opensc-devel

[Opensc-devel] OpenSC with qemu (Gemplus support)

[Anton G. <an...@ad...>]

Hi,

I'm trying to get OpenSC working with qemu (qemu-system-x86_64). It
emulates Gemplus token (lsusb output: 'ID 08e6:4433 Gemalto (was
Gemplus) GemPC433-Swap'), and it is unclear to me if it is supported in
OpenSC. It is listed as unsupported hardware [1], but the page for
Gemplus itself says it is supported [2].

If it is not, I would be grateful for any hints about how qemu and
OpenSC can be put to work together. opensc-tool --list-readers currently
gives

  # Detected readers (openct)
  Nr.  Card  Features  Name
  0    No              OpenCT reader (detached)
  1    No              OpenCT reader (detached)

which as far as I understands means it can't detect any devices.

Thanks,
Anton Gerasimov

[1]
https://github.com/OpenSC/OpenSC/wiki/Supported-hardware-(smart-cards-and-USB-tokens)
[2] https://github.com/OpenSC/OpenSC/wiki/Gemplus-GPK-16k

-- 
Anton Gerasimov, ATS Advanced Telematic Systems GmbH
Kantstrasse 162, 10623 Berlin
Managing Directors: Dirk Pöschl, Armin G. Schmidt
Register Court: HRB 151501 B, Amtsgericht Charlottenburg

Re: [Opensc-devel] OpenSC with qemu (Gemplus support)

[Douglas E E. <dee...@gm...>]

Your command only list the readers, and it also says you are using the OpenCT
rather the PCSClite.

What versions of software are you using?
OpenSC, OS, OpenCT, PCSClite?

You said you are trying to use qemu. I use virtual Box, which presents to the
virtual machine the real ID of a reader. I am not sure if qemu does that or presents
a generic reader with ID 08e6:4433.

The lsusb just says what type of reader. Are you using some token with a built in reader?
If so what is it?

What token are you using? The OpenSC driver Gemplus-GPK-16k is very old and was a card.


to list the atr, try:
opensc-tool -a

Also look at using OpenSC debug in config file see:

https://github.com/OpenSC/OpenSC/wiki/Using-OpenSC


On 9/6/2017 7:48 AM, Anton Gerasimov wrote:
> Hi,
> 
> I'm trying to get OpenSC working with qemu (qemu-system-x86_64). It
> emulates Gemplus token (lsusb output: 'ID 08e6:4433 Gemalto (was
> Gemplus) GemPC433-Swap'), and it is unclear to me if it is supported in
> OpenSC. It is listed as unsupported hardware [1], but the page for
> Gemplus itself says it is supported [2].
> 
> If it is not, I would be grateful for any hints about how qemu and
> OpenSC can be put to work together. opensc-tool --list-readers currently
> gives
> 
>    # Detected readers (openct)
>    Nr.  Card  Features  Name
>    0    No              OpenCT reader (detached)
>    1    No              OpenCT reader (detached)
> 
> which as far as I understands means it can't detect any devices.
> 
> Thanks,
> Anton Gerasimov
> 
> [1]
> https://github.com/OpenSC/OpenSC/wiki/Supported-hardware-(smart-cards-and-USB-tokens)
> [2] https://github.com/OpenSC/OpenSC/wiki/Gemplus-GPK-16k
> 

-- 

  Douglas E. Engert  <DEE...@gm...>

Re: [Opensc-devel] OpenSC with qemu (Gemplus support)

[Ludovic R. <lud...@gm...>]

2017-09-06 14:48 GMT+02:00 Anton Gerasimov <an...@ad...>:

> Hi,
>

Hello,


>
> I'm trying to get OpenSC working with qemu (qemu-system-x86_64). It
> emulates Gemplus token (lsusb output: 'ID 08e6:4433 Gemalto (was
> Gemplus) GemPC433-Swap'), and it is unclear to me if it is supported in
> OpenSC. It is listed as unsupported hardware [1], but the page for
> Gemplus itself says it is supported [2].
>
>
The GemPC433-swap is a smart card reader, not a smart card.
This reader is supported by my CCID driver
http://pcsclite.alioth.debian.org/ccid/supported.html#0x08E60x4433

This device is NOT listed as unsupported hardware [1].

