Support of French Professional Health Card CPS3

classic Classic list List threaded Threaded
8 messages Options
Reply | Threaded
Open this post in threaded view
|

Support of French Professional Health Card CPS3

LaurentTrk
Hi all,
Does anyone of you have already work on the support of the French Professional Health Card, named  CPS3 ?
This Oberthur Card is IAS ECC compliant, but unfortunately, the last OpenSC library doesnt support this card.
Any help will be appreciate.
Thanks.

Laurent
Reply | Threaded
Open this post in threaded view
|

Re: Support of French Professional Health Card CPS3

Viktor Tarasov-3
Hello,

On Wed, Jan 22, 2014 at 2:52 PM, LaurentTrk <[hidden email]> wrote:
Hi all,
Does anyone of you have already work on the support of the French
Professional Health Card, named  CPS3 ?
This Oberthur Card is IAS ECC compliant, but unfortunately, the last OpenSC
library doesnt support this card.

Currently IAS/ECC support in OpenSC is tested with card from Gemalto.

For some time already it was not tested with IAS/ECC cards from Morpho/Sagem and Oberthur.
You can try to insert the ATR of your card into opensc.conf.

OpenSC minidriver for IAS/ECC is Gemalto oriented,
but in theory there is possibility to integrate other types 


What exactly do you need:
- use it (Generic profile) in 'read' or 'read/write' mode;
- use Admin profile?  in 'read' or 'read/write' mode;
- OS (Linux?, Windows?);
- minidriver ?


Any help will be appreciate.
Thanks.

Laurent

Viktor.

 



--
View this message in context: http://opensc.1086184.n5.nabble.com/Support-of-French-Professional-Health-Card-CPS3-tp14340.html
Sent from the Developer mailing list archive at Nabble.com.

------------------------------------------------------------------------------
CenturyLink Cloud: The Leader in Enterprise Cloud Services.
Learn Why More Businesses Are Choosing CenturyLink Cloud For
Critical Workloads, Development Environments & Everything In Between.
Get a Quote or Start a Free Trial Today.
http://pubads.g.doubleclick.net/gampad/clk?id=119420431&iu=/4140/ostg.clktrk
_______________________________________________
Opensc-devel mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/opensc-devel


------------------------------------------------------------------------------
CenturyLink Cloud: The Leader in Enterprise Cloud Services.
Learn Why More Businesses Are Choosing CenturyLink Cloud For
Critical Workloads, Development Environments & Everything In Between.
Get a Quote or Start a Free Trial Today.
http://pubads.g.doubleclick.net/gampad/clk?id=119420431&iu=/4140/ostg.clktrk
_______________________________________________
Opensc-devel mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/opensc-devel
Reply | Threaded
Open this post in threaded view
|

Re: Support of French Professional Health Card CPS3

LaurentTrk
This post was updated on .
Hi Viktor,
Thanks for your quick reply.

Basically, I need to use/build a minidriver for this card : Windows OS, smartcard logon main purpose.

I already built my own OpenSC for test purpose, based on the IAS/ECC code : adding CPS card type, ATR.
But it seems that I need to change more code to work with the CPS3 card : even the MF selection does not work :-/

 
Viktor Tarasov-3 wrote
For some time already it was not tested with IAS/ECC cards from
Morpho/Sagem and Oberthur.
No luck. I was thinking that the IAS/ECC Oberthur card was already compliant...

Does anybody else know this card ?
Thanks for your help.

Laurent

Reply | Threaded
Open this post in threaded view
|

Re: Support of French Professional Health Card CPS3

Viktor Tarasov-3
On Wed, Jan 22, 2014 at 5:20 PM, LaurentTrk <[hidden email]> wrote:
Hi Viktor,
Thanks for your fast reply.

Basically, I need to use/build a minidriver for this card : Windows OS,
smartcard logon main purpose.

Be aware that there is not minidriver support in IAS/ECC specification,
and so in this part the difference between cards from different producers can be considerable.
 
 

I already built my own OpenSC for test purpose, based on the IAS/ECC code :
adding CPS card type, ATR.
But it seems that I need to change more code to work with the CPS3 card :
even the MF se lection does not work :-/


It could be that your card have different AID of IAS/ECC application .
For the Oberthur IAS/ECC cards that I know the IAS/ECC application is not selected by default.
 
Look iasecc_init_oberthur() in card-iasecc.c and change the AID if needed.


Viktor Tarasov-3 wrote
> For some time already it was not tested with IAS/ECC cards from
> Morpho/Sagem and Oberthur.

No luck. I was thinking that the IAS/ECC Oberthur card was already
compliant...

Does anybody else know this card ?
Thanks for your help.

Laurent





--
View this message in context: http://opensc.1086184.n5.nabble.com/Support-of-French-Professional-Health-Card-CPS3-tp14340p14342.html
Sent from the Developer mailing list archive at Nabble.com.

