Re: [opensc-devel] CardOS 4.3

Andre Zepezauer Fri, 18 Jun 2010 06:20:49 -0700

On Fri, 2010-06-18 at 14:09 +0200, Johannes Becker wrote:
> Am Montag 14 Juni 2010 schrieb Andreas Jellinghaus:
> 
> > 1.) define a test.
> > for example "pkcs11-tool --test --login --pin ... --slot ...".
> 
> I didn't succeed yet in testing all you've proposed.
> Here an intermediary result.
> The RUB-Card from Bochum works on windows with
> 
> http://www.opensc-project.org/files/build/opensc-i686-pc-mingw32-006-
> base.tar.bz2 , which is  opensc 0.11.9
> 
> The RUB-Card doesn't work with opensc 0.11.9 on Debian Lenny,
> while the Uni-Gießen Card  (TCOS) is ok with that. I attach the output of the 
> test below.
> 
> As I've posted earlier, all the opensc builds higher than 
> opensc-i686-pc-mingw32-006 don't work with the Uni-Gießen Card.
> To be precise, the command line tools work, but opensc-pkcs11.dll
> doesn't.
> 
> I didn't find a working configuration for RUB-Card on Linux yet.
> I wonder if we have major difference between opensc on Linux and Windows.
> 
> 
> Grüße
>   Johannes
> 
> --------------
> 
> $ /usr/local/bin/pkcs11-tool --test --pin 123456
> C_SeedRandom() and C_GenerateRandom():
>   seeding (C_SeedRandom) not supported
>   seems to be OK
> Digests:
>   all 4 digest functions seem to work
>   MD5: OK
>   SHA-1: OK
>   RIPEMD160: OK
> Signatures (currently only RSA signatures)
>   testing key 0 (RUBSIGNCERT) 
> [opensc-pkcs11] reader-pcsc.c:239:pcsc_transmit: unable to transmit
> [opensc-pkcs11] apdu.c:394:do_single_transmit: unable to transmit APDU
> [opensc-pkcs11] iso7816.c:832:iso7816_decipher: APDU transmit failed: 
> Transmit failed
> [opensc-pkcs11] sec.c:39:sc_decipher: returning with: Transmit failed
> [opensc-pkcs11] pkcs15-sec.c:125:sc_pkcs15_decipher: sc_decipher() failed: 
> Transmit failed
> error: PKCS11 function C_SignFinal failed: rv = CKR_GENERAL_ERROR (0x5)
> 
> Aborting.


Seems to me, that this problem is somewhat related to pcscd. This could
also be the source for the differences between linux and windows.
Attached is a log file generated while executing some commands. For
unknown reason i can't reproduce the shown error. pcscd is 1.4.99 on
ubuntu 8.04.

Regards
Andre Zepezauer

# two pins for my token, thus two tokens present
andre:~/opensc-0.11.13/src$ tools/pkcs11-tool --module 
pkcs11/.libs/opensc-pkcs11.so -L
Available slots:
Slot 0           OMNIKEY CardMan 5x21 (USB iClass Reader) 00 00
  token label:   Andre Zepezauer (PIN)
  token manuf:   Siemens AG (C)
  token model:   PKCS#15
  token flags:   login required, PIN initialized, token initialized
  serial num  :  
Slot 1           OMNIKEY CardMan 5x21 (USB iClass Reader) 00 00
  token label:   Andre Zepezauer (Secondary Authe
  token manuf:   Siemens AG (C)
  token model:   PKCS#15
  token flags:   login required, PIN initialized, token initialized
  serial num  :  
Slot 2           (empty)
Slot 3           (empty)
Slot 4           (empty)
Slot 5           (empty)
Slot 6           (empty)
Slot 7           (empty)
Slot 8           (empty)
Slot 9           (empty)
Slot 10          (empty)
Slot 11          (empty)
Slot 12          (empty)
Slot 13          (empty)
Slot 14          (empty)
Slot 15          (empty)

# running the test, this error occured
andre:~/opensc-0.11.13/src$ tools/pkcs11-tool --module 
pkcs11/.libs/opensc-pkcs11.so -tp 1234
C_SeedRandom() and C_GenerateRandom():
  seeding (C_SeedRandom) not supported
  seems to be OK
Digests:
  all 4 digest functions seem to work
  MD5: OK
  SHA-1: OK
  RIPEMD160: OK
Signatures (currently only RSA signatures)
  testing key 0 (Andre Zepezauer) 
[opensc-pkcs11] reader-pcsc.c:239:pcsc_transmit: unable to transmit
[opensc-pkcs11] apdu.c:394:do_single_transmit: unable to transmit APDU
[opensc-pkcs11] iso7816.c:832:iso7816_decipher: APDU transmit failed: Transmit 
failed
[opensc-pkcs11] sec.c:39:sc_decipher: returning with: Transmit failed
[opensc-pkcs11] pkcs15-sec.c:125:sc_pkcs15_decipher: sc_decipher() failed: 
Transmit failed
error: PKCS11 function C_SignFinal failed: rv = CKR_GENERAL_ERROR (0x5)

Aborting.

