Menu
▾
▴
Re: [Opensc-devel] ePass2003 custom so-pin profile
|
From: Jean-Pierre S. <jea...@uc...> - 2013-08-22 15:54:31
|
Hi Jean-Michel, Have you tried the latest version of OpenSC version from GitHub ? There is a patch (https://github.com/OpenSC/OpenSC/commit/de4dd056bfc95935198528c4e7ddcd8cbbb7b8c1) fixing a problem existing in 0.13 but not in 0.12.2. Best Regards, Jean-Pierre Le 22 août 2013 à 17:00, Jean-Michel Pouré - GOOZE a écrit : > Dear all, > > The ePass2003 does not work when initialized with SO-PIN in OpenSC. > > GOOZE requested technical documentation from Feitian, but never received > the list of APDU command or any useful documentation. > > A GOOZE user did some research and found the following trick: > > The issue is not in SO PIN itself. It's caused by incorrect ACL flags > arising from not using the ACL flags defined in "onepin" profile. If you > add a profile referring SOPIN into /usr/share/opensc/epass2003.profile > (e.g. before line "option onepin") and use it, pkcs15-init won't "brick" > token anymore: > > option sopinacl { > macros { > so-pin-flags = local, initialized, soPin; > pin-flags = local, initialized, needs-padding; > df_acl = *=$SOPIN, CRYPTO=NONE, FILES=NONE, CREATE=NONE, DELETE=NONE; > ef_acl = *=NEVER, READ=NONE, UPDATE=NONE, WRITE=NONE, DELETE=NONE; > sf_acl = *=NEVER, UPDATE=NONE; > protected = *=NEVER,READ=NONE, UPDATE=$PIN, DELETE=$PIN; > } > } > > I would welcome the feedback from OpenSC community and would like to > know if this works for you and/or would be useful in OpenSC itself. > > Maybe Feitian itself could comment on this proposal of fix in reply on > OpenSC mailing list. > > Kind regards, > Jean-Michel Pouré > -- > > GOOZE - http://www.gooze.eu > High quality cryptographic tools > for GNU/Linux, Mac OS X and Windows > POURE SASU - 17 rue Saint Jacques - 95160 Montmorency - France > Tel : +33 (0)9 72 13 53 90 - Mobile : +33 (0)6 51 99 37 90 > Registry: FR 527 672 448 00018 - VAT: FR54527672448 > CAcert root certificate: http://www.cacert.org/index.php?id=3 > ID PGP/GPG: 084F2584 > ------------------------------------------------------------------------------ > Introducing Performance Central, a new site from SourceForge and > AppDynamics. Performance Central is your source for news, insights, > analysis and resources for efficient Application Performance Management. > Visit us today! > http://pubads.g.doubleclick.net/gampad/clk?id=48897511&iu=/4140/ostg.clktrk > _______________________________________________ > Opensc-devel mailing list > Ope...@li... > https://lists.sourceforge.net/lists/listinfo/opensc-devel -- Dr Jean-Pierre Szikora e-mail: jea...@uc... tel: 32-2-764.75.00 75, av. Hippocrate, bte B1.74.03 fax: 32-2-764.65.65 1200 Brussels - Belgium |
