Re: [opensc-devel] IAS/ECC card with 2 applications in Windows XP env

2011-10-05 Thread Douglas E. Engert
On 10/4/2011 10:12 AM, Benjamin ALLEMAND wrote: > Hi, > I bought IAS/ECC card from Gemalto, here are some commands to identify the > card : >[...] > > The purpose is to store a certificate inside ECC Generic PKI through OpenSC, > in order to do Smartcard Logon to a Windows XP. Is the workstati

Re: [opensc-devel] IAS/ECC card with 2 applications in Windows XP env

2011-10-05 Thread Benjamin ALLEMAND
Hi, do: > # pkcs15-tool --bind-to-aid E828BD080FD25047656E65726963 -k -c -C > to see if there are some data objects related to CSP/minidriver. Here is the command you requested : pkcs15-tool --bind-to-aid E828BD080FD > 25047656E65726963 -k -c -C -v > Using reader with a card: SpringCard CSB6 Fam

Re: [opensc-devel] IAS/ECC card with 2 applications in Windows XP env

2011-10-05 Thread Viktor Tarasov
Le 05/10/2011 14:30, Benjamin ALLEMAND a écrit : > I enrolled an IAS/ECC card with certsrv and explored it with OpenSC tools. The keys were imported or generated? What middlaware have you used? do: # pkcs15-tool --bind-to-aid E828BD080FD25047656E65726963 -k -c -C to see if there are some data obj

Re: [opensc-devel] IAS/ECC card with 2 applications in Windows XP env

2011-10-05 Thread Benjamin ALLEMAND
Hello again, I enrolled an IAS/ECC card with certsrv and explored it with OpenSC tools. I realized that Gemalto M/W does store certificate under Generic application, and not ECC eId at all ! So, here is the certificates and keys dump : > pkcs15-tool --bind-to-aid E828BD080FD25047656E65726963 -k

Re: [opensc-devel] IAS/ECC card with 2 applications in Windows XP env

2011-10-05 Thread Viktor Tarasov
Le 05/10/2011 11:59, Benjamin ALLEMAND a écrit : > FYI, the associated log in attachment > > 2011/10/5 Benjamin ALLEMAND > > > I also explored the other ADF (ECC EID), and it already contains > all the file system. > Is it possible, through Op

Re: [opensc-devel] IAS/ECC card with 2 applications in Windows XP env

2011-10-05 Thread Benjamin ALLEMAND
> > I also explored the other ADF (ECC EID), and it already contains all the >> file system. >> Is it possible, through OpenSC, to put data in that file system ? >> > > Yes, if you have the keyset values present on your card. (Normally any > changes of file system in protected applications are prot

Re: [opensc-devel] IAS/ECC card with 2 applications in Windows XP env

2011-10-05 Thread Viktor Tarasov
Le 05/10/2011 10:04, Benjamin ALLEMAND a écrit : > By the way, I just learn that M/W IAS/ECC will be used on users computers, so > it will not be possible to use OpenSC mini driver on client side... Is there > a chance that M/W IAS/ECC (provided by ANTS, french government) will take > certificat

Re: [opensc-devel] IAS/ECC card with 2 applications in Windows XP env

2011-10-05 Thread Viktor Tarasov
Le 05/10/2011 09:16, Benjamin ALLEMAND a écrit : > Hi, > > According to the dump that you presented, the '--auth-id' argument of > your key generation command has to be 'C1'. > I propose you to activate the logs (in 'app default' section of > etc/opensc.conf set 'debug = 8' and some valid

Re: [opensc-devel] IAS/ECC card with 2 applications in Windows XP env

2011-10-05 Thread Benjamin ALLEMAND
By the way, I just learn that M/W IAS/ECC will be used on users computers, so it will not be possible to use OpenSC mini driver on client side... Is there a chance that M/W IAS/ECC (provided by ANTS, french government) will take certificates (stored in generic AD) into account ? I also explored th

Re: [opensc-devel] IAS/ECC card with 2 applications in Windows XP env

2011-10-04 Thread Viktor Tarasov
Hello Benjamin, Le 04/10/2011 17:12, Benjamin ALLEMAND a écrit : > I bought IAS/ECC card from Gemalto, here are some commands to identify the > card : > *opensc-tool --reader 2 --atr* > ATR : 3B:7F:96:00:00:00:31:B8:64:40:70:14:10:73:94:01:80:82:90:00 > *opensc-tool --reader 2 --name* > IAS/ECC G

[opensc-devel] IAS/ECC card with 2 applications in Windows XP env

2011-10-04 Thread Benjamin ALLEMAND
Hi, I bought IAS/ECC card from Gemalto, here are some commands to identify the card : *opensc-tool --reader 2 --atr* ATR : 3B:7F:96:00:00:00:31:B8:64:40:70:14:10:73:94:01:80:82:90:00 *opensc-tool --reader 2 --name* IAS/ECC Gemalto *pkcs15-tool --dump* Using reader with a card: OMNIKEY CardMan 5x21

Re: [opensc-devel] IAS ECC

2011-01-22 Thread Martin Paljak
Hello, To be honest I can't follow the discussion in detail, nor do I want to add oil to the continued dialogue unless one of the following is true: - OpenSC shall now create data structures that are not PKCS#15 conforming (requires a consensus on interpretation), or break some other "Signific

Re: [opensc-devel] IAS ECC

2011-01-17 Thread Viktor TARASOV
Dear Andre, On 17.01.2011 17:09, Andre Zepezauer wrote: > Hello Viktor, > > from Changeset 5094 [1]: > "[...] 'path' is [now] mandatory for the 'Local' PINs." > > I think of it as a temporary solution to fix a weakness of "IAS ECC" > cards as specified by The Gixel Group [2]. But keep in mind tha

[opensc-devel] IAS ECC

2011-01-17 Thread Andre Zepezauer
Hello Viktor, from Changeset 5094 [1]: "[...] 'path' is [now] mandatory for the 'Local' PINs." I think of it as a temporary solution to fix a weakness of "IAS ECC" cards as specified by The Gixel Group [2]. But keep in mind that the behaviour up to revision 4927 was conforming with PKCS#15 and IS