Re: MUSCLE applications?
On Mon, 1 Mar 1999, Dennis Wier wrote: > Killer application of the (near) future would be > when ADSL is really launched and people start downloading > video. Like single sign-on, they will be tired of > punching in their credit card, so smartcard will > be the choice. But, the readers would likely have to > be both swipe plus smartcard, plus probably pin > so that legacy credit cards could be used. There is > ecash and ecommerce where every click on every > icon gets to nibble on your bank account too. > This is (fortunately) not yet, but it could > 'drive' development of smart cards. > > That's just one possibility. But this depends on > credit card companies issuing smart cards. But they > are sitting on some billion magnetic stripe cards > so there is no reason to change, yet. Credit card > companies have developed (their) applications using the > smart card. The problem is standards. In France, we already use smartcards for banking, since about 10 years... And since a few months, we've got at least 2 systems for electronic commerce, using smartcards. One is only valid for French customers and French merchants, the other is SET compliant, but can use the French smartcard to authenticate. -- Erwann ABALEA System and Development Engineer - Certplus SA [EMAIL PROTECTED] Telephone: +33 1 34 38 29 50 *** Linux Smart Card Developers - M.U.S.C.L.E. (Movement for the Use of Smart Cards in a Linux Environment) http://www.linuxnet.com/smartcard/index.html ***
Re: MUSCLE Smartcards and Browsers
On Wed, 17 Mar 1999, Martin Sigbjorn wrote: > I need information on how I can use smartcards with Netscape > Navigator/Communicator and Internet Explorer, in order to perform secure > authentication of a user. I know these browsers have support for > smartcard authentication through certificates and SSL but I don't know > how it works (or how to make it work). Is it possible just by the > presense of PC/SC drivers + reader + card, or do I need additional > software? Of course you need additional software to make the whole stuff work... For Netscape, you have to write a PKCS#11 module which will perform the necessary cryptographic operations (basically RSA sign/verify and crypt/decrypt). For MSIE, you'll have to write a CSP (Crypto Service Provider) that will do pretty much the same, and it MUST be signed by Microsoft (the key is operated by the NSA, maybe it's just the opposite, but the 2 are involved in the process). This CSP will also have to check for wether the original CSP is a basic or enhanced version (512/1024 bits for RSA, 40/128 bits for RC2 and others). I don't know if your source will have to be reviewed for it to be signed... The easiest will be to start with Netscape... But you'll have to learn about PKCS#1, PKCS#8, and PKCS#10 (maybe also PKCS#7). The PKCS documents are available freely on <http://www.rsa.com>. You've got a very hard work to do. Good luck ;-) -- Erwann ABALEA System and Development Engineer - Certplus SA [EMAIL PROTECTED] - RSA PGP Key ID: 0x2D0EABD5 - *** Linux Smart Card Developers - M.U.S.C.L.E. (Movement for the Use of Smart Cards in a Linux Environment) http://www.linuxnet.com/smartcard/index.html ***
Re: MUSCLE contactless smartcards
On Thu, 25 Mar 1999, Brooks Johnston wrote: > You can get a Gemplus Micro 680 contactless reader for US$259 (quantity 1) > or US$224 (quantity 10) although I don't think that the Micro 680 is > explicitly supported by the MUSCLE project yet. For now, NO Gemplus reader is supported by the MUSCLE project... (I'd like to have spare time to add support for them...) One thing should be noted though... Note all the contactless readers can have access to all the contactless cards... Even withing Gemplus cards, some of them can't be accessed by the GCR680... > > -Original Message- > From: Ralf-Philipp