Hi Peter,
sorry for the delay, I have been out of office.
When I delete the lines 1309-1314, nothing is better with
the TCOS card via Xiring. And the PIN of the CardOS card is not
accepted by firefox despite the fact, that you still can verify it
via opensc-tool.
Below I insert the analysis of
2011/7/19 Peter Koch :
> Hi Martin!
>
> 2011/7/18 Martin Paljak
>>
>> > Some reader expect just 4 bytes (CLA INS P1 P2) without Le. Some other
>> > readers insist on getting a 0-Le byte. And very few readers handle both
>> > cases.
>>
>> This should be tested and documented if possible. Creating c
Hi Martin!
2011/7/18 Martin Paljak
> > Some reader expect just 4 bytes (CLA INS P1 P2) without Le. Some other
> > readers insist on getting a 0-Le byte. And very few readers handle both
> cases.
>
> This should be tested and documented if possible. Creating conditional
> reader-specific code is
Hello,
On Jul 17, 2011, at 00:34 , Peter Koch wrote:
> Control TxBuffer: 1E 1E 02 00 00 10 06 02 FF 00 00 00 00 00 00 05 00 00 00 00
> 20 00 00 00
> -> 00 69 14 00 00 00 00 39 00 00 00 00 1E 02 00 00 10 06 02 FF 00 00 00
> 00 00 00 00 20 00 00 00
> <- 00 80 02 00 00 00 00 39 00 00 00 6B
Hi Johannes!
2011/7/15 Johannes Becker
> Hello,
>
> I'm testing a new Firmware for the Xiring MyLeo card reader. It
> will support extended APDU. It works with a CardOS chip, but
> with a TCOS chip firefox displays quickly the small window asking
> you to enter the pin on the pinpad several time
Hello,
I'm testing a new Firmware for the Xiring MyLeo card reader. It
will support extended APDU. It works with a CardOS chip, but
with a TCOS chip firefox displays quickly the small window asking
you to enter the pin on the pinpad several times. You have no chance
to do so and there is subsequ
Hello,
Am Mittwoch 08 Juni 2011 schrieb Martin Paljak:
> > Using the GemPlus Pinpad reader, Firefox shows quickly serveral times
> > the window telling you to enter the PIN on the Pinpad, but the connection
> > to the web servers fails before you have a chance to to anything.
...
> How does this
2011/6/8 Martin Paljak :
> On Wed, Jun 8, 2011 at 15:28, Ludovic Rousseau
> wrote:
>
>> The problem is on byte 15.
>> Byte 15, 16 are wPINMaxExtraDigit
>> In the CCID frame it is 10 06
>> So Maximum PIN size = 10h = 16
>> and Minimum PIN size = 06h = 6
>>
>> The Gemalto Pinpad (v1) does not suppor
On Wed, Jun 8, 2011 at 15:28, Ludovic Rousseau
wrote:
> The problem is on byte 15.
> Byte 15, 16 are wPINMaxExtraDigit
> In the CCID frame it is 10 06
> So Maximum PIN size = 10h = 16
> and Minimum PIN size = 06h = 6
>
> The Gemalto Pinpad (v1) does not support Maximum PIN size bigger than
> 8. S
2011/6/8 Martin Paljak :
> On Jun 8, 2011, at 12:24 , Johannes Becker wrote:
>> With Windows the SPR532 doesn't accept the PIN, when you use opensc.
>> On the other hand, with Peter Koch's middleware it is ok.
>
> It thus expects the swapped length information I guess.
>
> The log seems to support
Hello,
On Jun 8, 2011, at 12:24 , Johannes Becker wrote:
> With Windows the SPR532 doesn't accept the PIN, when you use opensc.
> On the other hand, with Peter Koch's middleware it is ok.
It thus expects the swapped length information I guess.
The log seems to support this guess:
2011-06-03 09:3
Hello,
the card readers SPR532 (SCM) and GemPC Pinpad USB (Gemalto)
work fine with CardOS cards. SPR532 is ok under Linux.
With Windows the SPR532 doesn't accept the PIN, when you use opensc.
On the other hand, with Peter Koch's middleware it is ok.
Using the GemPlus Pinpad reader, Firefox shows
2011/6/1 Martin Paljak
> > Yes, it works on Linux. Windows is the problem. Maybe the fault is with
> the SCM Windows
> > driver.
>
> IIRC you need to very closely match the Windows driver and the device
> Firmware. It had byte ordering issues and I *think* the Windows driver
> requires the incorr
Hi
Actually I'm not sure if in case of unpadded PIN blocks, should the initial
> APDU prefix include CLA INS P1 P2 only or an additional 0x00 (which you
> refer to as empty Lc) or not ? IMHO CCID spec leaves room for interpretation
> there... I remember different behavior from different readers/ca
Hello,
On Wed, Jun 1, 2011 at 10:41, Johannes Becker
wrote:
> Hello,
>
> Am Mittwoch 01 Juni 2011 schrieb Martin Paljak:
>
>> > I have no idea why your SCM reader behaves different under Windows and
>> > Linux. Does it have old firmware?
