Я хочу использовать j2-карты J2A040 JCOP 21-36k для реализации решения с использованием смарт-карт, использующего битлокер, с помощью gidsapplet и OpenSC, но при попытке поместить сертификат на карту (certreq -new) я не смог чтобы получить сообщение об ошибке «Смарт-карта не полностью персонализирована для использования» из Windows.
Это содержимое дампа с помощью gids-tool:
Dumping Files:
Found 5 entries in the masterfile
Directory: mscp
FileIdentifier: 0xa000
File: \cardid
FileIdentifier: 0xa012
DataObjectIdentifier: 0xdf20
Size: 16
File: \cardapps
FileIdentifier: 0xa010
DataObjectIdentifier: 0xdf21
Size: 8
File: \cardcf
FileIdentifier: 0xa010
DataObjectIdentifier: 0xdf22
Size: 6
File: mscp\cmapfile
FileIdentifier: 0xa010
DataObjectIdentifier: 0xdf23
Size: 0
Dumping containers:
no container found
Используя pkcs15-init, я не могу создать мета-структуру при получении. Не удалось создать мета-структуру PKCS # 15: неверные параметры в APDU.
Это вывод pkcs15-init --create-pkcs15 -vvvvvvvvv, начиная с драйвера gids:
trying driver 'gids'
card-gids.c:570:gids_match_card: called
card-gids.c:281:gids_select_aid: called
Got args: aid=00007FFC31591840, aidlen=9, response=0000007C6FD5EEF0, responselen=261
apdu.c:554:sc_transmit_apdu: called
card.c:415:sc_lock: called
reader-pcsc.c:613:pcsc_lock: called
card-gids.c:2057:gids_card_reader_lock_obtained: called
card-gids.c:2065:gids_card_reader_lock_obtained: returning with: 0 (Success)
card.c:455:sc_lock: returning with: 0 (Success)
apdu.c:521:sc_transmit: called
apdu.c:371:sc_single_transmit: called
CLA:0, INS:A4, P1:4, P2:0, data(9) 00007FFC31591840
reader 'Broadcom Corp Contacted SmartCard 0'
reader-pcsc.c:285:pcsc_transmit:
Outgoing APDU (15 bytes):
00 A4 04 00 09 A0 00 00 03 97 42 54 46 59 00 ..........BTFY.
reader-pcsc.c:213:pcsc_internal_transmit: called
reader-pcsc.c:294:pcsc_transmit:
Incoming APDU (22 bytes):
61 12 4F 0B A0 00 00 03 97 42 54 46 59 02 01 73 a.O......BTFY..s
03 40 01 C0 90 00 .@....
apdu.c:390:sc_single_transmit: returning with: 0 (Success)
apdu.c:543:sc_transmit: returning with: 0 (Success)
card.c:465:sc_unlock: called
reader-pcsc.c:663:pcsc_unlock: called
card-gids.c:299:gids_select_aid: returning with: 0 (Success)
found AID
matched: GIDS Smart Card
card-gids.c:632:gids_init: called
card info name:'GIDS Smart Card', type:30003, flags:0x0, max_send/recv_size:255/256
card.c:1462:sc_card_sm_check: called
card->sm_ctx.ops.open 0000000000000000
card.c:1468:sc_card_sm_check: returning with: 0 (Success)
card.c:339:sc_connect_card: returning with: 0 (Success)
Using card driver GIDS Smart Card.
