Menu
▾
▴
Re: [Opensc-devel] Upcoming release 0.19.0 needs testing
|
From: Peter P. <pop...@gm...> - 2018-08-31 08:40:48
|
Hi MyEID card (applet version 3.3.3), OpenSC compiled from sources https://github.com/OpenSC/OpenSC/archive/0.19.0-rc1.tar.gz All tests listed on the wiki give a correct result (report below). I have tested the initialization and upload of RSA key... and I found error, steps to reproduce: pkcs15-init -E pkcs15-init -C --so-pin 00000000 --so-puk 00000000 --pin 11111111 pkcs15-init --store-pin --id 01 --pin 11111111 --puk 11111111 --so-pin 00000000 pkcs15-init -F pkcs15-init --store-private-key keys/rsa2048-key.pem --auth-id=1 --pin 11111111 --so-pin 00000000 --key-usage sign,decrypt --label test Failed to store private key: Security status not satisfied This fail is generated by "file create" operation: Outgoing APDU (30 bytes): 00 E0 00 00 19 62 17 81 02 08 00 82 01 11 83 02 .....b.......... 4B 01 86 03 11 11 FF 85 02 00 00 8A 01 00 K............. 0x7feb36626d80 10:30:41.131 [pkcs15-init] reader-pcsc.c:213:pcsc_internal_transmit: called 0x7feb36626d80 10:30:41.132 [pkcs15-init] reader-pcsc.c:294:pcsc_transmit: Incoming APDU (2 bytes): 69 82 i. I searched "verify" operation in log .. but there is no verify .. $ OPENSC_DEBUG=255 pkcs15-init --store-private-key keys/rsa2048-key.pem --auth-id=1 --pin 11111111 --so-pin 00000000 --key-usage sign,decrypt --label TEST 2>&1|grep "00 20" Last working commit in git is f66ceab4bbc3cae529a22b5f3688076cc119bd7c, commit 83f45cda2af16b65264103fbe0394fd422f0120d no longer works. (gcc fail to compile ffe38fd87fc06879924759ca2e25eabb47ed6f0d, 360e95d45ac4123255a4c796db96337f332160ad, 8fe377e93b4b56060e5bbfb6f3142ceaeca744fa) TESTS from WIKI page: =================== Linux: openssh without agent - working openssh with agent - working firefox login / TLS client auth - working PKCS11-tool: Please enter User PIN: C_SeedRandom() and C_GenerateRandom(): seeding (C_SeedRandom) not supported seems to be OK Digests: all 4 digest functions seem to work MD5: OK SHA-1: OK RIPEMD160: OK Signatures (currently only for RSA) testing key 0 (Certificate) all 4 signature functions seem to work testing signature mechanisms: RSA-X-509: OK RSA-PKCS: OK SHA1-RSA-PKCS: OK Verify (currently only for RSA) testing key 0 (Certificate) RSA-X-509: OK RSA-PKCS: OK SHA1-RSA-PKCS: OK Unwrap: not implemented Decryption (currently only for RSA) testing key 0 (Certificate) RSA-X-509: OK RSA-PKCS: OK No errors WINDOWS (10, 64 bit) cardutil -scinfo is working, I can install certificate from card into win. EDGE browser TLS auth fails (no pin dialog, same problem was in 0.18, but 0.17 is working) Peter On Tue, Aug 28, 2018 at 1:31 PM Frank Morgner <fra...@gm...> wrote: > Hi all! > > You'll find a pre-release of OpenSC 0.19.0 on Github > <https://github.com/OpenSC/OpenSC/releases/tag/0.19.0-rc1>. A draft > version of the user visible changes is available in this ticket > <https://github.com/OpenSC/OpenSC/issues/1448>. > > Refer to the wiki page > <https://github.com/OpenSC/OpenSC/wiki/Smart-Card-Release-Testing> on how > to systematically test your card. Please extend the page with test results > from your smart cards. > > |
