1-1-redhat.i386.rpm 2. downloaded and built your e-gate driver 3. installed your e-gate driver as you instructed: mkdir -p /usr/local/pcsc/drivers/ifd-egate.bundle/Contents/Linux cp Info.plist /usr/local/pcsc/drivers/ifd-egate.bundle/Contents cp *.so /usr/local/pcsc/drivers/ifd-egate.bundle/Contents/Linux 4. removed/renamed /etc/reader.conf file to /etc/reader.conf.sav 5. started pcscd in debug mode: [EMAIL PROTECTED] Linux]# /usr/local/sbin/pcscd -d stdout pcscdaemon.c:258 main: debug messages to stdout readerfactory.c:1317 RFInitializeReader: Attempting startup of Schlumberger E-GATE 0 0. readerfactory.c:1060 RFBindFunctions: Loading IFD Handler 2.0 pcscdaemon.c:413 main: pcsc-lite daemon ready.
6. inserted e-gate token into a USB port: readerfactory.c:1317 RFInitializeReader: Attempting startup of E-Gate 0 0. readerfactory.c:1060 RFBindFunctions: Loading IFD Handler 2.0
Does this look to you like it's working? What tests would you recommend I try next? Thanks again,
-- Steve
www.trustedpeer.com
On Tue, 2003-04-01 at 17:11, [EMAIL PROTECTED] wrote:
Message: 12 Date: Tue, 01 Apr 2003 17:09:14 -0800 From: Philip Edelbrock <[EMAIL PROTECTED]> Organization: Edge Design To: [EMAIL PROTECTED], [EMAIL PROTECTED] Subject: Re: [Muscle] ANNOUNCE: e-gate IFD driver availble Reply-To: [EMAIL PROTECTED]
It needs a simple script added to 'bundle' it. For now you can do it manually. I believe this will work (from inside the e-gate driver directory):
mkdir -p /usr/local/pcsc/drivers/ifd-egate.bundle/Contents/Linux cp Info.plist /usr/local/pcsc/drivers/ifd-egate.bundle/Contents cp *.so /usr/local/pcsc/drivers/ifd-egate.bundle/Contents/Linux
Make sure you built pcsc-lite with usb support, and when you start pcscd, it should read the Info.plist file to know to load the .so for the e-gate.
Let me know how it goes!
Phil
_______________________________________________ Muscle mailing list [EMAIL PROTECTED] http://lists.musclecard.com/mailman/listinfo/muscle
_______________________________________________ Muscle mailing list [EMAIL PROTECTED] http://lists.musclecard.com/mailman/listinfo/muscle