# trying to run the test again, but no token was found
andre:~/opensc-0.11.13/src$ tools/pkcs11-tool --module 
pkcs11/.libs/opensc-pkcs11.so -tp 1234
error: PKCS11 function C_OpenSession failed: rv = CKR_TOKEN_NOT_PRESENT (0xe0)

Aborting.

# removing the card and insert it again, but tokens are not recognized
andre:~/opensc-0.11.13/src$ tools/pkcs11-tool --module 
pkcs11/.libs/opensc-pkcs11.so -L
Available slots:
Slot 0           (empty)
Slot 1           (empty)
Slot 2           (empty)
Slot 3           (empty)
Slot 4           (empty)
Slot 5           (empty)
Slot 6           (empty)
Slot 7           (empty)
Slot 8           (empty)
Slot 9           (empty)
Slot 10          (empty)
Slot 11          (empty)
Slot 12          (empty)
Slot 13          (empty)
Slot 14          (empty)
Slot 15          (empty)

# restarting pcscd
andre:~/opensc-0.11.13/src$ tools/pkcs11-tool sudo /etc/init.d/pcscd restart

andre:~/opensc-0.11.13/src$ tools/pkcs11-tool --module 
pkcs11/.libs/opensc-pkcs11.so -L
Available slots:
Slot 0           OMNIKEY CardMan 5x21 (USB iClass Reader) 00 00
  token label:   Andre Zepezauer (PIN)
  token manuf:   Siemens AG (C)
  token model:   PKCS#15
  token flags:   login required, PIN initialized, token initialized
  serial num  :  
Slot 1           OMNIKEY CardMan 5x21 (USB iClass Reader) 00 00
  token label:   Andre Zepezauer (Secondary Authe
  token manuf:   Siemens AG (C)
  token model:   PKCS#15
  token flags:   login required, PIN initialized, token initialized
  serial num  :  
Slot 2           (empty)
Slot 3           (empty)
Slot 4           (empty)
Slot 5           (empty)
Slot 6           (empty)
Slot 7           (empty)
Slot 8           (empty)
Slot 9           (empty)
Slot 10          (empty)
Slot 11          (empty)
Slot 12          (empty)
Slot 13          (empty)
Slot 14          (empty)
Slot 15          (empty)

#now everything work fine
andre:~/opensc-0.11.13/src$ tools/pkcs11-tool --module 
pkcs11/.libs/opensc-pkcs11.so -tp 1234
C_SeedRandom() and C_GenerateRandom():
  seeding (C_SeedRandom) not supported
  seems to be OK
Digests:
  all 4 digest functions seem to work
  MD5: OK
  SHA-1: OK
  RIPEMD160: OK
Signatures (currently only RSA signatures)
  testing key 0 (Andre Zepezauer) 
  all 4 signature functions seem to work
  testing signature mechanisms:
    RSA-X-509: OK
    RSA-PKCS: OK
    SHA1-RSA-PKCS: OK
    MD5-RSA-PKCS: OK
    RIPEMD160-RSA-PKCS: OK
  testing key 1 (2048 bits, label=Andre Zepezauer) with 1 signature mechanism
    MD5-RSA-PKCS: OK
Verify (currently only for RSA):
  testing key 0 (Andre Zepezauer)
    RSA-X-509: OK
    RSA-PKCS: OK
    SHA1-RSA-PKCS: OK
    MD5-RSA-PKCS: OK
    RIPEMD160-RSA-PKCS: OK
  testing key 1 (Andre Zepezauer) with 1 mechanism
    RSA-X-509: OK
Key unwrap (RSA)
  testing key 0 (Andre Zepezauer) 
    DES-CBC: OK
    DES-EDE3-CBC: OK
    BF-CBC: OK
    CAST5-CFB: OK
  testing key 1 (Andre Zepezauer) 
    DES-CBC: OK
    DES-EDE3-CBC: OK
    BF-CBC: OK
    CAST5-CFB: OK
Decryption (RSA)
  testing key 0 (Andre Zepezauer) 
    RSA-X-509: OK
    RSA-PKCS: OK
  testing key 1 (Andre Zepezauer) 
    RSA-X-509: OK
    RSA-PKCS: OK

_______________________________________________
opensc-devel mailing list
[email protected]
http://www.opensc-project.org/mailman/listinfo/opensc-devel

Re: [opensc-devel] CardOS 4.3

Reply via email to