On Tue, 2010-09-14 at 11:28 +0200, jons...@terra.es wrote: > Perhaps anyone can help me: > > Now that my DNIe has died [1] I'm trying to get dni code to be aware > of this situation. > > ¿What's the standard way to tell libopensc that a card has been > invalidated?, that is: the card is recognized, > but cannot operate with it because manipulation detected, too many pin > entry errors, or so
When using smart cards in common ways, a card should not become totally broken. Most often cards become unusable, only if pin verification failed too often. This case is handled by opensc with an error code SC_ERROR_AUTH_METHOD_BLOCKED. Which in turn is translated to CKR_PIN_LOCKED. In my opinion, a card gets broken only if: 1. corrupted data is written to the card or 2. some important files are deleted form the card. In both of these cases write access is required. But the situation with pki cards is, that write access *after personalisation* is very limited or not possible at all. Therefore it should be sufficient for opensc, to handle blocked pins correctly. > Not sure on other cards, but DNIe mark this situation by mean of > change on ATR status code from 03 90 00 to > 0F 65 81 (Memory error). Not sure what to do if detected this > situation: 1. When data structures of your card are still readable, then match on both ATRs. And fail gracefully on pin verification and privileged operations. 2. When your card doesn't provide any data, then not recognising it should be fine. Or handle it like a card in manufacturing state. > - The actual code: do not recognize the card as to be handled by the > module > - Recognize the card, but return error (¿What is the proper error > code?) on any requested operation > > A good task to code until going to police office to re-enable my > card :-) > > [1]http://www.opensc-project.org/pipermail/opensc-devel/2010-September/014866.html > > Juan Antonio > _______________________________________________ > opensc-devel mailing list > opensc-devel@lists.opensc-project.org > http://www.opensc-project.org/mailman/listinfo/opensc-devel _______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
