Menu
▾
▴
[Globalplatform-developers] Re: [Globalplatform-users] Re: GlobalPlatform2.1.1 and OpenSSL
|
From: Karsten O. <wid...@t-...> - 2006-03-25 05:40:36
|
Iain MacDonnell wrote: > > > Iain MacDonnell wrote on 03/24/06 08:33 PM: > >> >> >> Karsten Ohme wrote on 03/24/06 08:03 PM: >> >>> Iain MacDonnell wrote: >>> >>>> >>>> Two questions: >>>> >>>> 1) Is OpenSSL 0.9.7e really needed? The configure script checks for >>>> PEM_read_bio_PrivateKey(), but I don't see that actually used >>>> anywhere. Solaris 10 comes with 0.9.7d, and like to use that if >>>> there isn't a real need for 0.9.7e ... ? >>> >>> >>> No. If the API has all needed function, it is OK. The check is only >>> performed to make sure that the library is OK. Does this step cause a >>> problem? I don't know if the version 0.9.7d has all needed functions, if >>> you are successful, I can change the e to a d. >> >> >> The problem was that AC_CHECK_LIB failed. The CVS was not up to date. The release version was newer. This should fix the crypto problems below. >> >> >>> I changed it to PEM_read_PrivateKey, which is used e.g. in >>> OP201_calculate_rsa_DAP(). >> >> >> Err, you changed it in the error message but not in the actual test :) >> >> AC_CHECK_LIB(ssl, PEM_read_bio_PrivateKey, [], >> [AC_MSG_ERROR([PEM_read_PrivateKey() not >> found, install OpenSSL 0.9.7e or later])]) >> >> but wait - that's a red herring anyway - the real problem is that you >> need to change "ssl" to "crypto", as libcrypto, not libssl, is where >> PEM_read_bio_PrivateKey() is visible. >> >> With that change, configure finishes successfully, even with 0.9.7d. >> >> >>>> 2) It seems that libGlobalPlatform.so needs to be linked to libcrypto, >>>> but it isn't - I have to manually add '-lcrypto' when building >>>> anything that uses libGlobalPlatform.so (including GPShell) >>> >>> >>> I changed the AC_CHECK_LIB autoconf macro to look for the crypto >>> library. >>> >>> Let me know, if it works. >> >> >> Ahhh, you need to do that for GlobalPlatform2.1.1 too - then both my >> problems will be solved, I believe. >> >> >>> I released at: >>> >>> http://sourceforge.net/project/showfiles.php?group_id=143343 >>> >>> the current versions of GlobalPlatform and GPShell. Should be the >>> same state as the CVS. >> >> >> I'm working from CVS. >> >> BTW, I've run into what appears to be a bigger problem - have you ever >> tried this stuff on a big-endian machine? >> >> # /opt/ITmuscle/bin/gpshell list-cflex.txt >> mode_201 >> enable_trace >> establish_context >> card_connect >> select -AID a0000000030000 >> --> 00A404000700000000000000 > > > Note that the AID is not showing in this APDU... compared to below.... Mmmh, this is a bigger problem. I will see to fix the conversion routines, if something like this is used, I'm not sure. Thanks, Karsten > >> <-- 6A82 >> select_application() returns 0x80216A82 (6A82: The application to be >> selected could not be found.) >> # uname -a >> SunOS sb150 5.10 Generic_118822-25 sun4u sparc SUNW,Sun-Blade-100 >> # >> >> >> Maybe the endianess is a red herring too ... but I've successfully used >> this stuff on Solaris x86... > > > Same card, same reader, same sources, but on Solaris x86: > > > # /opt/ITmuscle/bin/gpshell list-cflex.txt > mode_201 > enable_trace > establish_context > card_connect > select -AID a0000000030000 > --> 00A4040007A0000000030000 > <-- 6F188407A0000000030000A50D9F6E060005020201009F6501FF9000 > open_sc -security 1 -keyind 0 -keyver 0 -mac_key > 404142434445464748494a4b4c4d4e4f -enc_key > 404142434445464748494a4b4c4d4e4f // Open secure channel > --> 80500000088409FFE1A2E28B4600 > <-- 000012010000111401020101E86DFA173682E4673596888A215DE86C9000 > --> 8482010010C8207C7B2A3E416884B431EF23B61CD2 > <-- 9000 > get_status -element e0 > --> 80F2E000024F0000 > <-- > 07A0000000030000070007A0000000620001010007A0000000620101010007A0000000620102010007A0000000620201010007A0000000030000010005A000000001010006A0000000010107009000 > > > List of applets (AID state privileges) > a0000000030000 7 0 > a0000000620001 1 0 > a0000000620101 1 0 > a0000000620102 1 0 > a0000000620201 1 0 > a0000000030000 1 0 > a000000001 1 0 > a00000000101 7 0 > card_disconnect > release_context > # > > ~Iain > > > > > ------------------------------------------------------- > This SF.Net email is sponsored by xPML, a groundbreaking scripting language > that extends applications into web and mobile media. Attend the live > webcast > and join the prime developer group breaking into this new coding territory! > http://sel.as-us.falkag.net/sel?cmd=lnk&kid=110944&bid=241720&dat=121642 > _______________________________________________ > Globalplatform-users mailing list > Glo...@li... > https://lists.sourceforge.net/lists/listinfo/globalplatform-users |
