Solve 2 issues #1085
Solve 2 issues #1085
Conversation
|
@FeitianSmartcardReader Any possibility to resolve the issue "Failed to erase card: Security status not satisfied" described in the wiki, without running binary blobs from internet? I have ePass token, but I am unable to us that. |
|
@Jakuje The issue need using our tool can download from below and to re-format token, if you cannot using this tool, please show me your error or log, I will help check and solve it, thanks http:https://download.ftsafe.com/files/ePass/Fix_Tool.tar.gz |
src/libopensc/sm.c
Outdated
| @@ -158,7 +158,7 @@ sc_sm_single_transmit(struct sc_card *card, struct sc_apdu *apdu) | |||
|
|
|||
| /* send APDU flagged as NO_SM */ | |||
| sm_apdu->flags |= SC_APDU_FLAGS_NO_SM; | |||
| rv = sc_transmit_apdu(card, sm_apdu); | |||
| rv = card->reader->ops->transmit(card->reader, sm_apdu); | |||
There was a problem hiding this comment.
This change will most likely lead to problems with other cards.
See discussion in #970
src/pkcs15init/pkcs15-lib.c
Outdated
| @@ -1238,7 +1238,7 @@ sc_pkcs15init_init_prkdf(struct sc_pkcs15_card *p15card, struct sc_profile *prof | |||
| key_info->params.data = &keyargs->key.u.ec.params; | |||
| key_info->params.free_params = sc_pkcs15init_empty_callback; | |||
| key_info->field_length = ecparams->field_length; | |||
| key_info->modulus_length = 0; | |||
| // key_info->modulus_length = 0; | |||
There was a problem hiding this comment.
This change will most likely break other cards
There was a problem hiding this comment.
I will talk internal and make the change, thanks
|
@frankmorgner Do modify, check changes 8021c47 |
|
To avoid a strcmp, for every card, The test should be |
src/pkcs15init/pkcs15-lib.c
Outdated
| @@ -1238,7 +1238,13 @@ sc_pkcs15init_init_prkdf(struct sc_pkcs15_card *p15card, struct sc_profile *prof | |||
| key_info->params.data = &keyargs->key.u.ec.params; | |||
| key_info->params.free_params = sc_pkcs15init_empty_callback; | |||
| key_info->field_length = ecparams->field_length; | |||
| key_info->modulus_length = 0; | |||
There was a problem hiding this comment.
According to ISO 7816-15 (successor of PKCS#15), an PublicECKeyAttributes doesn't have a modulusLength field (while a PublicRSAKeyAttributes does have one):
What's the reason for this change? As far as I can see, you're not using the modulus_length somewhere else.
There was a problem hiding this comment.
Right, no need do modify code here, we will do it in pkcs15-epass2003.c file, will submit another pull request
src/libopensc/sm.c
Outdated
| rv = sc_transmit_apdu(card, sm_apdu); | ||
| /* if token is epass2003, using below code*/ | ||
| switch(card->type){ | ||
| case SC_CARD_TYPE_ENTERSAFE_FTCOS_EPASS2003: |
There was a problem hiding this comment.
I'd like to avoid card specific code on this layer. What's the reason for this change?
There was a problem hiding this comment.
We double check the code, no need do modify in this layer, we will modify the file apdu.c.
The reason is our epass2003 series support plain APDU and cipher APDU, while in cipher APDU, after receive 6C command, then we will need get data back and re-package APDU with cipher mode, at this time, the set_le API seems only modify the LE, and nothing change of APDU, so we will modify apdu.c to solve it.
|
@FeitianSmartcardReader im unable to download your fix-tool from http:https://download.ftsafe.com/files/ePass/Fix_Tool.tar.gz. Can you post the link again please |
|
check below: |
ePass2003 EC not supported #1073 (comment), add
ECC support
These code already passed test
https://github.com/OpenSC/OpenSC/wiki/Smart-Card-Testing