The opensc-pkcs11.so can also not access the card, yet i got
a library that can for the card. Still verifying if i am
allowed to hand it out.
I can use that library together with StrongSwan to authenti-
cate at ipsec-tunnelentpoints.
I would like to see some more tools working for debugging,
maybe opensc-pkcs11.so directly support the card.
Any ideas how to go further from here?
Am Dienstag 20 Juli 2010, um 15:48:36 schrieb Christian Horn:
> I would like to see some more tools working for debugging,
> maybe opensc-pkcs11.so directly support the card.
> Any ideas how to go further from here?
try to get the tcos 3.0 manual. wikipedia has a link from
tcos to their home page, maybe they will give you a copy
if you ask.
tcos3 support is implemented in general, but the format
of your card is unknown. you could try to log all APDU commands
(not sure if pcscd can do that for you), and thus find out what
files / keys / ... are implemented, and then write a new
emulation layer for the format of your card. see the
current emulation for details.
or maybe "pkcs11-tool" with that vendor library will show
already a lot of details (e.g. list of certificates, keys,
flags etc.), and thus provide you with some information.
maybe a LD_PRELOAD library could overwrite the PC/SC
functions, and thus log all functions going forward
and back, similar to what pkcs11-spy does? then you
could combine the pkcs11-spy and that ld-preload
to see high level pkcs#11 api calls and what low level
pcsc-calls are the result of that?
for opensc code:
see pkcs15-tcos.c, it is pretty straight forward:
detect the format, and add all objects so opensc
knows what is there and the parameters. opensc can
then use the generic code to access those files in