pkcs15-lib.c:313:sc_pkcs15init_bind: called
card.c:951:sc_card_ctl: called
card-gids.c:2019:gids_card_ctl: called
card_ctl(4) not supported
called; type=2, path=3f0050154946
card-gids.c:920:gids_select_file: called
apdu.c:554:sc_transmit_apdu: called
card.c:415:sc_lock: called
reader-pcsc.c:613:pcsc_lock: called
card-gids.c:2057:gids_card_reader_lock_obtained: called
card-gids.c:2065:gids_card_reader_lock_obtained: returning with: 0 (Success)
card.c:455:sc_lock: returning with: 0 (Success)
apdu.c:521:sc_transmit: called
apdu.c:371:sc_single_transmit: called
CLA:0, INS:A4, P1:8, P2:0, data(4) 0000007C6FD5F222
reader 'Broadcom Corp Contacted SmartCard 0'
reader-pcsc.c:285:pcsc_transmit:
Outgoing APDU (10 bytes):
00 A4 08 00 04 50 15 49 46 00 .....P.IF.
reader-pcsc.c:213:pcsc_internal_transmit: called
reader-pcsc.c:294:pcsc_transmit:
Incoming APDU (2 bytes):
6A 86 j.
apdu.c:390:sc_single_transmit: returning with: 0 (Success)
apdu.c:543:sc_transmit: returning with: 0 (Success)
card.c:465:sc_unlock: called
reader-pcsc.c:663:pcsc_unlock: called
Incorrect parameters P1-P2
iso7816.c:578:iso7816_select_file: returning with: -1205 (Incorrect parameters in APDU)
card.c:776:sc_select_file: 'SELECT' error: -1205 (Incorrect parameters in APDU)
profile.c:336:sc_profile_load: called
Using profile directory 'C:\Program Files\OpenSC Project\OpenSC\profiles'.
Trying profile file C:\Program Files\OpenSC Project\OpenSC\profiles\pkcs15.profile
profile C:\Program Files\OpenSC Project\OpenSC\profiles\pkcs15.profile loaded ok
profile.c:383:sc_profile_load: returning with: 0 (Success)
profile.c:336:sc_profile_load: called
Using profile directory 'C:\Program Files\OpenSC Project\OpenSC\profiles'.
Trying profile file C:\Program Files\OpenSC Project\OpenSC\profiles\gids.profile
profile C:\Program Files\OpenSC Project\OpenSC\profiles\gids.profile loaded ok
profile.c:383:sc_profile_load: returning with: 0 (Success)
profile.c:395:sc_profile_finish: called
profile.c:438:sc_profile_finish: returning with: 0 (Success)
pkcs15-lib.c:420:sc_pkcs15init_bind: returning with: 0 (Success)
About to create PKCS #15 meta structure.
New Security Officer PIN (Optional - press return for no PIN).
Please enter Security Officer PIN: Please type again to verify: Unblock Code for New User PIN (Optional - press return for no PIN).
Please enter User unblocking PIN (PUK): Please type again to verify: card.c:415:sc_lock: called
reader-pcsc.c:613:pcsc_lock: called
card-gids.c:2057:gids_card_reader_lock_obtained: called
card-gids.c:2065:gids_card_reader_lock_obtained: returning with: 0 (Success)
card.c:455:sc_lock: returning with: 0 (Success)
pkcs15-lib.c:774:sc_pkcs15init_add_app: called
pkcs15-lib.c:4172:sc_pkcs15init_qualify_pin: called
pkcs15-lib.c:4191:sc_pkcs15init_qualify_pin: returning with: 0 (Success)
pkcs15-lib.c:4172:sc_pkcs15init_qualify_pin: called
pkcs15-lib.c:4191:sc_pkcs15init_qualify_pin: returning with: 0 (Success)
Add virtual SO_PIN('Security Officer PIN',flags:B2,reference:-1,path:'3f005015')
card.c:951:sc_card_ctl: called
card-gids.c:2019:gids_card_ctl: called
card-gids.c:605:gids_get_serialnr: called
card-gids.c:386:gids_read_gidsfile: called
card-gids.c:216:gids_get_DO: called
Got args: fileIdentifier=a000, dataObjectIdentifier=df1f, response=00000250F5BCD1C0, responselen=65000
apdu.c:554:sc_transmit_apdu: called
card.c:415:sc_lock: called
card.c:455:sc_lock: returning with: 0 (Success)
apdu.c:521:sc_transmit: called
apdu.c:371:sc_single_transmit: called
CLA:0, INS:CB, P1:A0, P2:0, data(4) 0000007C6FD3ECE0
reader 'Broadcom Corp Contacted SmartCard 0'
reader-pcsc.c:285:pcsc_transmit:
Outgoing APDU (10 bytes):