Weinmann <[EMAIL PROTECTED]> > To: [EMAIL PROTECTED] <[EMAIL PROTECTED]> > Date: Tuesday, March 23, 1999 9:50 AM > Subject: MUSCLE contactless smartcards > > > >Hello everyone, > >I'm currently looking into the application of contactless smartcards > >for a project of mine. Does anybody know where I can get readers/writers > >for inductively working contactless smartcards from and what their > >price range is ? > >Also. Does the MUSCLE project currently support them ? > > > > > >TIA, > >-rpw > >--- > - > >Experience is what you got when you didn't get what you wanted. > >[PGP key available upon request.] > > > >*** > >Linux Smart Card Developers - M.U.S.C.L.E. > >(Movement for the Use of Smart Cards in a Linux Environment) > >http://www.linuxnet.com/smartcard/index.html > >*** > > > > *** > Linux Smart Card Developers - M.U.S.C.L.E. > (Movement for the Use of Smart Cards in a Linux Environment) > http://www.linuxnet.com/smartcard/index.html > *** > -- Erwann ABALEA System and Development Engineer - Certplus SA [EMAIL PROTECTED] - RSA PGP Key ID: 0x2D0EABD5 - *** Linux Smart Card Developers - M.U.S.C.L.E. (Movement for the Use of Smart Cards in a Linux Environment) http://www.linuxnet.com/smartcard/index.html ***
Re: MUSCLE SSH - PC/SC
Why don't you use the crypto capabilities of the cards to perform the crypto operations For me, it's a very bad way to use smartcards than considering them only good for storage Erwann. On Thu, 8 Apr 1999, David Corcoran wrote: > Hello, > > I have ssh2 working with PC/SC now. It generates keys and stores them on > the cards and the agent reads them off the card also. I have tried 3 > cards as of now: The Multiflex, Cryptoflex, and Cyberflex Access 16k and > all seem to work successfully. I'll try to release it, the new C - API, > and the new version of PC/SC this weekend along with the Multiflex ICCSP > and a few new utilities. > > Thanks > Dave > > * > David Corcoran Internet Security/Smartcards > > Home: Purdue University > 2252 US Highway 52 WestDepartment of Computer Science > West Lafayette, IN 47906 CERIAS/COAST Laboratory > Home: (765) 463-2455 > Cell: (317) 514-4797 > > http://www.linuxnet.com > > * > > *** > Linux Smart Card Developers - M.U.S.C.L.E. > (Movement for the Use of Smart Cards in a Linux Environment) > http://www.linuxnet.com/smartcard/index.html > *** > -- Erwann ABALEA System and Development Engineer - Certplus SA [EMAIL PROTECTED] - RSA PGP Key ID: 0x2D0EABD5 - *** Linux Smart Card Developers - M.U.S.C.L.E. (Movement for the Use of Smart Cards in a Linux Environment) http://www.linuxnet.com/smartcard/index.html ***
RE: MUSCLE SSH - PC/SC
I know this. Of course But look at the first contribution... > | > I have ssh2 working with PC/SC now. It generates keys and stores > | > them on the cards and the agent reads them off the card also. So the crypto operations are NOT performed by the OS smartcard On Fri, 9 Apr 1999, Enzo Romeo wrote: > The keys should never be read off the smart cards...this is a fundamental > rule of security. You can't trust any agent or software outside the cards. > So, the keys must be used by the card OS algorithms and the cards are used > as secure keys storage. > > Enzo > > On venerdi 9 aprile 1999 10.22, Erwann ABALEA [SMTP:[EMAIL PROTECTED]] > wrote: > | Why don't you use the crypto capabilities of the cards to perform the > | crypto operations > | > | For me, it's a very bad way to use smartcards than considering them only > | good for storage > | > | Erwann. > | > | > | On Thu, 8 Apr 1999, David Corcoran wrote: > | > | > Hello, > | > > | > I have ssh2 working with PC/SC now. It generates keys and stores them > on > | > the cards and the agent reads them off the card also. I have tried 3 > | > cards as of now: The Multiflex, Cryptoflex, and Cyberflex Access 16k > and > | > all seem to work