The Gemplus GPK is a smart card (not a reader). As Douglas wrote it is a
very old card.

I am not sure to understand what qemu is used for.
Do you really emulate the smart card reader using qemu?

Bye

[1]
> https://github.com/OpenSC/OpenSC/wiki/Supported-
> hardware-(smart-cards-and-USB-tokens)
> [2] https://github.com/OpenSC/OpenSC/wiki/Gemplus-GPK-16k
>

-- 
 Dr. Ludovic Rousseau

Re: [Opensc-devel] OpenSC with qemu (Gemplus support)

[Anton G. <an...@ad...>]

I don't have a physical token, what I'm trying to do is to emulate one
using (approximately) this manual [1]. Unfortunately Qemu seems to be
able to emulate just that one device type, so I don't have much choise here.

After some new tries pcscd gives some output that as far as I understand
indicates that it has made contact to the virtual card (attached), but
opensc-tool still only shows OpenCT readers.

'opensc-tool -a' doesn't show anything useful as well:
  $ opensc-tool -a
     Card not present.

Regarding the versions:

OpenSC: 0.16.0
OS: Linux v4.4.60 (Openembedded/Yocto build).
OpenCT: 0.6.20
PCSClite: 1.8.13

Thanks,
Anton

[1]: https://github.com/qemu/qemu/blob/master/docs/ccid.txt
On 09/06/2017 03:51 PM, Douglas E Engert wrote:
> Your command only list the readers, and it also says you are using the
> OpenCT
> rather the PCSClite.
>
> What versions of software are you using?
> OpenSC, OS, OpenCT, PCSClite?
>
> You said you are trying to use qemu. I use virtual Box, which presents
> to the
> virtual machine the real ID of a reader. I am not sure if qemu does
> that or presents
> a generic reader with ID 08e6:4433.
>
> The lsusb just says what type of reader. Are you using some token with
> a built in reader?
> If so what is it?
>
> What token are you using? The OpenSC driver Gemplus-GPK-16k is very
> old and was a card.
>
>
> to list the atr, try:
> opensc-tool -a
>
> Also look at using OpenSC debug in config file see:
>
> https://github.com/OpenSC/OpenSC/wiki/Using-OpenSC
>
>
> On 9/6/2017 7:48 AM, Anton Gerasimov wrote:
>> Hi,
>>
>> I'm trying to get OpenSC working with qemu (qemu-system-x86_64). It
>> emulates Gemplus token (lsusb output: 'ID 08e6:4433 Gemalto (was
>> Gemplus) GemPC433-Swap'), and it is unclear to me if it is supported in
>> OpenSC. It is listed as unsupported hardware [1], but the page for
>> Gemplus itself says it is supported [2].
>>
>> If it is not, I would be grateful for any hints about how qemu and
>> OpenSC can be put to work together. opensc-tool --list-readers currently
>> gives
>>
>>    # Detected readers (openct)
>>    Nr.  Card  Features  Name
>>    0    No              OpenCT reader (detached)
>>    1    No              OpenCT reader (detached)
>>
>> which as far as I understands means it can't detect any devices.
>>
>> Thanks,
>> Anton Gerasimov
>>
>> [1]
>> https://github.com/OpenSC/OpenSC/wiki/Supported-hardware-(smart-cards-and-USB-tokens)
>>
>> [2] https://github.com/OpenSC/OpenSC/wiki/Gemplus-GPK-16k
>>
>

-- 
Anton Gerasimov, ATS Advanced Telematic Systems GmbH
Kantstrasse 162, 10623 Berlin
Managing Directors: Dirk Pöschl, Armin G. Schmidt
Register Court: HRB 151501 B, Amtsgericht Charlottenburg

Re: [Opensc-devel] OpenSC with qemu (Gemplus support)

[Jakub J. <jj...@re...>]