00 CB A0 00 04 5C 02 DF 1F 00 .....\....
reader-pcsc.c:213:pcsc_internal_transmit: called
reader-pcsc.c:294:pcsc_transmit:
Incoming APDU (147 bytes):
DF 1F 81 8D 01 6D 73 63 70 00 00 00 00 00 00 00 .....mscp.......
00 00 00 00 00 00 00 00 00 00 00 00 00 00 A0 00 ................
00 00 00 00 00 00 00 00 00 00 63 61 72 64 69 64 ..........cardid
00 00 00 00 00 20 DF 00 00 12 A0 00 00 00 00 00 ..... ..........
00 00 00 00 00 00 63 61 72 64 61 70 70 73 00 00 ......cardapps..
00 21 DF 00 00 10 A0 00 00 00 00 00 00 00 00 00 .!..............
00 00 63 61 72 64 63 66 00 00 00 00 00 22 DF 00 ..cardcf....."..
00 10 A0 00 00 6D 73 63 70 00 00 00 00 00 63 6D .....mscp.....cm
61 70 66 69 6C 65 00 00 00 23 DF 00 00 10 A0 00 apfile...#......
00 90 00 ...
apdu.c:390:sc_single_transmit: returning with: 0 (Success)
apdu.c:543:sc_transmit: returning with: 0 (Success)
card.c:465:sc_unlock: called
card-gids.c:311:gids_read_gidsfile_without_cache: called
Identifiers of cardid is fileIdentifier=a012, dataObjectIdentifier=df20
card-gids.c:216:gids_get_DO: called
Got args: fileIdentifier=a012, dataObjectIdentifier=df20, response=0000007C6FD4ECE0, responselen=65538
apdu.c:554:sc_transmit_apdu: called
card.c:415:sc_lock: called
card.c:455:sc_lock: returning with: 0 (Success)
apdu.c:521:sc_transmit: called
apdu.c:371:sc_single_transmit: called
CLA:0, INS:CB, P1:A0, P2:12, data(4) 0000007C6FD3ECB0
reader 'Broadcom Corp Contacted SmartCard 0'
reader-pcsc.c:285:pcsc_transmit:
Outgoing APDU (10 bytes):
00 CB A0 12 04 5C 02 DF 20 00 .....\.. .
reader-pcsc.c:213:pcsc_internal_transmit: called
reader-pcsc.c:294:pcsc_transmit:
Incoming APDU (21 bytes):
DF 20 10 4D 55 E8 C6 5A C5 F4 49 4A F9 29 6E 96 . .MU..Z..IJ.)n.
EB 83 89 90 00 .....
apdu.c:390:sc_single_transmit: returning with: 0 (Success)
apdu.c:543:sc_transmit: returning with: 0 (Success)
card.c:465:sc_unlock: called
card-gids.c:394:gids_read_gidsfile: returning with: 0 (Success)
card-gids.c:624:gids_get_serialnr: returning with: 0 (Success)
card.c:961:sc_card_ctl: returning with: 0 (Success)
pkcs15-lib.c:3143:sc_pkcs15init_add_object: called
add object 00000250F5C1B2D0 to DF of type 8
Append object
pkcs15-gids.c:109:gids_emu_update_any_df: called
pkcs15-gids.c:112:gids_emu_update_any_df: returning with: 0 (Success)
pkcs15-lib.c:3187:sc_pkcs15init_add_object: returning with: 0 (Success)
pkcs15-lib.c:2943:sc_pkcs15init_update_dir: called
dir.c:163:sc_enum_apps: called
called; type=2, path=3f002f00
card-gids.c:920:gids_select_file: called
apdu.c:554:sc_transmit_apdu: called
card.c:415:sc_lock: called
card.c:455:sc_lock: returning with: 0 (Success)
apdu.c:521:sc_transmit: called
apdu.c:371:sc_single_transmit: called
CLA:0, INS:A4, P1:8, P2:0, data(2) 0000007C6FD5E7F2
reader 'Broadcom Corp Contacted SmartCard 0'
reader-pcsc.c:285:pcsc_transmit:
Outgoing APDU (8 bytes):