successfully. I'll try to release it, the new C - > API, > | > and the new version of PC/SC this weekend along with the Multiflex > ICCSP > | > and a few new utilities. > | > > | > Thanks > | > Dave > | > > | > * > | > David Corcoran Internet Security/Smartcards > | > > | > Home: Purdue University > | > 2252 US Highway 52 WestDepartment of Computer Science > | > West Lafayette, IN 47906 CERIAS/COAST Laboratory > | > Home: (765) 463-2455 > | > Cell: (317) 514-4797 > | > > | > http://www.linuxnet.com > | > > | > * > | > > | > *** > | > Linux Smart Card Developers - M.U.S.C.L.E. > | > (Movement for the Use of Smart Cards in a Linux Environment) > | > http://www.linuxnet.com/smartcard/index.html > | > *** > | > > | > | -- > | Erwann ABALEA > | System and Development Engineer - Certplus SA > | [EMAIL PROTECTED] > | - RSA PGP Key ID: 0x2D0EABD5 - > | > | *** > | Linux Smart Card Developers - M.U.S.C.L.E. > | (Movement for the Use of Smart Cards in a Linux Environment) > | http://www.linuxnet.com/smartcard/index.html > | ******* > *** > Linux Smart Card Developers - M.U.S.C.L.E. > (Movement for the Use of Smart Cards in a Linux Environment) > http://www.linuxnet.com/smartcard/index.html > *** > -- Erwann ABALEA System and Development Engineer - Certplus SA [EMAIL PROTECTED] - RSA PGP Key ID: 0x2D0EABD5 - *** Linux Smart Card Developers - M.U.S.C.L.E. (Movement for the Use of Smart Cards in a Linux Environment) http://www.linuxnet.com/smartcard/index.html ***
Re: MUSCLE BOUNCE kincses zoli ] (fwd)
On Fri, 30 Apr 1999, Jim Rees wrote: > One interesting non-networked app is skey, and I do plan to put my skey key > on a card and use it with an OTP app on the Palm. Palm OTP with md5 is only > 27K so there is some hope it would fit on a card, especially if I can find a > javacard that does md5. I think Cyberflex only does sha1. 27K is a bit large to fit on a smartcard... But if you can cut it down to something ass little as 4K, it'll fit. GPK4000 from Gemplus is able to do MD5, as well as SHA1 (and a lot of other stuff...) -- Erwann ABALEA System and Development Engineer - Certplus SA [EMAIL PROTECTED] - RSA PGP Key ID: 0x2D0EABD5 - *** Linux Smart Card Developers - M.U.S.C.L.E. (Movement for the Use of Smart Cards in a Linux Environment) http://www.linuxnet.com/smartcard/index.html ***
Re: MUSCLE Credit Cars
On Mon, 21 Jun 1999, Nicolas Weinachter wrote: > do you know where i can find information over credit card : capacity, > protocol, security ...? Well. If what you call "credit card" is in fact "French banking card", then I don't think you'll be able to find technical documentation For other banking cards, I don't know... For EMV (next generation), maybe you could find some information or pointers at Europay, MasterCard, or VISA site... -- Erwann ABALEA System and Development Engineer - Certplus SA [EMAIL PROTECTED] - RSA PGP Key ID: 0x2D0EABD5 - *** Linux Smart Card Developers - M.U.S.C.L.E. (Movement for the Use of Smart Cards in a Linux Environment) http://www.linuxnet.com/smartcard/index.html ***
Re: MUSCLE SSLEAY & GPK4000
On Sat, 26 Jun 1999, Jason wrote: > Hi I am currently working on the SSLEAY crypto libraries and the Gemplus > GPK4000 cards. When I sign a message using SSLEAY md5() and > rsa_public_encrypt(), I get a signature string. However when I perform > the signature using GPK4000 I get a different string. Both return 64 > bytes. First of all, please don't use SSLeay anymore, as the project has been renamed to OpenSSL (www.openssl.org). Eric Young is now working for RSA, and SSLeay is no longer maintained. Then... Are you sure the padding method used by the GPK4k is the same as the one used by SSLeay? > The keys which are loaded into the card were created by SSLEAY > rsageneratekey(). These keys are then stored into file in ASCII format > (0-F).These keys are then converted