------------------------------------------------------------------------------
CenturyLink Cloud: The Leader in Enterprise Cloud Services.
Learn Why More Businesses Are Choosing CenturyLink Cloud For
Critical Workloads, Development Environments & Everything In Between.
Get a Quote or Start a Free Trial Today.
http://pubads.g.doubleclick.net/gampad/clk?id=119420431&iu=/4140/ostg.clktrk
_______________________________________________
Opensc-devel mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/opensc-devel


------------------------------------------------------------------------------
CenturyLink Cloud: The Leader in Enterprise Cloud Services.
Learn Why More Businesses Are Choosing CenturyLink Cloud For
Critical Workloads, Development Environments & Everything In Between.
Get a Quote or Start a Free Trial Today.
http://pubads.g.doubleclick.net/gampad/clk?id=119420431&iu=/4140/ostg.clktrk
_______________________________________________
Opensc-devel mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/opensc-devel
Reply | Threaded
Open this post in threaded view
|

Re: Support of French Professional Health Card CPS3

LaurentTrk
Viktor Tarasov-3 wrote
Be aware that there is not minidriver support in IAS/ECC specification,
and so in this part the difference between cards from different
producers can be considerable.
Thanks. We have already some knowledge on minidriver dev, so I think we should live with it :-)

Viktor Tarasov-3 wrote
It could be that your card have different AID of IAS/ECC application .
For the Oberthur IAS/ECC cards that I know the IAS/ECC application is not
selected by default.

Look *iasecc_init_oberthur()* in card-iasecc.c and change the AID if needed.
Thanks, again you're right. The AID is for sure different.
But, I had to also change some others part (especially the select APDU) in order to get something working.

ATM, pkcs15-tool is working for dumping objects.
Well, I need to work on PIN validation, and then crypto operations :-)

Do you have some unit tests to validate the card support ?

The CPS3 card is dual : contact and contactless applications, T0 and T1 are handled. I don't know how to handle correctly both parts. Any help will be appreciate on this part...

Thanks.



Reply | Threaded
Open this post in threaded view
|

Re: Support of French Professional Health Card CPS3

LaurentTrk
I managed to get the minidriver working, at least for smartcard logon

But, I found that the minidriver delays are really long. Asking for certificates through minidriver (certutil -scinfo) takes ages comparing to ask through pkcs15-tool...

I'll have to work on this thing :(
Reply | Threaded
Open this post in threaded view
|

Re: Support of French Professional Health Card CPS3

Douglas E. Engert


On 1/24/2014 9:46 AM, LaurentTrk wrote:
> I managed to get the minidriver working, at least for smartcard logon
>
> But, I found that the minidriver delays are really long. Asking for
> certificates through minidriver (certutil -scinfo) takes ages comparing to
> ask through pkcs15-tool...
>
> I'll have to work on this thing :(

Ask Microsoft.

Certutil may be trying to get certificate chains and CRLs to verify
the certificates.

>
>
>
> --
> View this message in context: http://opensc.1086184.n5.nabble.com/Support-of-French-Professional-Health-Card-CPS3-tp14340p14345.html
> Sent from the Developer mailing list archive at Nabble.com.
>
> ------------------------------------------------------------------------------
> CenturyLink Cloud: The Leader in Enterprise Cloud Services.
> Learn Why More Businesses Are Choosing CenturyLink Cloud For
> Critical Workloads, Development Environments & Everything In Between.
> Get a Quote or Start a Free Trial Today.
> http://pubads.g.doubleclick.net/gampad/clk?id=119420431&iu=/4140/ostg.clktrk
> _______________________________________________
> Opensc-devel mailing list
> [hidden email]
> https://lists.sourceforge.net/lists/listinfo/opensc-devel
>

--

  Douglas E. Engert  <[hidden email]> <[hidden email]>
  Argonne National Laboratory
  9700 South Cass Avenue
  Argonne, Illinois  60439
  (630) 252-5444

------------------------------------------------------------------------------
CenturyLink Cloud: The Leader in Enterprise Cloud Services.
Learn Why More Businesses Are Choosing CenturyLink Cloud For
Critical Workloads, Development Environments & Everything In Between.
Get a Quote or Start a Free Trial Today.
http://pubads.g.doubleclick.net/gampad/clk?id=119420431&iu=/4140/ostg.clktrk
_______________________________________________
Opensc-devel mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/opensc-devel
Reply | Threaded
Open this post in threaded view
|

Re: Support of French Professional Health Card CPS3

LaurentTrk
Douglas E. Engert wrote
Ask Microsoft.

Certutil may be trying to get certificate chains and CRLs to verify
the certificates.
Hi Douglas,
Thanks for your help, but the delays seems related to the minidriver, not the certificates and CRL verification.

As already said, we have our own minidriver implementation, we just need the PKCS15/card driver.