On Wed, 2017-09-06 at 16:36 +0200, Anton Gerasimov wrote:
> I don't have a physical token, what I'm trying to do is to emulate
> one
> using (approximately) this manual [1]. Unfortunately Qemu seems to be
> able to emulate just that one device type, so I don't have much
> choise here.
> 
> After some new tries pcscd gives some output that as far as I
> understand
> indicates that it has made contact to the virtual card (attached),
> but
> opensc-tool still only shows OpenCT readers.
> 
> 'opensc-tool -a' doesn't show anything useful as well:
>   $ opensc-tool -a
>      Card not present.
> 
> Regarding the versions:
> 
> OpenSC: 0.16.0
> OS: Linux v4.4.60 (Openembedded/Yocto build).
> OpenCT: 0.6.20
> PCSClite: 1.8.13
> 
> Thanks,
> Anton
> 
> [1]: https://github.com/qemu/qemu/blob/master/docs/ccid.txt

If I remember well, I was able to make it working using the following
guide with pcsc-lite and opensc (0.17.0 -- older versions do not
support the CAC card, which is what is emulated there in libcacard
project).

https://www.spice-space.org/page/SmartcardUsage



> On 09/06/2017 03:51 PM, Douglas E Engert wrote:
> > Your command only list the readers, and it also says you are using
> > the
> > OpenCT
> > rather the PCSClite.
> > 
> > What versions of software are you using?
> > OpenSC, OS, OpenCT, PCSClite?
> > 
> > You said you are trying to use qemu. I use virtual Box, which
> > presents
> > to the
> > virtual machine the real ID of a reader. I am not sure if qemu does
> > that or presents
> > a generic reader with ID 08e6:4433.
> > 
> > The lsusb just says what type of reader. Are you using some token
> > with
> > a built in reader?
> > If so what is it?
> > 
> > What token are you using? The OpenSC driver Gemplus-GPK-16k is very
> > old and was a card.
> > 
> > 
> > to list the atr, try:
> > opensc-tool -a
> > 
> > Also look at using OpenSC debug in config file see:
> > 
> > https://github.com/OpenSC/OpenSC/wiki/Using-OpenSC
> > 
> > 
> > On 9/6/2017 7:48 AM, Anton Gerasimov wrote:
> > > Hi,
> > > 
> > > I'm trying to get OpenSC working with qemu (qemu-system-x86_64).
> > > It
> > > emulates Gemplus token (lsusb output: 'ID 08e6:4433 Gemalto (was
> > > Gemplus) GemPC433-Swap'), and it is unclear to me if it is
> > > supported in
> > > OpenSC. It is listed as unsupported hardware [1], but the page
> > > for
> > > Gemplus itself says it is supported [2].
> > > 
> > > If it is not, I would be grateful for any hints about how qemu
> > > and
> > > OpenSC can be put to work together. opensc-tool --list-readers
> > > currently
> > > gives
> > > 
> > >    # Detected readers (openct)
> > >    Nr.  Card  Features  Name
> > >    0    No              OpenCT reader (detached)
> > >    1    No              OpenCT reader (detached)
> > > 
> > > which as far as I understands means it can't detect any devices.
> > > 
> > > Thanks,
> > > Anton Gerasimov
> > > 
> > > [1]
> > > https://github.com/OpenSC/OpenSC/wiki/Supported-hardware-(smart-c
> > > ards-and-USB-tokens)
> > > 
> > > [2] https://github.com/OpenSC/OpenSC/wiki/Gemplus-GPK-16k
> > > 
> 
> -------------------------------------------------------------------
> -----------
> Check out the vibrant tech community on one of the world's most
> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
> _______________________________________________
> Opensc-devel mailing list
> Ope...@li...
> https://lists.sourceforge.net/lists/listinfo/opensc-devel
-- 
Jakub Jelen
Software Engineer
Security Technologies
Red Hat, Inc.

Re: [Opensc-devel] OpenSC with qemu (Gemplus support)

[Anton G. <an...@ad...>]

Sorry, the problem was that I was building OpenSC without pcsc support.
Now pkcs11-tool shows the card reader as empty:
 
  Slot 0 (0x0): Generic CCID Reader [CCID Interface]
(1-0000:00:01.2-2.1) 00 00
  (empty)

But that is a different problem. Thank you.

