[Opensc-devel] opensc-0.18.0-rc1 tests with MyEID card

[Peter P. <pop...@gm...>]

Hi

I found some problems with  opensc 0.18.0-rc1 (in Win 10, 64 bit).

(0. deinstallation of opensc 0.17... seems to be without errors)
1. Installation 0.18.0-rc1 - seems to work correctly ("complete"
installation selected).
2. I disconnect computer from internet (to disallow automatic installation
of
   aventra driver for MyEID card)
3. pkcs15-tool -D  work as expected
4. pkcs11-tool --login --test  fail with:
   Failed to load pkcs11 module
5. certutil -scinfo  fail with:

C:\WINDOWS\system32>certutil -scinfo
The Microsoft Smart Card Resource Manager is running.
Current reader/card status:
Readers: 1
  0: Generic EMV Smartcard Reader 0
--- Reader: Generic EMV Smartcard Reader 0
--- Status: SCARD_STATE_PRESENT | SCARD_STATE_UNPOWERED
--- Status: The card is available for use.
---   Card:
---    ATR:
        3b f5 18 00 00 81 31 fe  45 4d 79 45 49 44 9a      ;.....1.EMyEID.


=======================================================
Analyzing card in reader: Generic EMV Smartcard Reader 0
SCardGetCardTypeProviderName: The system cannot find the file specified.
0x2 (WIN32: 2 ERROR_FILE_NOT_FOUND)
Cannot retrieve Provider Name for SCardGetCardTypeProviderName: The system
cannot find the file specified. 0x2 (WIN32: 2 ERRO
Cannot retrieve Provider Name for
--------------===========================--------------
CertUtil: -SCInfo command FAILED: 0x2 (WIN32: 2 ERROR_FILE_NOT_FOUND)
CertUtil: The system cannot find the file specified.



I can manualy add opensc-minidriver.dll with card ATR into register file but
certutil --scinfo  still fails:
C:\>certutil -scinfo
The Microsoft Smart Card Resource Manager is running.
Current reader/card status:
Readers: 1
  0: Generic EMV Smartcard Reader 0
--- Reader: Generic EMV Smartcard Reader 0
--- Status: SCARD_STATE_PRESENT | SCARD_STATE_UNPOWERED
--- Status: The card is available for use.
---   Card: MyEID-opensc
---    ATR:
        3b f5 18 00 00 81 31 fe  45 4d 79 45 49 44 9a      ;.....1.EMyEID.


=======================================================
Analyzing card in reader: Generic EMV Smartcard Reader 0

--------------===========================--------------
================ Certificate 0 ================
--- Reader: Generic EMV Smartcard Reader 0
---   Card: MyEID-opensc
Provider = OpenSC CSP
Key Container = (null) [Default Container]

Cannot open the AT_SIGNATURE key for reader: Generic EMV Smartcard Reader 0
Cannot open the AT_KEYEXCHANGE key for reader: Generic EMV Smartcard Reader
0

--------------===========================--------------
================ Certificate 0 ================
--- Reader: Generic EMV Smartcard Reader 0
---   Card: MyEID-opensc
Provider = Microsoft Smart Card Key Storage Provider
Key Container = (null) [Default Container]

Cannot open the  key for reader: Generic EMV Smartcard Reader 0

--------------===========================--------------
Linux (debian 9.4) tests
------------------------


driver | tested smart card
myeid  | MyEID cards with PKCS#15 applet

Token info from: pkcs11-tool -T

Available slots:
Slot 0 (0x0): Alcor Micro AU9560 00 00
  token label        : MyEID
  token manufacturer : Aventra Ltd.
  token model        : PKCS#15
  token flags        : login required, rng, token initialized, PIN
initialized
  hardware version   : 0.0
  firmware version   : 33.3
  serial num         : 5003002081976737
  pin min/max        : 4/8
$ pkcs11-tool --login --test
Using slot 0 with a present token (0x0)
Logging in to "MyEID".
Please enter User PIN:
C_SeedRandom() and C_GenerateRandom():
  seeding (C_SeedRandom) not supported
  seems to be OK
Digests:
  all 4 digest functions seem to work
  MD5: OK
  SHA-1: OK
  RIPEMD160: OK
Signatures (currently only for RSA)
  testing key 0 (Certificate)
  all 4 signature functions seem to work
  testing signature mechanisms:
    RSA-X-509: OK
    RSA-PKCS: OK
    SHA1-RSA-PKCS: OK
  testing key 1 (1536 bits, label=key_1536) with 1 signature mechanism
    RSA-X-509: OK
  testing key 2 (2048 bits, label=key_2048) with 1 signature mechanism
    RSA-X-509: OK
  testing key 3 (512 bits, label=key_512) with 1 signature mechanism
    RSA-X-509: OK
  testing key 4 (768 bits, label=key_768) with 1 signature mechanism
    RSA-X-509: OK
Verify (currently only for RSA)
  testing key 0 (Certificate)
    RSA-X-509: OK
    RSA-PKCS: OK
    SHA1-RSA-PKCS: OK
  testing key 1 (key_1536) with 1 mechanism
    RSA-X-509: OK
  testing key 2 (key_2048) with 1 mechanism
    RSA-X-509: OK
  testing key 3 (key_512) with 1 mechanism
    RSA-X-509: OK
  testing key 4 (key_768) with 1 mechanism
    RSA-X-509: OK
Unwrap: not implemented
Decryption (currently only for RSA)
  testing key 0 (Certificate)
    RSA-X-509: OK
    RSA-PKCS: OK
  testing key 1 (key_1536)
    RSA-X-509: OK
    RSA-PKCS: OK
  testing key 2 (key_2048)
    RSA-X-509: OK
    RSA-PKCS: OK
  testing key 3 (key_512)
    RSA-X-509: OK
    RSA-PKCS: OK
  testing key 4 (key_768)
    RSA-X-509: OK
    RSA-PKCS: OK
No errors

Firefox (Linux, debian 9.4)
Load OpenSC PKCS#11 Module ... Working
PIN Verification.............. Working
TLS Client Authentication......Working

openssh-client            (Linux, debian 9.4)
OpenSSH (without ssh-agent) ...Working
OpenSSH (with    ssh-agent) ...Working




---
Peter