Hi all, Martin asked me to share my findings about the Serbian national eID smart card, something I will be more than happy to post to this list.
At the moment the card is not recognized by OpenSC. As it is written in Ludovic Rousseau's smartcard_list.txt file the card ATR is 3B B9 18 00 81 31 FE 9E 80 73 FF 61 40 83 00 00 00 DF All Serbian citizens over the age of 16 residing in the country can choose to have either a smart card, or a non smart card version of the national ID card. I found some data that about 60% of citizens do have a card with a smart card chip. There is the Wikipedia entry about the card: http://en.wikipedia.org/wiki/Serbian_identity_card The smart card contains full name, place and date of birth, current address, unique citizens number, eID number, photo (fingerprint data and electronic signature should also be there). Certificates for legally binding digital signatures are included on the card. Freeware proprietary CSP based middleware for Windows RSIDCardMW can be downloaded from http://ca.mup.gov.rs/download.html There is also a Windows software and a dll library called Celik that can be used to read the public data (name, address, photo,...) of the smart card. Yesterday I wrote an alternative to Celik in Python based on PC/SC interface (pcsc-lite on GNU/Linux) and pyscard Python wrapper that is available from http://gitorious.org/freesteel/freesteel It is sending a bunch of SELECT FILE/READ BINARY commands to the card and reading the output written on the card in UTF-8 encoded text. I did testing only with my own eID card and I am waiting for comments to confirm that I got the data format right and it is not broken when working with other eIDs. >From what I saw, the smart card is in ISO 7816 format (I do not know how compatible, it is just what I used to get public data of the card). I do not know what would be required to implement the support for this card in OpenSC or is it already supported using some of the standard modules. To my knowledge there is no published technical specification. The company which is implementing the PKI for the Ministry of Internal Affairs of Republic of Serbia is a local company named NetSet (http://www.netset.rs). I did not try to get technical data from the Ministry or the NetSet. This is something I will most certainly at least try to do once I have enough time and knowledge how can I use it to implement OpenSC support for the smart card. I can run the middleware inside the VM and trace calls to my reader using usbmon, analyzing them with logdecode from carddecoders. My plan is to do the tracing during the digital signing and I hope this will give me some interesting findings about the card. Probably I am not the best who should try this as everything with the smart cards is very unknown to me as the developer, but it should be also fun to learn something new. Is this how the things are supposed to work? Should I try something different first? Is there some documentation available on how one can add support for a new card? I read somewhere that card driver and the PKCS#15 emulation are required for every smart card, is that true? Thanks, Goran Rakic _______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