00 A4 08 00 02 2F 00 00 ...../..
reader-pcsc.c:213:pcsc_internal_transmit: called
reader-pcsc.c:294:pcsc_transmit:
Incoming APDU (2 bytes):
6A 86 j.
apdu.c:390:sc_single_transmit: returning with: 0 (Success)
apdu.c:543:sc_transmit: returning with: 0 (Success)
card.c:465:sc_unlock: called
Incorrect parameters P1-P2
iso7816.c:578:iso7816_select_file: returning with: -1205 (Incorrect parameters in APDU)
card.c:776:sc_select_file: 'SELECT' error: -1205 (Incorrect parameters in APDU)
dir.c:171:sc_enum_apps: Cannot select EF.DIR file: -1205 (Incorrect parameters in APDU)
pkcs15-lib.c:2971:sc_pkcs15init_update_dir: returning with: -1205 (Incorrect parameters in APDU)
pkcs15-lib.c:3922:sc_pkcs15init_update_file: called
path:3f0050154946; datalen:128
called; type=2, path=3f0050154946
card-gids.c:920:gids_select_file: called
apdu.c:554:sc_transmit_apdu: called
card.c:415:sc_lock: called
card.c:455:sc_lock: returning with: 0 (Success)
apdu.c:521:sc_transmit: called
apdu.c:371:sc_single_transmit: called
CLA:0, INS:A4, P1:8, P2:0, data(4) 0000007C6FD5E932
reader 'Broadcom Corp Contacted SmartCard 0'
reader-pcsc.c:285:pcsc_transmit:
Outgoing APDU (10 bytes):
00 A4 08 00 04 50 15 49 46 00 .....P.IF.
reader-pcsc.c:213:pcsc_internal_transmit: called
reader-pcsc.c:294:pcsc_transmit:
Incoming APDU (2 bytes):
6A 86 j.
apdu.c:390:sc_single_transmit: returning with: 0 (Success)
apdu.c:543:sc_transmit: returning with: 0 (Success)
card.c:465:sc_unlock: called
Incorrect parameters P1-P2
iso7816.c:578:iso7816_select_file: returning with: -1205 (Incorrect parameters in APDU)
card.c:776:sc_select_file: 'SELECT' error: -1205 (Incorrect parameters in APDU)
pkcs15-lib.c:3944:sc_pkcs15init_update_file: Failed to select file: -1205 (Incorrect parameters in APDU)
pkcs15-lib.c:920:sc_pkcs15init_add_app: returning with: -1205 (Incorrect parameters in APDU)
card.c:465:sc_unlock: called
reader-pcsc.c:663:pcsc_unlock: called
Failed to create PKCS #15 meta structure: Incorrect parameters in APDU
pkcs15-lib.c:430:sc_pkcs15init_unbind: called
Pksc15init Unbind: 0:0000000000000000:1
card.c:356:sc_disconnect_card: called
card-gids.c:656:gids_finish: called
Broadcom Corp Contacted SmartCard 0:SCardDisconnect returned: 0x00000000
card.c:378:sc_disconnect_card: returning with: 0 (Success)
ctx.c:906:sc_release_context: called
reader-pcsc.c:900:pcsc_finish: called
Я не привержен этим инструментам и открыт для любых предложений.