On Wed, 2010-11-03 at 10:48 +0100, Viktor TARASOV wrote: > Andre Zepezauer wrote: > > On Tue, 2010-11-02 at 21:54 +0000, Mr Dash Four wrote: > > > >>> Opensc-explorer shows me the content of CIAInfo.bin without > >>> pin-verification. Does that answer your question? > >>> > >>> > >> Yeah, just about. Why do you think that is? Could this be a > >> manufacturer-related issue? > >> > > > > No, that's a new bug in OpenSC. Somewhere in the framework (especially > > in pkcs15init), the access conditions are handled the wrong way. > > > > What card are you using? > What card profile are you using? > Can you post here the debug (=8) logs from your > card initialization and 'create data object' sequence, please? > > > With CardOS v4.3b I'm getting the expected results: > > # cardos-tool -f > Using reader with a card: OmniKey CardMan 3121 00 00 > card in administrative state, ok > > # pkcs15-init -E > Using reader with a card: OmniKey CardMan 3121 00 00 > > # pkcs15-init -C --label "IDX-SCM" -P --auth-id 53434D --so-pin > "12345678" --so-puk "123456" --pin "9999" --puk "8888" > Using reader with a card: OmniKey CardMan 3121 00 00 > > # pkcs15-init -W ../tests/sha1.hex --label "MyLabel" --application-name > "MyData" --application-id "1.2.3.4.5.6" --auth-id 53434D --pin "9999" > Using reader with a card: OmniKey CardMan 3121 00 00 > Security officer PIN [Security Officer PIN] required. > Please enter Security officer PIN [Security Officer PIN]: > > # pkcs15-tool -C > Using reader with a card: OmniKey CardMan 3121 00 00 > Reading data object <0> > applicationName: MyData > Label: MyLabel > applicationOID: 1.2.3.4.5.6 > Path: 3f0050153403 > Auth ID: 53434d > > # opensc-explorer > OpenSC Explorer version 0.12.0-rc1 > Using reader with a card: OmniKey CardMan 3121 00 00 > OpenSC [3F00]> cd 5015 > OpenSC [3F00/5015]> cat 3403 > read failed: Security status not satisfied > ACL for operation: CHV3 > OpenSC [3F00/5015]> verify CHV3 39:39:39:39:00:00:00:00 > Code correct. > OpenSC [3F00/5015]> cat 3403 > 00000000: 66 37 65 34 30 63 32 30 34 39 66 39 34 32 66 33 f7e40c2049f942f3 > 00000010: 65 34 35 64 39 36 34 37 34 32 34 30 30 33 34 39 e45d964742400349 > 00000020: 64 36 64 30 63 65 37 34 0A d6d0ce74. > OpenSC [3F00/5015]>
$pkcs15-init -C -c cardos -p pkcs15 --so-pin=12345678 Unblock Code for New User PIN (Optional - press return for no PIN). Please enter User unblocking PIN (PUK): [[return]] $pkcs15-init -W CIAInfo.bin --application-id "1.2.3" -l "MyObject" -a ff Security officer PIN [Security Officer PIN] required. Please enter Security officer PIN [Security Officer PIN]: 12345678 Now use opensc-explorer. Yesterday I had this working with user-pins too. Will try to reproduce that later.
Using reader with a card: OMNIKEY CardMan 5x21 (USB iClass Reader) 00 00
Using reader with a card: OMNIKEY CardMan 5x21 (USB iClass Reader) 00 00
_______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