Best,
Anton Gerasimov


On 09/06/2017 04:36 PM, Anton Gerasimov wrote:
> I don't have a physical token, what I'm trying to do is to emulate one
> using (approximately) this manual [1]. Unfortunately Qemu seems to be
> able to emulate just that one device type, so I don't have much choise here.
>
> After some new tries pcscd gives some output that as far as I understand
> indicates that it has made contact to the virtual card (attached), but
> opensc-tool still only shows OpenCT readers.
>
> 'opensc-tool -a' doesn't show anything useful as well:
>   $ opensc-tool -a
>      Card not present.
>
> Regarding the versions:
>
> OpenSC: 0.16.0
> OS: Linux v4.4.60 (Openembedded/Yocto build).
> OpenCT: 0.6.20
> PCSClite: 1.8.13
>
> Thanks,
> Anton
>
> [1]: https://github.com/qemu/qemu/blob/master/docs/ccid.txt
> On 09/06/2017 03:51 PM, Douglas E Engert wrote:
>> Your command only list the readers, and it also says you are using the
>> OpenCT
>> rather the PCSClite.
>>
>> What versions of software are you using?
>> OpenSC, OS, OpenCT, PCSClite?
>>
>> You said you are trying to use qemu. I use virtual Box, which presents
>> to the
>> virtual machine the real ID of a reader. I am not sure if qemu does
>> that or presents
>> a generic reader with ID 08e6:4433.
>>
>> The lsusb just says what type of reader. Are you using some token with
>> a built in reader?
>> If so what is it?
>>
>> What token are you using? The OpenSC driver Gemplus-GPK-16k is very
>> old and was a card.
>>
>>
>> to list the atr, try:
>> opensc-tool -a
>>
>> Also look at using OpenSC debug in config file see:
>>
>> https://github.com/OpenSC/OpenSC/wiki/Using-OpenSC
>>
>>
>> On 9/6/2017 7:48 AM, Anton Gerasimov wrote:
>>> Hi,
>>>
>>> I'm trying to get OpenSC working with qemu (qemu-system-x86_64). It
>>> emulates Gemplus token (lsusb output: 'ID 08e6:4433 Gemalto (was
>>> Gemplus) GemPC433-Swap'), and it is unclear to me if it is supported in
>>> OpenSC. It is listed as unsupported hardware [1], but the page for
>>> Gemplus itself says it is supported [2].
>>>
>>> If it is not, I would be grateful for any hints about how qemu and
>>> OpenSC can be put to work together. opensc-tool --list-readers currently
>>> gives
>>>
>>>    # Detected readers (openct)
>>>    Nr.  Card  Features  Name
>>>    0    No              OpenCT reader (detached)
>>>    1    No              OpenCT reader (detached)
>>>
>>> which as far as I understands means it can't detect any devices.
>>>
>>> Thanks,
>>> Anton Gerasimov
>>>
>>> [1]
>>> https://github.com/OpenSC/OpenSC/wiki/Supported-hardware-(smart-cards-and-USB-tokens)
>>>
>>> [2] https://github.com/OpenSC/OpenSC/wiki/Gemplus-GPK-16k
>>>
-- 
Anton Gerasimov, ATS Advanced Telematic Systems GmbH
Kantstrasse 162, 10623 Berlin
Managing Directors: Dirk Pöschl, Armin G. Schmidt
Register Court: HRB 151501 B, Amtsgericht Charlottenburg

Re: [Opensc-devel] OpenSC with qemu (Gemplus support)

[Douglas E E. <dee...@gm...>]

It sound like you are trying to write a software version of a smart card
and interface at the USB level using the qemu code as a starting point?


You might want to Google for: software emulation of smart cards

There are a number of these available including:

https://github.com/frankmorgner/vsmartcard

There is also :
http://www.softhsm.org/

which implements a software version of smart card but at a PKCS#11 module.



