Menu
▾
▴
Re: [Opensc-devel] Oberthur Cosmo v7.0-n card support
|
From: Douglas E E. <dee...@gm...> - 2015-05-26 23:55:34
|
On 5/26/2015 7:01 AM, Fabian Leiros Carrera wrote: > Hello everyone, > > I'm trying to make OpenSC work with different models of Oberthur smartcards: > > - Cosmo64 RSA v5.2 (applet: 2.17) > - Cosmo v7.0-n (applet: 2.17) How did you get them? Are the blank? Did you get a manual with transport keys, etc. Do they an applet on the card? Card issuers like governments, usually have the manufacturer provide the cards with an applet installed. You could write an applet, like muscle to the card, but you need the manual with the keys. Google for: Oberthur Cosmo v7.0-n muscle or Oberthur Cosmo v7.0-n > > Up until now I only have been able to make the first card model work with OpenSC 0.14.0. > > After reading this https://github.com/OpenSC/OpenSC/wiki/Oberthur-AuthentIC-applet-v2.2 I assumed that Cosmo v7.0-n model is not supported, but I am not quite sure. > > Could anyone confirm if Cosmo v7.0-n model is supported by OpenSC please? > > If no, what would need to be done in order to support it? > > If it is supported, I am detailing at the end of the email how I am installing and setting up OpenSC. What am I doing wrong? > > Thank you so much for your help. > Best regards > Fabián > > ------------------------------------------------------------------------------------------------------------------ > > - Install both x86 and x64 versions of OpenSC on a Windows 7 x64 computer > - Add a new entry at "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Calais\SmartCards\" for Cosmo64 RSA v5.2 including its ATR: > > [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Calais\SmartCards\AuthenticV5] > "80000001"="opensc-minidriver.dll" > "Crypto Provider"="Microsoft Base Smart Card Crypto Provider" > "ATR"=hex:3b,7d,18,00,00,00,31,80,71,8e,64,77,e3,01,00,82,90,00 > "ATRMask"=hex:ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff > "Smart Card Key Storage Provider"="Microsoft Smart Card Key Storage Provider" > > - Add the same entry at "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Cryptography\Calais\SmartCards\" > - Restart "Certificate Propagation" service. > > - Plug-in the Cosmo64 RSA v5.2: > - the certificate will be imported correctly to Windows certificate store. > - "opensc-tool.exe -n" will return the name of the card correctly > C:\Program Files\OpenSC Project\OpenSC\tools>opensc-tool.exe -n > Using reader with a card: SCM Microsystems Inc. SCR3310 v2.0 USB SC Reader 0 > AuthentIC v5 > > - "opensc-tool.exe -a" returns the card's ATR > C:\Program Files\OpenSC Project\OpenSC\tools>opensc-tool.exe -a > Using reader with a card: SCM Microsystems Inc. SCR3310 v2.0 USB SC Reader 0 > 3b:7d:18:00:00:00:31:80:71:8e:64:77:e3:01:00:82:90:00 > > - "pkcs15-tool.exe -c" will output information about my certificate > > - So far, so good, so now I add two new Registry entries, on both x86 and x64 hives, for the Cosmo v7.0-n card: > > [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Calais\SmartCards\AuthentIC v7] > "80000001"="opensc-minidriver.dll" > "Crypto Provider"="Microsoft Base Smart Card Crypto Provider" > "ATR"=hex:3b,5b,96,00,00,31,c0,64,ba,fc,10,00,0f,90,00 > ATRMask"=hex:ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff > "Smart Card Key Storage Provider"="Microsoft Smart Card Key Storage Provider" > > - Now I plug in the Cosmo v7.0-n card and: > - the certificate is not imported to Windows certificate store. > -"opensc-tool -n" returns " Unsupported card" > C:\Program Files\OpenSC Project\OpenSC\tools>opensc-tool.exe -n > Using reader with a card: SCM Microsystems Inc. SCR3310 v2.0 USB SC Reader 0 > Unsupported card > > - "opensc-tool.exe -a" returns the card's ATR > C:\Program Files\OpenSC Project\OpenSC\tools>opensc-tool.exe -a > Using reader with a card: SCM Microsystems Inc. SCR3310 v2.0 USB SC Reader 0 > 3b:5b:96:00:00:31:c0:64:ba:fc:10:00:0f:90:00 > > - "pkcs15-tool.exe -c" also returns an error: > C:\Program Files\OpenSC Project\OpenSC\tools>pkcs15-tool.exe -c > Using reader with a card: SCM Microsystems Inc. SCR3310 v2.0 USB SC Reader 0 > Failed to connect to card: Card is invalid or cannot be handled > > - "opensc-tool.exe --list-drivers " shows two Oberthur drivers: > oberthur Oberthur AuthentIC.v2/CosmopolIC.v4 > authentic Oberthur AuthentIC v3.1 > > - I add a new "atr" entry on "opensc.conf" at "Program Files" and "Program Files (x86)" folders: > > # Oberthur's AuthentIC v7 > card_atr 3B:5B:96:00:00:31:C0:64:BA:FC:10:00:0F:90:00 { > type = 11100; > driver = "authentic"; > name = "AuthentIC v7"; > } > > - Plug in the Cosmo v7.0-n card and: > -"opensc-tool -n" changes its output: > C:\Program Files\OpenSC Project\OpenSC\tools>opensc-tool.exe -n > Using reader with a card: SCM Microsystems Inc. SCR3310 v2.0 USB SC Reader 0 > Failed to connect to card: File not found > > - Same thing with "opensc-tool.exe -a": > C:\Program Files\OpenSC Project\OpenSC\tools>opensc-tool.exe -a > Using reader with a card: SCM Microsystems Inc. SCR3310 v2.0 USB SC Reader 0 > Failed to connect to card: File not found > > - And with "pkcs15-tool.exe -c": > C:\Program Files\OpenSC Project\OpenSC\tools>pkcs15-tool.exe -c > Using reader with a card: SCM Microsystems Inc. SCR3310 v2.0 USB SC Reader 0 > Failed to connect to card: File not found > > - Now I change the "atr" entries on "opensc.conf" files to: > > # Oberthur's AuthentIC v7 > card_atr 3B:5B:96:00:00:31:C0:64:BA:FC:10:00:0F:90:00 { > type = 11100; > driver = "oberthur"; > name = "AuthentIC v7"; > } > > - And I get this outputs with Cosmo v7.0-n card plugged in: > -"opensc-tool -n": > C:\Program Files\OpenSC Project\OpenSC\tools>opensc-tool.exe -n > Using reader with a card: SCM Microsystems Inc. SCR3310 v2.0 USB SC Reader 0 > AuthentIC v5 > > -"opensc-tool -a": > C:\Program Files\OpenSC Project\OpenSC\tools>opensc-tool.exe -a > Using reader with a card: SCM Microsystems Inc. SCR3310 v2.0 USB SC Reader 0 > 3b:5b:96:00:00:31:c0:64:ba:fc:10:00:0f:90:00 > > - "pkcs15-tool.exe -c": > C:\Program Files\OpenSC Project\OpenSC\tools>pkcs15-tool.exe -c > Using reader with a card: SCM Microsystems Inc. SCR3310 v2.0 USB SC Reader 0 > PKCS#15 binding failed: Unsupported card > > ________________________________ > > AVISO DE CONFIDENCIALIDAD. > Este correo y la información contenida o adjunta al mismo es privada y confidencial y va dirigida exclusivamente a su destinatario. everis informa a quien pueda haber recibido este correo por error que contiene información confidencial cuyo uso, copia, reproducción o distribución está expresamente prohibida. Si no es Vd. el destinatario del mismo y recibe este correo por error, le rogamos lo ponga en conocimiento del emisor y proceda a su eliminación sin copiarlo, imprimirlo o utilizarlo de ningún modo. > > CONFIDENTIALITY WARNING. > This message and the information contained in or attached to it are private and confidential and intended exclusively for the addressee. everis informs to whom it may receive it in error that it contains privileged information and its use, copy, reproduction or distribution is prohibited. If you are not an intended recipient of this E-mail, please notify the sender, delete it and do not read, act upon, print, disclose, copy, retain or redistribute any portion of this E-mail. > > ------------------------------------------------------------------------------ > One dashboard for servers and applications across Physical-Virtual-Cloud > Widest out-of-the-box monitoring support with 50+ applications > Performance metrics, stats and reports that give you Actionable Insights > Deep dive visibility with transaction tracing using APM Insight. > http://ad.doubleclick.net/ddm/clk/290420510;117567292;y > _______________________________________________ > Opensc-devel mailing list > Ope...@li... > https://lists.sourceforge.net/lists/listinfo/opensc-devel > -- Douglas E. Engert <DEE...@gm...> |