into a binary string and loaded into > the card. Are you sure the key components are correct for the GPK4k (this card has some constraints for the key parameters). > BTW. The plain text message before digest is 6 bytes (012345). I assume > padding is done automatically by the SSLeay MD5 functions. > RSAprivatencrypt uses PCKS-1 padding. BTW: which version of SSLeay do you use? -- Erwann ABALEA System and Development Engineer - Certplus SA [EMAIL PROTECTED] - RSA PGP Key ID: 0x2D0EABD5 - *** Linux Smart Card Developers - M.U.S.C.L.E. (Movement for the Use of Smart Cards in a Linux Environment) http://www.linuxnet.com/smartcard/index.html ***
Re: MUSCLE Creating a file in Cyberflex Access
On Wed, 24 Nov 1999, Jordi Planes wrote: > I'm working with Cyberflex Access card with a Towitoko reader > with pcsc-lite-0.3.0 . > > I send a "Create File" APDU (the example from the Cyberflex Access > Programmer's Guide, p. 103) and I recieve a "Privilege is insufficient to > create a file". > > Anybody knows how to solve this privilege problem? What I have to > send or I have to change? I think you should enter a PIN code That will grant you some priviledges to create files on the directory you're in... -- Erwann ABALEA System and Development Engineer - Certplus SA [EMAIL PROTECTED] - RSA PGP Key ID: 0x2D0EABD5 - *** Linux Smart Card Developers - M.U.S.C.L.E. (Movement for the Use of Smart Cards in a Linux Environment) http://www.linuxnet.com/smartcard/index.html ***
Re: MUSCLE Power Up Failed
On Sat, 27 Nov 1999, Michael Renzmann wrote: > > > It should work with a processor smartcard such as > > > Cryptoflex. > > Do you or anyone else know where (in Germany) I can > > get a Cryptoflex or any other card which can be used > > with the Towitoko driver? > > Try out the BasicCard. An powerful processor card that > can be used with Muscle as far as I know. It can be > programmed with Basic, has DES/3DES encryption onboard, > with new lib version even elliptic curve algorithm, > cheap and you can order small numbers of those card. > More information on http://www.zeitcontrol.de and > http://www.basiccard.com. > > If you have problems programming the card, then send > me a mail. I´ve some experiences, as I write my own > library for card readers and this card. I've ordered 2 of these cards (ZC 2.4), and tested the demos with my reader (GCR410 from Gemplus). 1 card is already out of service, and doesn't answer to a reset... I only loaded the Calc demo app, tested it, it worked. On the other card, I loaded the Elliptic Curve demo, the demo works pretty well, and the card is still functionning. These cards seem very attractive, the Basic is not like the old Basics I used to program when I was 7... But I find them too unstable... -- Erwann ABALEA System and Development Engineer - Certplus SA [EMAIL PROTECTED] - RSA PGP Key ID: 0x2D0EABD5 - *** Linux Smart Card Developers - M.U.S.C.L.E. (Movement for the Use of Smart Cards in a Linux Environment) http://www.linuxnet.com/smartcard/index.html ***
Re: MUSCLE standards
the crypto functions of any card, only by changing the card and a library? Then you should look at PKCS#11. If you want to be able to use any smartcard with a standard set of API to access it, then you're already looking at PC/SC (yes, there existed a lot of proprietary libraries before PC/SC). If you want to be able to use the same PKCS#11 library with any smartcard, then the smartcard and PKCS#11 lib should be compliant with PKCS#15 and whatI called "ISO-7816-8" or whatever it's real name... -- Erwann ABALEA System and Development Engineer - Certplus SA [EMAIL PROTECTED] - RSA PGP Key ID: 0x2D0EABD5 - *** Linux Smart Card Developers - M.U.S.C.L.E. (Movement for the Use of Smart Cards in a Linux Environment) http://www.linuxnet.com/smartcard/index.html ***
Re: MUSCLE Identifing Cards..
