[opensc-user] Aladdin eToken Pro 64K and Aladdin eToken NG-OTP support?
I just received one of each and was wondering whether it is/will be
usable with opensc?
So far I only managed to erase both tokens, but pkcs15-init -C bails
card.c:531:sc_create_file: called; type=2, path=3f005015, size=2048
card-etoken.c:180:etoken_check_sw: invalid parameters in data field
card-etoken.c:518:etoken_create_file: returning with: Incorrect
parameters in APDU
card.c:536:sc_create_file: returning with: Incorrect parameters in APDU
>From what I've seen it looks like OpenCT supports these tokens, but
OpenSC does not?
Is there something I can do to make it usable?
Freelance UNIX Specialist
email: [hidden email]
This plaintext message
not alone in the network
notice for the lame
Re: Aladdin eToken Pro 64K and Aladdin eToken NG-OTP support?
On Monday 19 September 2005 19:14, Jan Schermer wrote:
> I just received one of each and was wondering whether it is/will be
> usable with opensc?
I have neither hardware, I asked Aladdin and Siemens for documentation,
and without NDA and/or paying money I can't get any.
> From what I've seen it looks like OpenCT supports these tokens, but
> OpenSC does not?
that is correct. OpenCT is simply: it implements the usb stuff and aladdin
does little more than T=1 which is well documented. So it was easy to
implement that part.
But we cannot implement OpenSC support without full documentation and
> Is there something I can do to make it usable?
Try to get the user manual for cardos 4.20/4.3b and implement the driver.
I guess the changes are quite small, so you could go through each function
in card-etoken and compare it to the new manual. maybe a changed bit here
and there, but I guess no bigger change. and because we can set flags
based on the atr and the code can have different paths depending on those
flags, it should be easy to add a few if / else contructs to adapt to the
changes siemens did.
Note: even if you do that work, aladdin still uses a proprietory and
undocumented structure, so you can use the keys and certificates only
with the software you used for initialization - either opensc or aladdins.
we implement pkcs#15 standard - they don't. we have code for adding
emulations, but we would need documentation on their format to do that.
so far no luck on getting any. if you have time, I was told it is possible
to reverse engineer their format.