ePass2003 not working: Failed to create PKCS #15 meta structure: Not allowed

classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

ePass2003 not working: Failed to create PKCS #15 meta structure: Not allowed

KangJing Huang

Hi there,

I bought an ePass2003 and planned to use it with OpenSC.

However, following the instructions on the web does not seem to work for me.

Firstly, I run

pkcs15-init -E

and it returned without any error.

Then, I run

pkcs15-init -C --pin 0000 --puk 111111 -p pkcs15+onepin 

and it gives:

Using reader with a card: Feitian ePass2003 00 00

Failed to create PKCS #15 meta structure: Not allowed

Then, any further operation seems to be failing:

 $ pkcs15-tool --dump                                                                                                      [16:53:22]

Using reader with a card: Feitian ePass2003 00 00

PKCS#15 binding failed: Unsupported card

 

 $ opensc-tool --list-files                                                                                                [16:55:10]

Using reader with a card: Feitian ePass2003 00 00

3f00 [entersafe-fips] type: DF, size: 0

select[N/A] lock[N/A] delete[N/A] create[N/A] rehab[N/A] inval[N/A] list[N/A] sec: 9F:9F:FF:9F:FF:FF:FF:FF

prop: 00:7F

sc_list_files() failed: Security status not satisfied

 $ pkcs15-init -E                                                                                                          [16:55:28]

Using reader with a card: Feitian ePass2003 00 00

Failed to erase card: Security status not satisfied

And it's not working with Windows drivers anymore, either.

I'm using Gentoo Linux and tried both in-tree 0.14.0 version and git version, but none works.

Stderr of

pkcs15-init -C --pin 0000 --puk 111111 -p pkcs15+onepin -vvv

is attached, in case further inspection is needed.

Any other further information could be provided if requested.

Please help on how to recover my token and how to get it work with opensc

Thanks a lot!

Happy Hacking


------------------------------------------------------------------------------
Dive into the World of Parallel Programming The Go Parallel Website, sponsored
by Intel and developed in partnership with Slashdot Media, is your hub for all
things parallel software development, from weekly thought leadership blogs to
news, videos, case studies, tutorials and more. Take a look and join the
conversation now. http://goparallel.sourceforge.net/
_______________________________________________
Opensc-devel mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/opensc-devel

error.log (90K) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: ePass2003 not working: Failed to create PKCS #15 meta structure: Not allowed

KangJing Huang

> pkcs15-tool -E

> pkcs15-init --create-pkcs15 --profile pkcs15+onepin --use-default-transport-key --pin 0000 --puk 111111 --label "Joe Bloggs"

> pkcs15-tool -D (expected output)

Sorry but this still does not work for me.
I copy-paste run all the commands but they are just giving all the same output as I posted in the original mail. (Though I did suppose that you typed "pkcs15-tool" meaning "pkc15-init' in the 1st line)

I'm doubting that the token's storage has been written in a strange way that it could not be correctly recognized, reading this post
I thought I might need to low-level format my token and doing this requires a windows program named format_tool_2003.exe, which I did'nt manage to find in the tool set provided by my token hardware provider.

So I'll be very grateful if anyone out there who has it don't mind mailing it to me. thanks!

Happy Hacking!


On Tue, Mar 3, 2015 at 6:13 PM Tom <[hidden email]> wrote:

This seems to work for me:

 

 

give it a try

Tom

 

From: KangJing Huang [mailto:[hidden email]]
Sent: 03 March 2015 09:19
To: [hidden email]
Subject: [Opensc-devel] ePass2003 not working: Failed to create PKCS #15 meta structure: Not allowed

 

Hi there,

I bought an ePass2003 and planned to use it with OpenSC.

However, following the instructions on the web does not seem to work for me.

Firstly, I run

pkcs15-init -E

and it returned without any error.

Then, I run

pkcs15-init -C --pin 0000 --puk 111111 -p pkcs15+onepin 

and it gives:

Using reader with a card: Feitian ePass2003 00 00

Failed to create PKCS #15 meta structure: Not allowed

Then, any further operation seems to be failing:

 $ pkcs15-tool --dump                                                                                                      [16:53:22]

Using reader with a card: Feitian ePass2003 00 00

PKCS#15 binding failed: Unsupported card

 

 $ opensc-tool --list-files                                                                                                [16:55:10]

Using reader with a card: Feitian ePass2003 00 00

3f00 [entersafe-fips] type: DF, size: 0

select[N/A] lock[N/A] delete[N/A] create[N/A] rehab[N/A] inval[N/A] list[N/A] sec: 9F:9F:FF:9F:FF:FF:FF:FF

prop: 00:7F

sc_list_files() failed: Security status not satisfied

 $ pkcs15-init -E                                                                                                          [16:55:28]

Using reader with a card: Feitian ePass2003 00 00

Failed to erase card: Security status not satisfied

And it's not working with Windows drivers anymore, either.

I'm using Gentoo Linux and tried both in-tree 0.14.0 version and git version, but none works.

Stderr of

pkcs15-init -C --pin 0000 --puk 111111 -p pkcs15+onepin -vvv

is attached, in case further inspection is needed.

Any other further information could be provided if requested.

Please help on how to recover my token and how to get it work with opensc

Thanks a lot!

Happy Hacking


------------------------------------------------------------------------------
Dive into the World of Parallel Programming The Go Parallel Website, sponsored
by Intel and developed in partnership with Slashdot Media, is your hub for all
things parallel software development, from weekly thought leadership blogs to
news, videos, case studies, tutorials and more. Take a look and join the
conversation now. http://goparallel.sourceforge.net/
_______________________________________________
Opensc-devel mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/opensc-devel
tan
Reply | Threaded
Open this post in threaded view
|

Re: ePass2003 not working: Failed to create PKCS #15 meta structure: Not allowed

tan
I'm sorry that didn't work.
I would also be interested in the reset tool if you find it please.