Am Donnerstag 04 Juni 2009 22:57:52 schrieb -: > As the 'dnie' driver guarantees the compatibility with (an old version > of) sca (0.2.3pre2); one can sign online using OSX Firefox, but > "security unlock-keychain" gets to nowhere. My guess is that we can > walk the extra mile from there. And my first goal is to let it play > with the opensc.tokend in order to get more eyes on the dnie. > > So I'm here to ask for directions about how to start a card profile > like those in /Library/OpenSC/share/opensc/ . Without any clue about > the internals, just being able to poke around with the pkcs11 and > pkcs15-tool.
you don't need to write a "profile" - those are for blank cards, so you can initialize them yourself. what you need is to write a basic driver for the low level card commands, and a higher level emulation driver (the card most likely is not initialized in pkcs#15 format, so such an emulation driver would create those structures in memory. for example the lists of certificates, PIN, keys and so on. those are usualy fixed for eID cards, so they can be hard coded in the software). if the software is a modified opensc you can try to increase debugging to maxximum (try 9 or so), and create a huge log file. it would include all APDU commands and show you what opensc does, so it might help a lot to write a driver even without documentation. usualy the card drivers do not contain a very complex logic, mostly it is only the special bits and bytes required by the card, and the logic is quite similar. also you can try using that opensc with a debugger, so you could see which pkcs#15 structures are created by the card. good luck! Regards, Andreas _______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
