Re : Re : Problem with OpenSC and Gemalto card

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

Re : Re : Problem with OpenSC and Gemalto card

Richard PALO
  Hi, I just received my Certigreffe usb key (GemPC Key from Certeurope)
with the home of replacing my Click&Trust Mercanteo smartcard used with
the GemPC Twin for use with various french agencies for company
declarations such as for VAT, social charges and public tender digital
signatures.

Unfortunately it seems that PKCS#15 initialization failed: Unsupported card


richard@shuttleX:/export/dossiers/pcsc-sun$ /usr/local/bin/opensc-tool -ian
opensc 0.11.13 [gcc 3.4.3 (csl-sol210-3_4-20050802)]
Enabled features: zlib readline iconv openssl
pcsc(/usr/lib/libpcsclite.so.1)
Using reader with a card: Gemplus GemPC Twin 00 00
3b:a7:00:40:18:80:65:a2:09:01:03:52
Gemplus GPK
richard@shuttleX:/export/dossiers/pcsc-sun$ /usr/local/bin/pkcs15-tool
--list-pins -c -C -k --list-public-keys
Using reader with a card: Gemplus GemPC Twin 00 00
X.509 Certificate [User certificate]
Flags : 0
Authority: no
Path :
ID : 01

Private RSA Key [AUTH key]
Com. Flags : 0
Usage : [0x37], encrypt, decrypt, sign, wrap, unwrap
Access Flags: [0x1D], sensitive, alwaysSensitive, neverExtract, local
ModLength : 1024
Key ref : 0
Native : yes
Path : 000a
Auth ID : 01
ID : 01

PIN [pin]
Com. Flags: 0x1
ID : 01
Flags : [0x22], local, needs-padding
Length : min_len:4, max_len:8, stored_len:8
Pad char : 0x00
Reference : 0
Type : ascii-numeric
Path : 3f000200

All seems fine with the old card, but when switched to the GemPC Key:

richard@shuttleX:/export/dossiers/pcsc-sun$ /usr/local/bin/opensc-tool -ian
opensc 0.11.13 [gcc 3.4.3 (csl-sol210-3_4-20050802)]
Enabled features: zlib readline iconv openssl
pcsc(/usr/lib/libpcsclite.so.1)
Using reader with a card: Gemplus GemPC Key 00 00
3b:6d:00:00:80:31:80:65:b0:83:02:04:7e:83:00:90:00
EMV compatible cards
richard@shuttleX:/export/dossiers/pcsc-sun$ /usr/local/bin/pkcs15-tool
--list-pins -c -C -k --list-public-keys
Using reader with a card: Gemplus GemPC Key 00 00
[pkcs15-tool] pkcs15.c:532:sc_pkcs15_bind_internal: unable to enumerate
apps: Wrong length
[pkcs15-tool] pkcs15.c:799:sc_pkcs15_bind: returning with: Unsupported card
PKCS#15 initialization failed: Unsupported card

I believe this GemPC Key is quite used, is it possible to understand how
to get it supported, at least as mainly used by Firefox? BTW it appears
to work fine with the Gemsafe classic client V6 on M$ WXP.

Thanks in advance for any hints

--
Richard PALO
TNT PACA, dénomination commerciale de la société BAOU
SAS au capital de 50.000 € - RCS TOULON 441 322 385 - APE 4322B
117, av Marcel Berre - ZI Camp Laurent - 83500 LA SEYNE SUR MER
tél:04.94.94.39.94 fax:04.94.87.86.67 mailto:[hidden email]
» Avant d'imprimer, pensez aux conséquences environnementales «

_______________________________________________
opensc-user mailing list
[hidden email]
http://www.opensc-project.org/mailman/listinfo/opensc-user
Reply | Threaded
Open this post in threaded view
|

Re: Re : Re : Problem with OpenSC and Gemalto card

Martin Paljak-2
Hello,

On Aug 22, 2010, at 8:18 PM, Richard PALO wrote:
> Unfortunately it seems that PKCS#15 initialization failed: Unsupported card
Apparently your card/card format is not supported by OpenSC.


> richard@shuttleX:/export/dossiers/pcsc-sun$ /usr/local/bin/opensc-tool -ian
> opensc 0.11.13 [gcc 3.4.3 (csl-sol210-3_4-20050802)]
> Enabled features: zlib readline iconv openssl
> pcsc(/usr/lib/libpcsclite.so.1)
> Using reader with a card: Gemplus GemPC Key 00 00
> 3b:6d:00:00:80:31:80:65:b0:83:02:04:7e:83:00:90:00
> EMV compatible cards
It gets (incorrectly) detected as an EMV card. This misinforming "bug" has been fixed in OpenSC trunk and you should get a standard "Unsupported card" error.

There's no driver for your card [1]  in OpenSC.



> richard@shuttleX:/export/dossiers/pcsc-sun$ /usr/local/bin/pkcs15-tool
> --list-pins -c -C -k --list-public-keys
> Using reader with a card: Gemplus GemPC Key 00 00
> [pkcs15-tool] pkcs15.c:532:sc_pkcs15_bind_internal: unable to enumerate
> apps: Wrong length
> [pkcs15-tool] pkcs15.c:799:sc_pkcs15_bind: returning with: Unsupported card
> PKCS#15 initialization failed: Unsupported card
>
> I believe this GemPC Key is quite used, is it possible to understand how
> to get it supported, at least as mainly used by Firefox? BTW it appears
> to work fine with the Gemsafe classic client V6 on M$ WXP.

Which means that it uses the gemsafe applet and somebody needs to develop it. I don't know exactly the versioning of Gemafe applets but there's some support for Gemsafe V1 applet [2] [3] in OpenSC (but not for Gemsafe V2 applet).
If you have some documentation about the card, that will help a lot.


[1] http://smartcard-atr.appspot.com/parse?ATR=3B6D000080318065B08302047E83009000
[2] http://www.opensc-project.org/opensc/browser/trunk/src/libopensc/card-gemsafeV1.c
[3] http://www.opensc-project.org/opensc/browser/trunk/src/libopensc/pkcs15-gemsafeV1.c
--
Martin Paljak
@martinpaljak.net
+3725156495

_______________________________________________
opensc-user mailing list
[hidden email]
http://www.opensc-project.org/mailman/listinfo/opensc-user