On Mon, 3 Jul 2000, Angie Mitchell wrote: > I'm trying to figure out what kind of smartcard I have.. it's got all > eight pads/pins, on a blank white card with no markings at all.. is there > anything I can do to identify this card and the specs on this card? the > transmission protocals, voltage and current values, atr, etc etc... any > information would be helpfull.. thanks in advance.. You could see if the chip is in ISO or AFNOR position (AFNOR position is upper than ISO). You could check if it's an asynchronous card (ie microprocessor card), and tell us the ATR (Answer To Reset). -- Erwann ABALEA System and Development Engineer - Certplus SA [EMAIL PROTECTED] - RSA PGP Key ID: 0x2D0EABD5 - *** Linux Smart Card Developers - M.U.S.C.L.E. (Movement for the Use of Smart Cards in a Linux Environment) http://www.linuxnet.com/smartcard/index.html ***
Re: MUSCLE Transaction times
This reader resets each inserted card twice? That's strange... I'm aware of special cards that change their behaviour after a second reset is performed while the card is still powered on... These cards couldn't then be used in such a reader... On Tue, 27 Feb 2001, David Corcoran wrote: > Hi Michael, > > The Reflex 60 driver reset's the card twice most likely (cold/warm) On > removal there is no reset but on insertion these reset's occur - the driver > goes into a sleep waiting for this to happen - I am sure you can shorten > this amount of time and I would be glad to help you if you send me a mail > directly [EMAIL PROTECTED] -- Erwann ABALEA [EMAIL PROTECTED] RSA PGP Key ID: 0x2D0EABD5 - Against stupidity, the Gods themselves, contend in vain! *** Linux Smart Card Developers - M.U.S.C.L.E. (Movement for the Use of Smart Cards in a Linux Environment) http://www.linuxnet.com/smartcard/index.html ***
Re: MUSCLE how can i use smart card with netscape?
On Mon, 21 May 2001, Ysek Chung wrote: > i have GemPC410 reader and GPK8000 card, and > i'm studing smart card on linux. > now i'm tring to use smart card on netscape such as MS windows, > but i can't find any information for help. > > how can i use smart card with netscape? You have to write or use a PKCS#11 compliant library. This library will use the smartcard as a cryptoprovider, and certificates container, and Netscape will use this PKCS#11 library to use high-level crypto operations. Right now, I don't think there exists any PKCS#11 library for the Gemplus GPK8000 card running under Unix/Linux. -- Erwann ABALEA [EMAIL PROTECTED] RSA PGP Key ID: 0x2D0EABD5 - "Computers are useless. They can only give you answers" - Pablo Picasso *** Linux Smart Card Developers - M.U.S.C.L.E. (Movement for the Use of Smart Cards in a Linux Environment) http://www.linuxnet.com/smartcard/index.html ***
Re: MUSCLE how can i use smart card with netscape?
On Mon, 21 May 2001, Ysek Chung wrote: > Thanks for your help! > > > in order to use SCs with Netscape you should get a > > PKCS#11 module (library) from the SC vendor, if > > available. Otherwise, use what they provide for use > > with IE. > > as stupid question, can i use MS windows PKCS11 library? Microsoft doesn't use the PKCS#11 standard... And it definitely won't work on a Linux station ;-) -- Erwann ABALEA [EMAIL PROTECTED] RSA PGP Key ID: 0x2D0EABD5 - On Unix and Unix Hackers ``The problem here is that there is parent and child but no adult.'' Lynne Jolitz *** Linux Smart Card Developers - M.U.S.C.L.E. (Movement for the Use of Smart Cards in a Linux Environment) http://www.linuxnet.com/smartcard/index.html ***
Re: MUSCLE French translation needed
