[Opensc-devel] eToken 5110 support (Gemalto/SafeNet/Aladdin)

[Juraj Š. <jur...@en...>]

Hi,

new to OpenSC. We're using (Gemalto) Safenet 5110 tokens at our company,
which (AFAIK) are not supported by OpenSC. I'm querying about the
possibility mentioned on your GitHub wiki about someone writing a new
driver for it. Would there be any OpenSC developers willing to consider
this?

I have read a relevant thread in opensc-devel (
https://sourceforge.net/p/opensc/mailman/message/32292116/), but could not
make much sense of where OpenSC stands on the issue.

We understand this is a community developed project and resources are
probably scarce, so this is just an informal query. I'm not entirely sure
how active the project is at the moment. I can't promise any
funding/sponsorship in advance, but I would pitch the idea to my superiors
if someone would be willing to try it.

Currently we use the proprietary driver from Gemalto. Gemalto offers both
Windows binaries and Linux RPM and DEB packages. Windows driver is fine,
but on Linux, we have an annoying issue when using pam_pkcs11, with the
driver getting stuck in an endless loop running the select() system call
and using up an entire CPU core. We suspect the driver is to blame.

Running opensc-tool --atr returns the following:
Using reader with a card: AKS ifdh [eToken 5110 SC] 00 00
3b:d5:18:00:81:31:3a:7d:80:73:c8:21:10:30

As for reverse engineering, the Gemalto drivers are obviously copyrighted
and I'm not sure where the law stands on such issues. I was under the
impression that EU law allows reverse engineering under certain
circumstances ("ensuring compatibility" or something similar?), but no idea
about how it works elsewhere.

Best Regards,

Juraj Sedivy