On 4/1/2011 8:13 AM, Viktor TARASOV wrote:
Le 01/04/2011 12:43, Martin Paljak a écrit :
Hello,
On Apr 1, 2011, at 12:43 , jons...@terra.es wrote:
BTW: what's the current state of cardmod?
cardmod -> minidriver. It is a minidriver.
It still needs to be tested in a more wide manner .
I used it in IE for authentication and in 'certutil' with the cards IAS/ECC de
Sagem (Morpho) et with RutokenECP .
François and Douglas are using it with westcos and PIV cards.
OK, can we fill in the chart I requested in the previous e-mail
for the IAS/ECC, RutojenECP and westcos cards as a start?
Is it usable? Any instructions?
The best instructions are available on wiki. You need to set up registry with
the correct information for your card. The discovery happens base on ATR
historical bytes.
If your card happens to have two ATR-s (one warm, one cold) you'll need a special
(signed) driver filter, search for "atrfiltr" on Google.
Minidriver shall be distributed with OpenSC but there will be no automagic
setup (yet) for supported cards.
'Automatic setup' -- does it means (automatic) download OpenSC minidriver from
the Microsoft site or 'OpenSC MSI makes all' ?
Do you know if there can be several middlewares for the same card (ATR)
registered in Microsoft ?
Probably not, as when a new card is inserted it will look up the ATR in the
registry to find the driver.
When a browser or e-mail wants a card inserted it will look for the card based
on information stored
in the certificate store to see if the card inserted is the correct one. Based on which
"middlewares"
added the certificates to the cert store they will store different containerIDs
and other info.
But you can still use OpenSC via PKCS#11 i.e. as a Firefox or Thunderbird
Security Device,
even with some vendor's mini-driver or CSP already installed.
You can run the opensc-cardmod.dll mini-driver on XP and Vista if you have
installed
the Base CSP update. See:
http://support.microsoft.com/kb/909520
The registry changes for a card looks something like the attachment.
(I should change this for the PIV and used the history bytes instead.)
Martin
_______________________________________________
opensc-devel mailing list
opensc-devel@lists.opensc-project.org
http://www.opensc-project.org/mailman/listinfo/opensc-devel
--
Douglas E. Engert <deeng...@anl.gov>
Argonne National Laboratory
9700 South Cass Avenue
Argonne, Illinois 60439
(630) 252-5444
ÿþW�i�n�d�o�w�s� �R�e�g�i�s�t�r�y� �E�d�i�t�o�r� �V�e�r�s�i�o�n� �5�.�0�0�
�
�
�
�[�H�K�E�Y�_�L�O�C�A�L�_�M�A�C�H�I�N�E�\�S�O�F�T�W�A�R�E�\�M�i�c�r�o�s�o�f�t�\�C�r�y�p�t�o�g�r�a�p�h�y�\�C�a�l�a�i�s�\�S�m�a�r�t�C�a�r�d�s�\�D�E�E�
�O�P�E�N�S�C�]�
�
�"�A�T�R�"�=�h�e�x�:�3�b�,�d�b�,�9�6�,�0�0�,�0�0�,�0�0�,�0�0�,�0�0�,�0�0�,�0�0�,�0�0�,�0�0�,�0�0�,�0�0�,�0�0�,�0�0�,�0�0�,�0�0�,�0�0�,�0�0�,�0�0�,�0�0�
�
�"�A�T�R�M�a�s�k�"�=�h�e�x�:�f�f�,�f�f�,�f�f�,�0�0�,�0�0�,�0�0�,�0�0�,�0�0�,�0�0�,�0�0�,�0�0�,�0�0�,�0�0�,�0�0�,�0�0�,�0�0�,�0�0�,�0�0�,�0�0�,�0�0�,�0�0�,�\�
�
� � �0�0�
�
�"�C�r�y�p�t�o� �P�r�o�v�i�d�e�r�"�=�"�M�i�c�r�o�s�o�f�t� �B�a�s�e� �S�m�a�r�t�
�C�a�r�d� �C�r�y�p�t�o� �P�r�o�v�i�d�e�r�"�
�
�"�S�m�a�r�t� �C�a�r�d� �K�e�y� �S�t�o�r�a�g�e�
�P�r�o�v�i�d�e�r�"�=�"�M�i�c�r�o�s�o�f�t� �S�m�a�r�t� �C�a�r�d� �K�e�y�
�S�t�o�r�a�g�e� �P�r�o�v�i�d�e�r�"�
�
�"�8�0�0�0�0�0�0�1�"�=�"�c�:�\�\�P�r�o�g�r�a�m�
�F�i�l�e�s�\�\�o�p�e�n�s�c�\�\�o�p�e�n�s�c�-�c�a�r�d�m�o�d�.�d�l�l�"�
�
�
�
�
_______________________________________________
opensc-devel mailing list
opensc-devel@lists.opensc-project.org
http://www.opensc-project.org/mailman/listinfo/opensc-devel