>
> The installer tells me that the firmware is up to date.
Hello,
Am Mittwoch 01 Juni 2011 schrieb Martin Paljak:
> > I have no idea why your SCM reader behaves different under Windows and
> > Linux. Does it have old firmware?
The installer tells me that the firmware is up to date. I even tried the beta
firmware,
that I got from SCM.
> Probably. SPR5
2011/5/31 Peter Koch :
> Hi,
>
> we are using TCOS2 card for more than 7 years and our policy is
> to only use smartcard readers with secure PIN entry. The CCID
> standard improved things a lot but unfortunately only a few readers
> have 100% correct implementations.
>
> The Dell USB Smartcard Keyb
Hello,
On Jun 1, 2011, at 00:08 , Peter Koch wrote:
> All our TCOS cards have a 6 digit PIN so we use a verify command with
> fixed PIN length, i.e. 00 20 00 00 06. We hardcoded this into our
> software and only use this dirty hack if our software has detected a
> Dell USB Smartcarc Keyboard.
>
>
Hi,
we are using TCOS2 card for more than 7 years and our policy is
to only use smartcard readers with secure PIN entry. The CCID
standard improved things a lot but unfortunately only a few readers
have 100% correct implementations.
The Dell USB Smartcard Keyboard seems to support SPE only
if the
Hello,
opensc-0.12.2-svn r5526 works with TCOS2 and CardOS cards
using e.g. the Kobil KAAN advanced reader.
If i use the reader on the Dell USB Smartcard Keyboard, the pinpad works only
with CardOS cards.
When I use a TCOS 2 card and ask Firefox to show a site requiring chip card
authentication
On Tue, Jul 1, 2008 at 12:01 PM, Johannes Becker
<[EMAIL PROTECTED]> wrote:
> Am Freitag, 27. Juni 2008 schrieb Franz Brandl:
>
>> as far as i remember, the PKCS#11 driver has to use
>> CKF_PROTECTED_AUTHENTICATION_PATH to indicate to the application that it
>> shall not prompt for the PIN itself.
Am Freitag, 27. Juni 2008 schrieb Franz Brandl:
> as far as i remember, the PKCS#11 driver has to use
> CKF_PROTECTED_AUTHENTICATION_PATH to indicate to the application that it
> shall not prompt for the PIN itself. Seems that this is not the case for
> your reader. The question is how OpenSC deci
sure
it does with other readers.
Do you know whether your KOBIL is accessed via PC/SC or CT-API ?
Best regards,
Franz> From: [EMAIL PROTECTED]> To: opensc-devel@lists.opensc-project.org>
Date: Fri, 27 Jun 2008 09:10:03 +0200> Subject: [opensc-devel] Pinpad> >
Hello,> > I
On Fri, Jun 27, 2008 at 9:10 AM, Johannes Becker
<[EMAIL PROTECTED]> wrote:
> Hello,
Hello,
> I have a Kobil card reader with pinpad. In principle the pinpad works with
> opensc, but the behaviour generally is a bit confusing.
>
> If you use it with pam (for instance su, kdm or gdm) the user is a
Hello,
I have a Kobil card reader with pinpad. In principle the pinpad works with
opensc, but the behaviour generally is a bit confusing.
If you use it with pam (for instance su, kdm or gdm) the user is asked to
type the PIN at the keyboard, this input is ignored and as soon as you
type 'enter
Franz Brandl hotmail.com> writes:
>
>
> Hi,afaik the 4.15 firmware contains an error in the secure pin verification
over PC/SC. there should be a newer firmware and driver available from SCM.it
might well be that the device works with the seccommerce software, but maybe
they have adapted the
regards
franz
> To: [EMAIL PROTECTED]
> From: [EMAIL PROTECTED]
> Date: Fri, 7 Dec 2007 14:52:15 +
> Subject: [opensc-devel] Pinpad support for SCM Microsystems Inc. SPRx32 USB
> Smart Card Reader
>
> Hello!
>
> I have "SCM Microsystems Inc. SPRx32 USB Smart
Hello!
I have "SCM Microsystems Inc. SPRx32 USB Smart Card Reader" on Windows XP.
I set "enable_pinpad = true;", but on GET_FEATURE_REQUEST SCardControl return
0x001f.
Is it possible provide pinpad support for SPRx32 device?
This online tool work with SPRx32 pinpad correctly:
http://www.s
Hello,
when I use opensc (both in Linux and Windows) with
enable_pinpad = true;
in opensc.conf, everything works fine, exept that on visiting
a site that requires card authentication at first firefox
pops up a window asking for the "master password" (the PIN, as
everybody else calls it.)