On 9/6/2017 9:36 AM, Anton Gerasimov wrote:
> I don't have a physical token, what I'm trying to do is to emulate one
> using (approximately) this manual [1]. Unfortunately Qemu seems to be
> able to emulate just that one device type, so I don't have much choise here.
> 
> After some new tries pcscd gives some output that as far as I understand
> indicates that it has made contact to the virtual card (attached), but
> opensc-tool still only shows OpenCT readers.
> 
> 'opensc-tool -a' doesn't show anything useful as well:
>    $ opensc-tool -a
>       Card not present.
> 
> Regarding the versions:
> 
> OpenSC: 0.16.0
> OS: Linux v4.4.60 (Openembedded/Yocto build).
> OpenCT: 0.6.20
> PCSClite: 1.8.13
> 
> Thanks,
> Anton
> 
> [1]: https://github.com/qemu/qemu/blob/master/docs/ccid.txt
> On 09/06/2017 03:51 PM, Douglas E Engert wrote:
>> Your command only list the readers, and it also says you are using the
>> OpenCT
>> rather the PCSClite.
>>
>> What versions of software are you using?
>> OpenSC, OS, OpenCT, PCSClite?
>>
>> You said you are trying to use qemu. I use virtual Box, which presents
>> to the
>> virtual machine the real ID of a reader. I am not sure if qemu does
>> that or presents
>> a generic reader with ID 08e6:4433.
>>
>> The lsusb just says what type of reader. Are you using some token with
>> a built in reader?
>> If so what is it?
>>
>> What token are you using? The OpenSC driver Gemplus-GPK-16k is very
>> old and was a card.
>>
>>
>> to list the atr, try:
>> opensc-tool -a
>>
>> Also look at using OpenSC debug in config file see:
>>
>> https://github.com/OpenSC/OpenSC/wiki/Using-OpenSC
>>
>>
>> On 9/6/2017 7:48 AM, Anton Gerasimov wrote:
>>> Hi,
>>>
>>> I'm trying to get OpenSC working with qemu (qemu-system-x86_64). It
>>> emulates Gemplus token (lsusb output: 'ID 08e6:4433 Gemalto (was
>>> Gemplus) GemPC433-Swap'), and it is unclear to me if it is supported in
>>> OpenSC. It is listed as unsupported hardware [1], but the page for
>>> Gemplus itself says it is supported [2].
>>>
>>> If it is not, I would be grateful for any hints about how qemu and
>>> OpenSC can be put to work together. opensc-tool --list-readers currently
>>> gives
>>>
>>>     # Detected readers (openct)
>>>     Nr.  Card  Features  Name
>>>     0    No              OpenCT reader (detached)
>>>     1    No              OpenCT reader (detached)
>>>
>>> which as far as I understands means it can't detect any devices.
>>>
>>> Thanks,
>>> Anton Gerasimov
>>>
>>> [1]
>>> https://github.com/OpenSC/OpenSC/wiki/Supported-hardware-(smart-cards-and-USB-tokens)
>>>
>>> [2] https://github.com/OpenSC/OpenSC/wiki/Gemplus-GPK-16k
>>>
>>
> 

-- 

  Douglas E. Engert  <DEE...@gm...>

Re: [Opensc-devel] OpenSC with qemu (Gemplus support)

[Peter P. <pop...@gm...>]

Hi,

If someone need open source smartcard (based on 8 bit AVR
microcontroller) .. with RSA and ECC, supported by myeid driver in
opensc,  you can use https://oseid.sourceforge.io/

On Wed, Sep 6, 2017 at 7:06 PM, Douglas E Engert <dee...@gm...> wrote:
> It sound like you are trying to write a software version of a smart card
> and interface at the USB level using the qemu code as a starting point?
>
>
> You might want to Google for: software emulation of smart cards
>
> There are a number of these available including:
>
> https://github.com/frankmorgner/vsmartcard
>
> There is also :
> http://www.softhsm.org/
>
> which implements a software version of smart card but at a PKCS#11 module.

Re: [Opensc-devel] OpenSC with qemu (Gemplus support)

[Anton G. <an...@ad...>]

Thank you everyone, the SoftHSM has shown the best results so far.
Unfotrunately it seems like presenting NSS database as virtual CCID is
currently broken in qemu.

