Hi, We have a couple of iKey4000 USB tokens at my company that we received from a CA. I'd like to add Linux support for these devices so end users can use them with Firefox, Evolution, and Thunderbird.
If the offer here still stands: http://www.opensc-project.org/pipermail/opensc-devel/2008-August/011252.html http://www.opensc-project.org/opensc/wiki/RainbowIkeyFour I'd be willing to sign an NDA for information of the device, with the understanding that the reviewed, resultant code could be released under the LGPL. (BTW, I'm the maintainer of the Linux kernel ivtv and cx18 drivers.) For anyone interested for details and speculation I've collected about the token, see below. Regards, Andy W. I seem to have the iKey 4000 variant that is *not* USB CCID v1.10 compliant: Bus 003 Device 004: ID 04b9:1206 Rainbow Technologies, Inc. iKey 4000 Token Device Descriptor: bLength 18 bDescriptorType 1 bcdUSB 1.00 bDeviceClass 0 (Defined at Interface level) bDeviceSubClass 0 bDeviceProtocol 0 bMaxPacketSize0 8 idVendor 0x04b9 Rainbow Technologies, Inc. idProduct 0x1206 iKey 4000 Token bcdDevice 1.10 iManufacturer 2 SafeNet, Inc. iProduct 1 iKey 4000 iSerial 0 bNumConfigurations 1 Configuration Descriptor: bLength 9 bDescriptorType 2 wTotalLength 20 bNumInterfaces 1 bConfigurationValue 1 iConfiguration 0 bmAttributes 0x80 (Bus Powered) MaxPower 56mA Interface Descriptor: bLength 9 bDescriptorType 4 bInterfaceNumber 0 bAlternateSetting 0 bNumEndpoints 0 bInterfaceClass 255 Vendor Specific Class bInterfaceSubClass 0 bInterfaceProtocol 0 iInterface 0 ** UNRECOGNIZED: 02 40 Device Status: 0x0000 (Bus Powered) SnoopyPro captures of device initialization show that all data traffic happens over the default control pipe. Some basic research indicates that the iKey4000 and iKey2032 may be similar: http://www.datakey-europe.com/englisch/inhalt_smartcard.htm Since there is an IFD for the iKey2032 in OpenCT, maybe that can be used as a starting point for an IFD for the iKey 4000. The ATR also inidicates to me that the iKey4000's SafeNet CCOS (SCCOS) is likely based off of the DataKey CCOS (DKCCOS). The ATR of the iKey4000, is in this captured packets: ControlTransfer data: 0000: 19 3b ff 18 00 00 81 31 fe 4d 80 25 a0 00 00 00 | ; 1 M % | 0010: 56 57 44 4b 34 30 30 06 00 dd c8 40 02 01 a0 00 | VWDK400 @ | bRequestType: 0xc1 (Read-Vendor-Interface) bRequest: 1 wValue: 0 (0x0000) wIndex: 0 (0x0000) wLength: 32 For comparison, aside from the iKey 4000, all the ATRs listed in this file: http://ludovic.rousseau.free.fr/softwares/pcsc-tools/smartcard_list.txt that have a hex string "56 57 44 4B 3[0-9] 3[0-9] 3[0-9]" or ASCII "VMDK[1-9][0-9][0-9]", are DataKey products. In 1999, DataKey Licensed DKCCOS to Rainbow: http://www.thefreelibrary.com/Rainbow+Technologies+and+Datakey+Collaborate+On+Future+Rainbow+iKey...-a055215336 In 2004, SafeNet acquired DataKey: http://www.datakeyelectronics.com/about_safenet.html iKey 4000 FIPS 140 security policy document: http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140sp/140sp943.pdf iKey 2032 FIPS 140 security policy document: http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140sp/140sp161.pdf _______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