No matte
On Fri, Nov 17, 2006 at 02:47:31PM +0100, Ludovic Rousseau wrote:
> I don't know if pam_pkcs11 can know:
> - that a PIN pad is connected
> - that the PKCS#11 lib will/can use the PIN pad so the PAM module do
> not have to ask for a PIN on the keyboard.
Supposedly, it can.
CKF_PROTECTED_AUTHENTICA
On 17/11/06, Jonsito <[EMAIL PROTECTED]> wrote:
El vie, 17-11-2006 a las 14:47 +0100, Ludovic Rousseau escribió:
- that the PKCS#11 lib will/can use the PIN pad so
the PAM module do not have to ask for a PIN on the keyboard.
I ask pin/password by mean of pam libraries. so no control on
where pam
El vie, 17-11-2006 a las 14:47 +0100, Ludovic Rousseau escribió:
I don't know if pam_pkcs11 can know:
- that a PIN pad is connected
Sure no, unless pkcs11 interface could inform us that pinpad
is attached. Anyway this issue is not handled by my code
- that the PKCS#11 lib will/can use the PIN pa
On 17/11/06, Johannes Becker <[EMAIL PROTECTED]> wrote:
> As Martin said we should correct this. So if you can show us a PAM
> module that does not prompt for PIN that would help.
Well, nearly every other pam module has to get the password via the keyboard
and prompts for it. The only exception
Hello,
Am Donnerstag, 16. November 2006 14:59 schrieb Ludovic Rousseau:
>
> What do you use for the authentication in this precise case? Do you
> use a PAM module? Which one?
/usr/local/lib/security/pam_pkcs11.so
I compiled pam_pkcs11-0.5.3
> As Martin said we should correct this. So if you ca
Hello,
On 16/11/06, Johannes Becker <[EMAIL PROTECTED]> wrote:
Eddy Nigg (StartCom Ltd.) wrote:
> It requires modification of g/kdm, something we intend to
> suggest/propose/modify in the future.
>
I guess, you wouldn't have to modify gdm/kdm. My Pinpad beeps and blinks,
as soon as the system as
On 16.11.2006, at 11:01, Johannes Becker wrote:
1. Authentication with pam_pkcs11.so
Probly needs support in PAM level and modifications in pam_pkcs11.
2. Using Mozilla Firefox
Some time ago there was a blog post asking people to pick up PSM (the
stuff that manages such GUI issues in mozi
Eddy Nigg (StartCom Ltd.) wrote:
It requires modification of g/kdm, something we intend to
suggest/propose/modify in the future.
I guess, you wouldn't have to modify gdm/kdm. My Pinpad beeps and blinks,
as soon as the system asks for the PIN. So it would be nice to have no
prompt
for a keyb
Hi Johannes,
It requires modification of g/kdm, something we intend to
suggest/propose/modify in the future.
--
Regards
Signer: Eddy Nigg, StartCom Ltd.
Phone: +1.213.341.0390
Johannes Becker wrote:
Hello,
I got pam_pkcs11 working. If I use the card reader's pin pad, there
Hello,
I got pam_pkcs11 working. If I use the card reader's pin pad, there
is still the prompt to enter the PIN. No matter what you enter,
after 'return' the pinpad awakes and you can enter the PIN there.
This is a confusing behaviour, especially if you have a graphical login
with gdm or kdm.
Ho
On 15/08/06, Johannes Becker <[EMAIL PROTECTED]> wrote:
Hello,
Hi,
can I get the Pinpad on the reader "Kobil Advanced" working?
I use today's pcscd, pcsc-tools, libccid, opensc, libopenct1 from
Debian/unstable which seems to be up to date.
Everything works with firefox except asking the PIN
Hello,
can I get the Pinpad on the reader "Kobil Advanced" working?
I use today's pcscd, pcsc-tools, libccid, opensc, libopenct1 from
Debian/unstable which seems to be up to date.
Everything works with firefox except asking the PIN from the PINPad.
Do you have to configure the PINPad somwhere?
Hi,
On 03.08.2006, at 0:10, Robert Konklewski wrote:
Looks really interesting. The only thing to sort out is the way to re-
use the reader.h on windows...
I'll give it a look next week while back at home.
m.
--
Martin Paljak / [EMAIL PROTECTED]
martin.paljak.pri.ee / ideelabor.ee
+372 515 6
On 03/08/06, Robert Konklewski <[EMAIL PROTECTED]> wrote:
Hello!
Hi,
A word of warning: this patch might cause problems in Linux since byte order of
IOCTLs is changed to little-endian (it is required in Windows) and it was not
altered in the original code (which probably worked well in Linu
Hello!
I'm totally new on this list. In fact, the only reason I signed up is to share
this quick & dirty hack for opensc 0.11.1 that enables usage of a PINpad in
Windows through PC/SC. At least on SCM SPR 532 PINpad reader and Setec cards it
is possible to verify or change a PIN (with sc_pin_cm
44 matches
Mail list logo
