Hi, Martin Paljak wrote:
On Mar 17, 2010, at 16:26 , Ludovic Rousseau wrote:Changing from opensc-users to opensc-devel list.2010/3/16 Martin Paljak<mar...@paljak.pri.ee>:IAS-ECC support exists in read-only mode to some extent, the Portuguese eID card is based on IAS (at least one version).I went to http://www.opensc-project.org/opensc/wiki/PortugueseEid and then to http://www.cartaodocidadao.pt/index.php?option=com_content&task=view&id=102&Itemid=44&lang=pt I could not find any reference to OpenSC in the licence text (attached). I do not speak Portuguese so I can not really browse the http://www.cartaodocidadao.pt/ web site. Does anybody know if the source code is available somewhere? If not maybe "we" can ask for it. And patch OpenSC to support IAS cards.João Poupas, the author of the Portuguese eID card knows best and can probably describe the situation best. If I recall correctly they used libopensc to talk to the card but implemented the card specific stuff separately. There is preliminary support for the IAS based Portuguese card in OpenSC, but clarifying the status of the generic driver, relation to card implementation and pointers to specs etc would be nice to add to the wiki.
I'll try to explain the situation to the best of my ability.The official middleware for the Portuguese Citizen Card is indeed based on OpenSC. However, some features, such as the verification of the validity of the contents in the card, secure messaging, etc., appear to be implemented in another library. Basically, the OpenSC library appears to be used for the core stuff: card filesystem navigation, reading/writing to EFs, cryptographic functions (e.g., digital signatures and random number generation), PIN verification and modification, and so on.
We tried asking for the source, but without success.What we did was to implement support for both versions of the Portuguese Citizen Cards in OpenSC. One card is based on the IAS/ECC spec, and the other is (apparently) based on the Gemsafe applet, not entirely sure if V1 or V2. The support consists of a card-ias.c driver, minor changes to the card-gemsafeV1.c driver, and a PKCS# 15 emulation layer (pkcs15-pteid.c) to work around some issues.
The "IAS" driver, implemented in OpenSC, is know to work fine with the Portuguese ID Card. However, we don't know how the driver will behave with another IAS based cards. It will probably need modifications to support more features, since we only implemented the required features for the Portuguese card to work.
Martin, regarding the info in the wiki, what do you suggest? Should we create an IAS entry and point to the spec? I can provide it the spec, if needed.
Best regards, João
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
