On Saturday 15 April 2006 11:34, Chaskiel M Grundman wrote: > ITSEC-P and FIPS use the same card operating system (STARCOS). They're not > identical though. The ITSEC-P is STARCOS SPK 2.3, and FIPS is 2.4. The > other models do not use STARCOS (ITSEC-I is cardOS and 5 & 2048 are based > on ARX PrivateCard)
But what about drivers? Does the same SafeSign driver installation work for all 5 devices? This might mean that even though there are varying firmwares, they probably operate very similarly if one driver can manage all of them. > None of the 4 devices I have gave me the extra 0, and none of them reacted > poorly to the PTS or baud rate change. I have used the iTSEC-P with both > UHCI and OHCI-style usb controllers (since I was hoping the EOVERFLOW > problem could be fixed that way), and there was no noticeable change in > behavior. Interesting that you are having USB errors with ITSEC-P, because the reason Eutron sent one to me was because it is known to work on more USB systems than the FIPS. So either the FIPS is even worse, or maybe you are getting different errors. I don't think I was getting EOVERFLOW with my FIPS, though I'm not sure how to check... > > I tried running: > > pkcs11-tool --module /usr/local/lib/opensc-pkcs11.so --show-info > > > > But this fails for both of my cards, so it seems nothing works yet (not > > that you intended for anything to work yet, but I wasn't sure). > > Are they initialized yet? I was unable to properly initialize my ITSEC-P, > and if the card has no PKCS15 structure, the pkcs11 module will reject it. Yes, already initialized with SafeSign. How else would I test it? Is OpenSC only intended for use with cards initialized by OpenSC? > I should caution you about mixing safesign and opensc. The safesign license > has some (absurd sounding, but who knows what courts will hold up) language > which explicitly states that you are not allowed to use 3rd party code to > read their PKCS15 structure Well, this is silly and stupid, yet unsurprising. I guess what we really want is OpenSC support for the devices and then we can wipe our cards and throw SafeSign out the window. > The ITSEC-I model works fine. pkcs15-init -C, pkcs11-tool -t, and random > tests with pkcs15-crypt are all successful. Ok. So, at this time, the ITSEC-I is the only model of the five that is known to work in OpenSC. -Justin _______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
