Hi. Some time ago I was interested in the same thing (working with ACOS5 cards). Now our need is relaxed, but, time permitting, this is always useful to us.
I was able to do also some secure operation directly on the card (I must check my code), but I wasn't able to fully understand the structure of a card driver: there are so many cross references between different parts of the libraries... I also have some ACOS5 blank cards and some Windows/PKCS#11 formatted ones. This filesystem appear enough standard to maintain it, and ACOS5 OS offer a "dir" command to investigate the card. Il giorno gio, 15/02/2007 alle 21.09 +0000, Ian Young ha scritto: > Andreas Jellinghaus wrote: > > > I'd be willing to help as time permits, and I'm sure many other people > > here can answer questions about writing new card drivers too. So why > > don't you give it a try? take a look at a few drivers with full support > > (like cardos and cryptoflex and starcos), the basic pattern is pretty > > much the same. I hope that helps to get started? > > Certainly if you or others might be able to help me out if I get stuck, > I'd be happier starting off. It seems to me that it makes a big > difference if you have some of the cards already, as well. > > I've poked around with the cards I have already with the supplied tool, > and sent it some basic APDUs, so I should be able to get started. > > Where I did run into problems playing with the card at that level was > with "perform security operation" after using the supplied tool to load > some certificates and keys into the card. Nothing that I could do > seemed to lead to the encryption, decryption or signature results I > expected, and unfortunately I don't have a copy of 7816-8 which is where > I think this stuff is defined. Nevertheless, using Thunderbird's > PKCS#11 support with the very same card produces correct signatures! > The ACOS5 manual is pretty unclear on this stuff, I guess unless you > already understand what is supposed to be going on. Any clues as to how > you would approach debugging that kind of issue? > > Another strategy question: the supplied tools claim to write a PKCS#15 > file system on the card. I'd have contributed something, I think, even > if all I managed to do was enable cryptographic operations on a card > which had been formatted by their tool. So I'm tempted to try and work > initially with a card that I've loaded with keys using their tool. Is > that a worthwhile approach, do you think, or is their idea of PKCS#15 > likely to be incompatible with the existing OpenSC code? > > Last question for now: the svn repository has a file called > card-atrust-acos.c in it. Is this for something even slightly related > to the ACS ACOS5 cards and worth trying to use as a baseline, or is it > just completely unrelated? > Completely different card, I think. > -- Ian > _______________________________________________ > opensc-devel mailing list > opensc-devel@lists.opensc-project.org > http://www.opensc-project.org/mailman/listinfo/opensc-devel Regards, Gabriele Turchi P.S.: I'm sorry, my english is alpha version.
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
