[Opensc-devel] opensc-explorer, PIN length 10 / sequel

[Johannes B. <Joh...@hr...>]

Hello,

 finally I found time to produce log files for the following problem:

chipcard  CardOS V4.3B 
OpenSC  0.13.0

opensc-explorer fails to verify the PIN:

$ opensc-explorer
OpenSC Explorer version 0.13.0
Using reader with a card: Dell Dell Smart Card Reader Keyboard 00 00
OpenSC [3F00]> cd 5015
OpenSC [3F00/5015]> verify CHV129 32:33:34:35:36:37:FF:FF:FF:FF
Unable to verify PIN code: Invalid arguments
OpenSC [3F00/5015]> verify CHV129 32:33:34:35:36:37:FF:FF
Incorrect code.
OpenSC [3F00/5015]> exit

On the other hand pkcs15-tool has no problems with the command
pkcs15-tool --change-pin --pin 234567  --new-pin 234567

The log files are
http://www.uni-giessen.de/~g013/opensc/opensc-explorer.log
http://www.uni-giessen.de/~g013/opensc/pkcs15-tool.log

Below the output of pkcs15-tool --dump

Regards
  Johannes



 pkcs15-tool --dump
Using reader with a card: Dell Dell Smart Card Reader Keyboard 00 00
PKCS#15 Card [Test Card]:
        Version        : 0
        Serial number  : 7BFF203BF6052E35
        Manufacturer ID: cv cryptovision gmbh (c) v1.0n
        Flags          : Login required, PRN generation, EID compliant

PIN [User Pin]
        Object Flags   : [0x3], private, modifiable
        Auth ID        : 02
        ID             : 01
        Flags          : [0x133], case-sensitive, local, initialized, needs-padding, disable_allowed
        Length         : min_len:4, max_len:10, stored_len:10
        Pad char       : 0xFF
        Reference      : 129 (0x81)
        Type           : ascii-numeric
        Path           : 3f005015

PIN [SO Pin]
        Object Flags   : [0x3], private, modifiable
        ID             : 02
        Flags          : [0x1BB], case-sensitive, local, unblock-disabled, initialized, needs-
padding, soPin, disable_allowed
        Length         : min_len:4, max_len:10, stored_len:10
        Pad char       : 0xFF
        Reference      : 130 (0x82)
        Type           : ascii-numeric
        Path           : 3f005015

AuthKey [Challenge Response Key]
        Object Flags   : [0x3], private, modifiable
        ID             : 02
        Derived        : 1
        SecretKeyID    : 01

Private RSA Key [JLUSIGNCERT]
        Object Flags   : [0x3], private, modifiable
        Usage          : [0x6], decrypt, sign
        Access Flags   : [0x9], sensitive, neverExtract
        ModLength      : 2048
        Key ref        : 1 (0x1)
        Native         : yes
        Path           : 3f00501550724b21
        Auth ID        : 01
        ID             : 45
        GUID           : {6c9dc6ad-b7fa-c10c-0ff7-c385ad72d3f0}

Private RSA Key [JLUAUTHCERT]
        Object Flags   : [0x3], private, modifiable
        Usage          : [0x6], decrypt, sign
        Access Flags   : [0x9], sensitive, neverExtract
        ModLength      : 2048
        Key ref        : 1 (0x1)
        Native         : yes
        Path           : 3f00501550724b22
        Auth ID        : 01
        ID             : 46
        GUID           : {d9fe0a11-3ec7-eda5-ac52-9a721aff8e70}

Public RSA Key [JLUSIGNCERT]
        Object Flags   : [0x2], modifiable
        Usage          : [0x41], encrypt, verify
        Access Flags   : [0x0]
        ModLength      : 2048
        Key ref        : 1 (0x1)
        Native         : no
        Path           : 3f00501550754b21
        ID             : 45
        DirectValue    : <absent>

Public RSA Key [JLUAUTHCERT]
        Object Flags   : [0x2], modifiable
        Usage          : [0x41], encrypt, verify
        Access Flags   : [0x0]
        ModLength      : 2048
        Key ref        : 1 (0x1)
        Native         : no
        Path           : 3f00501550754b22
        ID             : 46
        DirectValue    : <absent>

X.509 Certificate [JLUSIGNCERT]
        Object Flags   : [0x2], modifiable
        Authority      : no
        Path           : 3f00501543044301
        ID             : 45
        GUID           : {6c9dc6ad-b7fa-c10c-0ff7-c385ad72d3f0}
        Encoded serial : 02 07 1599ED6129A5C1
X.509 Certificate [JLUAUTHCERT]
        Object Flags   : [0x2], modifiable
        Authority      : no
        Path           : 3f00501543044302
        ID             : 46
        GUID           : {d9fe0a11-3ec7-eda5-ac52-9a721aff8e70}
        Encoded serial : 02 07 1599ED65D8554B
X.509 Certificate [Deutsche Telekom Root CA 2]
        Object Flags   : [0x2], modifiable
        Authority      : no
        Path           : 3f00501543044303
        ID             : 50
        GUID           : {6f74f832-4ebb-257d-0ae1-97ad6b19b2ae}
        Encoded serial : 02 01 26
X.509 Certificate [DFN-Verein PCA Global - G01]
        Object Flags   : [0x2], modifiable
        Authority      : no
        Path           : 3f00501543044304
        ID             : 50
        GUID           : {6f74f832-4ebb-257d-0ae1-97ad6b19b2ae}
        Encoded serial : 02 02 00C7
X.509 Certificate [JLUCACERT]
        Object Flags   : [0x2], modifiable
        Authority      : no
        Path           : 3f00501543044305
        ID             : 50
        GUID           : {6f74f832-4ebb-257d-0ae1-97ad6b19b2ae}
        Encoded serial : 02 04 109C4834
Data object 'cardid'
        applicationName: cvmd
        Path:            3f0050156377
        Data (16 bytes): 36ED3BC2D4AF7D41A4632F4026C27D6F
Data object 'cardcf'
        applicationName: cvmd
        Path:            3f0050156378
        Data (6 bytes): 010109000A00
Data object 'cardapps'
        applicationName: cvmd
        Path:            3f00501544444401
        Data (8 bytes): 6D73637000000000
Data object 'mscp\'
        applicationName: cvmd
        Path:            3f00501544444402
        Data (0 bytes): 
Data object 'mscp\cmapfile'
        applicationName: cvmd
        Path:            3f00501544444403
        Data (0 bytes): 
Data object 'CARDVERSION'
        applicationName: 
        Path:            3f00501544444404
        Data (3 bytes): 322E30