Le 05/10/2011 10:04, Benjamin ALLEMAND a écrit : > By the way, I just learn that M/W IAS/ECC will be used on users computers, so > it will not be possible to use OpenSC mini driver on client side... Is there > a chance that M/W IAS/ECC (provided by ANTS, french government) will take > certificates (stored in > generic AD) into account ?
It's difficult with M/W from ANTS. There are questions to their diagnostic tools, for a while I do not succeeded to use their CSP. They are not very cooperative, do not answer the e-mailed question, ... I've made the compatibility tests between OpenSC and ANTS m/ws in the part of PKCS#11 module. > > I also explored the other ADF (ECC EID), and it already contains all the file > system. > Is it possible, through OpenSC, to put data in that file system ? Yes, if you have the keyset values present on your card. (Normally any changes of file system in protected applications are protected by SM). > > For example, you have EF A001, A002 and A003, which are certificates > dedicated EFs, and these EF values are 0x00..0x00 (4096 bits) > > 2011/10/5 Benjamin ALLEMAND <benallem...@gmail.com > <mailto:benallem...@gmail.com>> > > Hi, > > According to the dump that you presented, the '--auth-id' argument of > your key generation command has to be 'C1'. > I propose you to activate the logs (in 'app default' section of > etc/opensc.conf set 'debug = 8' and some valid path for 'debug_file') and > send here the logs. > > > Ok, attached file is debug log for this command execution > > You can also send here the output of the 'list_sdos' command from > opensc-explorer. > This command will show some details on the pre-allocated SDOs of > private RSA keys: > # opensc-explorer > OpenSC [3F00]> cd aid:E828BD080FD25047656E65726963 > OpenSC [E828BD080FD25047656E65726963]> list_sdos 0x20 > <here follows the needed output> > > And here is the result for listing sdos 0x20 : > > opensc-explorer.exe > OpenSC Explorer version 0.13.0-svn > > Using reader with a card: SpringCard CSB6 Family Contact 0 > Serial: 984000001079955F > > OpenSC [3F00]> cd aid:E828BD080FD25047656E65726963 > OpenSC [E828BD080FD25047656E65726963]> list_sdos 0x20 > Found SDO class 20, reference 9 > contact ACLs: 8B:13:13:00 > size: 00:80 > Found SDO class 20, reference A > contact ACLs: 8B:13:13:00 > size: 00:80 > OpenSC [E828BD080FD25047656E65726963]> > > > > For the future, if you need to use minidriver of OpenSC, be ready to > use another MSI. > The MSI that you are currently using is built on the experimental > branch where support of secure-messaging, multi-application features has been > tested. > It do not include the minidriver of OpenSC. This branch is not more > supported. > > I propose to use instead the last nightly MSI built on > 'secure-messaging' github branch of OpenSC. > This branch is destinated to be merged into the OpenSC master branch > in the nearest (I hope) future. > http://www.opensc-project.org/downloads/nightly/viktor/win32/ > The nightly built MSI includes the minidriver. > > > Thanks, I just installed it, is there any option to modify in order to > run it with my ias/ecc card ? > > Thanks a lot ! > > _______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
