[opensc-devel] C_login() with CKU_SO user type with Athena Asepcos card

Fri, 30 Sep 2011 06:43:16 -0700 

Hello all,

I have noticed a strange behavior when trying to unblock the user PIN using 
PKCS#11 on a Athena ASEPCOS card configured with 2 PIN & 2PUK as follow :

PKCS#15 Card [OpenSC Card]:
        Version        : 0
        Serial number  : 0106535458140F10
        Manufacturer ID: OpenSC Project
        Last update    : 20110727143948Z
        Flags          : EID compliant

PIN [Security Officer PIN]
        Object Flags   : [0x3], private, modifiable
        ID             : ff
        Flags          : [0x92], local, initialized, soPin
        Length         : min_len:4, max_len:16, stored_len:8
        Pad char       : 0x00
        Reference      : 2
        Type           : ascii-numeric
        Path           : 3f005015

PIN []
        Object Flags   : [0x3], private, modifiable
        ID             : 01
        Flags          : [0x12], local, initialized
        Length         : min_len:4, max_len:16, stored_len:8
        Pad char       : 0x00
        Reference      : 4
        Type           : ascii-numeric
        Path           : 3f005015

Using  PKCS#11, if I perform a C_Login() with the CKU_SO user type, I must 
enter the Security officer PIN if I want the operation to succeed.

It would make more sense to enter the user PUK since the main goal of this 
operation is to be able to unblock the user PIN code...

Thanks

William


________________________________

Ce message et les pi?ces jointes sont confidentiels et r?serv?s ? l'usage 
exclusif de ses destinataires. Il peut ?galement ?tre prot?g? par le secret 
professionnel. Si vous recevez ce message par erreur, merci d'en avertir 
imm?diatement l'exp?diteur et de le d?truire. L'int?grit? du message ne pouvant 
?tre assur?e sur Internet, la responsabilit? du groupe Atos ne pourra ?tre 
engag?e quant au contenu de ce message. Bien que les meilleurs efforts soient 
faits pour maintenir cette transmission exempte de tout virus, l'exp?diteur ne 
donne aucune garantie ? cet ?gard et sa responsabilit? ne saurait ?tre engag?e 
pour tout dommage r?sultant d'un virus transmis.

This e-mail and the documents attached are confidential and intended solely for 
the addressee; it may also be privileged. If you receive this e-mail in error, 
please notify the sender immediately and destroy it. As its integrity cannot be 
secured on the Internet, the Atos group liability cannot be triggered for the 
message content. Although the sender endeavors to maintain a computer 
virus-free network, the sender does not warrant that this transmission is 
virus-free and will not be liable for any damages resulting from any virus 
transmitted.

_______________________________________________
opensc-devel mailing list
opensc-devel@lists.opensc-project.org
http://www.opensc-project.org/mailman/listinfo/opensc-devel

Reply via email to