I wanted to get these documents, to start working on them (I'm french), but what I only got is an HTTP 404 error... BTW, Sesame in French can be confusing. We have a health applications with smartcards named 'Sesame Vitale'... On Fri, 1 Jun 2001, Jim Rees wrote: > Would anyone like to do me a really big favor and help translate my Sesame > application from English to French? I took a stab at it with the help of > Babelfish but the result is pretty horrible. > > English and French versions are here: > > http://www.citi.umich.edu/u/rees/sesame-2001.txt > http://www.citi.umich.edu/u/rees/sesame-2001-fr.txt -- Erwann ABALEA [EMAIL PROTECTED] RSA PGP Key ID: 0x2D0EABD5 - "A novice was trying to fix a broken Lisp machine by turning the power off and on. Knight, seeing what the student was doing spoke sternly: "You can not fix a machine by just power-cycling it with no understanding of what is going wrong." Knight turned the machine off and on. The machine worked." - Author unknown *** Linux Smart Card Developers - M.U.S.C.L.E. (Movement for the Use of Smart Cards in a Linux Environment) http://www.linuxnet.com/smartcard/index.html ***
Re: MUSCLE Linux Login with RSA SmartCards
On Wed, 6 Jun 2001, Ludovic Rousseau wrote: > On Mon, Jun 04, 2001 at 12:57:20PM -0700, David Corcoran wrote: > > Hello, > > > > You can't use pcsc-lite-0.9.1 for remote use of the resource manager. I > > wanted to create the core package as local only. I'm working on an RPC > > like service that sits atop the local service which will export the PC/SC > > interface . To the apps it will be identical to the older versions > > that used RPC. > > I don't think using RPC is a good idea. > You use a smartcard to provide security in a unsecure environment. > I don't want to send my PIN code in clear over RPC. You need to have > authentication, integrity and confidentiality of your networks > communications. > You could use 'secure RPC' but it will be hard to find implementations > of it outside SUN. Or maybe provide some kind of key exchange, and send the PIN code (and all the card commands) hidden in an opaque data blob, simply encrypted. That's surely difficult to design and implement correctly, but I agree with Ludovic, it's not a good idea to transmit everything in clear. > If you send your PIN code in clear over the network why not just use > telnet ? :-( > > I want a secure channel between my smartcard and the program sending > commands to it. > > -- Erwann ABALEA [EMAIL PROTECTED] RSA PGP Key ID: 0x2D0EABD5 - Two most common elements in the universe: Hydrogen and Stupidity. *** Linux Smart Card Developers - M.U.S.C.L.E. (Movement for the Use of Smart Cards in a Linux Environment) http://www.linuxnet.com/smartcard/index.html ***
Re: MUSCLE Linux Login with RSA SmartCards
On Thu, 7 Jun 2001, Carlos Prados wrote: > Hi, > > --- David Corcoran <[EMAIL PROTECTED]> wrote: > > Definitely. The interface exported must be a subset > > of the > > available functionality or else someone could write > > a worm which does a > > Verify Key function incorrectly and blocks cards > > where services are > > available. > > Even worst. If you leave your card with your private > PGP key in the reader and the smartcard is accesible > to anybody over the net, somebody could connect to it, > and write signed messages with your private key, read > your private e-mail... You can design your application so that whenever a signature (or decryption) operation is to be performed, a PIN code should be presented, the operation performed, and the authentication state reset. That's how it's done with the French banking applications. The card in itself doesn't reset the authentication state after the operation, but the payment terminals must do it. > He only needs your PIN, that he can get by snooping > the network, or donig trial and error. Trial and error is not a valid attack, as the card usually disables the code as soon as 3 bad code guesses have been presented. Since you can enhance the PIN length, guessing the PIN in 3 tries is difficult. -- Erwann ABALEA [EMAIL PROTECTED] RSA PGP Key ID: 0x2D0EABD5 - ``There are basically two types of people. People who accomplish things, and people who claim to have accomplished things. The first group is less crowded.'' Mark Twain *** Linux Smart Card Developers - M.U.S.C.L.E. (Movement for the Use of Smart Cards in a Linux Environment) http://www.linuxnet.com/smartcard/index.html ***