Best regards,
Anton Gerasimov

On 09/06/2017 07:06 PM, Douglas E Engert wrote:
> It sound like you are trying to write a software version of a smart card
> and interface at the USB level using the qemu code as a starting point?
>
>
> You might want to Google for: software emulation of smart cards
>
> There are a number of these available including:
>
> https://github.com/frankmorgner/vsmartcard
>
> There is also :
> http://www.softhsm.org/
>
> which implements a software version of smart card but at a PKCS#11
> module.
>
>
>
> On 9/6/2017 9:36 AM, Anton Gerasimov wrote:
>> I don't have a physical token, what I'm trying to do is to emulate one
>> using (approximately) this manual [1]. Unfortunately Qemu seems to be
>> able to emulate just that one device type, so I don't have much
>> choise here.
>>
>> After some new tries pcscd gives some output that as far as I understand
>> indicates that it has made contact to the virtual card (attached), but
>> opensc-tool still only shows OpenCT readers.
>>
>> 'opensc-tool -a' doesn't show anything useful as well:
>>    $ opensc-tool -a
>>       Card not present.
>>
>> Regarding the versions:
>>
>> OpenSC: 0.16.0
>> OS: Linux v4.4.60 (Openembedded/Yocto build).
>> OpenCT: 0.6.20
>> PCSClite: 1.8.13
>>
>> Thanks,
>> Anton
>>
>> [1]: https://github.com/qemu/qemu/blob/master/docs/ccid.txt
>> On 09/06/2017 03:51 PM, Douglas E Engert wrote:
>>> Your command only list the readers, and it also says you are using the
>>> OpenCT
>>> rather the PCSClite.
>>>
>>> What versions of software are you using?
>>> OpenSC, OS, OpenCT, PCSClite?
>>>
>>> You said you are trying to use qemu. I use virtual Box, which presents
>>> to the
>>> virtual machine the real ID of a reader. I am not sure if qemu does
>>> that or presents
>>> a generic reader with ID 08e6:4433.
>>>
>>> The lsusb just says what type of reader. Are you using some token with
>>> a built in reader?
>>> If so what is it?
>>>
>>> What token are you using? The OpenSC driver Gemplus-GPK-16k is very
>>> old and was a card.
>>>
>>>
>>> to list the atr, try:
>>> opensc-tool -a
>>>
>>> Also look at using OpenSC debug in config file see:
>>>
>>> https://github.com/OpenSC/OpenSC/wiki/Using-OpenSC
>>>
>>>
>>> On 9/6/2017 7:48 AM, Anton Gerasimov wrote:
>>>> Hi,
>>>>
>>>> I'm trying to get OpenSC working with qemu (qemu-system-x86_64). It
>>>> emulates Gemplus token (lsusb output: 'ID 08e6:4433 Gemalto (was
>>>> Gemplus) GemPC433-Swap'), and it is unclear to me if it is
>>>> supported in
>>>> OpenSC. It is listed as unsupported hardware [1], but the page for
>>>> Gemplus itself says it is supported [2].
>>>>
>>>> If it is not, I would be grateful for any hints about how qemu and
>>>> OpenSC can be put to work together. opensc-tool --list-readers
>>>> currently
>>>> gives
>>>>
>>>>     # Detected readers (openct)
>>>>     Nr.  Card  Features  Name
>>>>     0    No              OpenCT reader (detached)
>>>>     1    No              OpenCT reader (detached)
>>>>
>>>> which as far as I understands means it can't detect any devices.
>>>>
>>>> Thanks,
>>>> Anton Gerasimov
>>>>
>>>> [1]
>>>> https://github.com/OpenSC/OpenSC/wiki/Supported-hardware-(smart-cards-and-USB-tokens)
>>>>
>>>>
>>>> [2] https://github.com/OpenSC/OpenSC/wiki/Gemplus-GPK-16k
>>>>
>>>
>>
>

-- 
Anton Gerasimov, ATS Advanced Telematic Systems GmbH
Kantstrasse 162, 10623 Berlin
Managing Directors: Dirk Pöschl, Armin G. Schmidt
Register Court: HRB 151501 B, Amtsgericht Charlottenburg