Re: MUSCLE Linux Login with RSA SmartCards
On Fri, 8 Jun 2001, Dr S N Henson wrote: > Carlos Prados wrote: > > > > > > Again, I would pay more athention to local security. > > Why is the file /tmp/.pcscrx world writtable? isn't > > this a security hole? > > > > On the subject of security... > > As may be apparent I've only just got my setup working and I've not > examined things in any detail. I did notice a few things which might be > cause for concern. > > Consider a Netscape PKCS#11 module. In this application the connection > to the reader may need to be kept open for an extended period of time > (typically the whole browser session) and may not be closed cleanly. As > we are all painfully aware its not entirely unknown for a browser to > crash. For the PKCS#11 part, there's a solution: just use random session numbers, and close all the sessions if you detect at least 3 invalid session numbers... That way, the application can crash, but trying to attach to this previous session and keep the authenticated state would be difficult. -- Erwann ABALEA [EMAIL PROTECTED] RSA PGP Key ID: 0x2D0EABD5 - A computer is a state machine. Threads are for people who can't program state machines. Alan Cox in a discussion about the threads and the Linux scheduler *** Linux Smart Card Developers - M.U.S.C.L.E. (Movement for the Use of Smart Cards in a Linux Environment) http://www.linuxnet.com/smartcard/index.html ***
Re: MUSCLE New to list, problems with PIN code ! (fwd)
On Mon, 18 Jun 2001, David Corcoran wrote: > -- Forwarded message -- > Date: Sun, 17 Jun 2001 02:14:01 +0200 > From: Christoph Plattner <[EMAIL PROTECTED]> > To: [EMAIL PROTECTED], [EMAIL PROTECTED] > Subject: New to list, problems with PIN code ! > > Hello SmartCard Linux hackers ! Hi! > I have recently bought a package from TOWITOKO > > CHIPDRIVE linuxpack > > which includes 2 memory cards. Those two cards seems > to be of a different type: > - 2Kbit I2C EEPROM Card (256 Byte, R/W) > seems to be a 2-wire card > (icc->type = 2) > - 16Kbit I2C EEPROM Card (2048 Byte, R/W) > seems to be a IC2 SHORT card > (icc->type = 0) > > I don't know why these cards of different sizes are also > of different types... ? Why not? > But now to the problems: > The ATR of the 16Kb card is always empty (NULL pointer, > as it is no 2-/3-wire card). Is this implementation > in the CT code correct ? A memory card does return no ATR... In fact, the reader might return one, if it wants to... > And now the main problem: > - > > The 2Kbit card seem to need the PIN code, is this > correct (I cannot write on it, and I saw in the code, Yes, memory cards can have PIN codes entered. The method used to enter this PIN is 'implementation defined', i.e. you should ask your card manufacturer. > that on type==2 and 3 cards, the PIN entering is always done. > I have not seen any PIN (in the package, on the card, > etc) So I don't know any key, and now the card always > blocks PIN entering, as the retry counter is already on '0'. > Can I do here anything ? If this is a real PIN code, and the card can't be reset, too bad... Good luck! -- Erwann ABALEA [EMAIL PROTECTED] RSA PGP Key ID: 0x2D0EABD5 - No wanna work. Wanna bang on keyboard. *** Linux Smart Card Developers - M.U.S.C.L.E. (Movement for the Use of Smart Cards in a Linux Environment) http://www.linuxnet.com/smartcard/index.html ***
Re: MUSCLE check for pinpad
On 10 Jul 2001, Stephan Heinze wrote: > I have a question about card readers. How can I check (via > pcsc-lite-api) if the reader is a simple card reader or if it has a > pinpad to supply safe pin validation? I don't think that the current release of the PC/SC standard supports card readers with 'expansions', like PIN pads, screens, etc. Maybe the next version of the standard? -- Erwann ABALEA [EMAIL PROTECTED] RSA PGP Key ID: 0x2D0EABD5 - ``Do or do not. There is no try." Yoda *** Linux Smart Card Developers - M.U.S.C.L.E. (Movement for the Use of Smart Cards in a Linux Environment) http://www.linuxnet.com/smartcard/index.html ***
