Good Smart Card offline terminal?

The isn't a programming question per say, but can anyone recommend a good inexpensive offline smart card terminal? I'm building a cash card/loyalty app and I'm looking for a hand held terminal that a store owner could have to complete transactions with customers. It would need to be able to complete offline transactions with customer's smart cards. The store owner would then synchronize later by connect to an internet connected pc with a USB cable. I believe such a device would have an internal smart card for the store owner.

i use Aladdin e-token and it works beautifully.
aladdin.com

Similar Messages

Smart card terminal

USB keyboard with integrated card reader (smart card terminal) is unable to recognize/read new eid cards. Old cards no problem, but new ones are not even recognized as an eid!New drivers are not available at HP.com for the kus1206, I don't knwow why.They furnished a cd with old drivers on it, which make your pc restart without asking :-(Anyway, if someone knows where to find (if there's one of course) a new driver. We 've got 6 of these keyboards, it would be a **bleep** pitty if we had to replace them all.Thank you in advance

Oops, I mean how do you get it to cooperate with an emulated environment and not a physical card and card reader

Token and smart card reader are not detected on Mavericks if not plugged on a USB port during system boot

Well, both token and smart card reader are not detected on OS X 10.9 if not plugged on a USB port during system boot. So, if I am already working within the system and need to use my certificates I have to plug the token or smart card reader on a USB port and restart Mavericks.
Token is a GD Starsign and Smart Card Reader is a SCR3310 v2.
Thoughts?

SCS is a very good app, since I've read that Apple has discontinued support for PC/SC interfaces after the release of Mountain Lion.
(My previous installation was a Mavericks upgrade from Lion)
However, I don't know what and how to debug using Smart Card Services. Do you know any commands to use?
Apparently, the SC reader reports no issues: the LED is blinking blue when no smart card is present and becomes fixed blue when a smart card is inserted – according to the manuals, this shows that there is correct communication between the OS and the CCID reader.
I don't know what to do; I'm beginning to hypothesize it's a digital signer issue. In fact, my smart card only supports one application called File Protector (by Actalis) to officially sign digital documents. This application seems to have major difficulties in identifying the miniLector EVO.
The generic and ambiguous internal error comes when I try to manually identify the peripheral.
Athena CNS is one of the Italian smart cards and is automatically recognized and configured (so it's correct – no doubts about this), while "ACS ACR 38U-CCID 00 00" seems to be the real name of the miniLector.
(I'm assuming this because System Information also returns that the real manufacturer is ACS... bit4id is a re-brander)
However, when I click on it and then tap OK, it returns internal error.
As first attempt, I would try to completely erase&clean File Protector files to try a reinstall. Then, if this still doesn't work, I'd debug using the terminal.
So:
- Do you know any applications to 100% clean files created by an installer?
- Do you have in mind any solutions that I might have forgotten?
Thanks in advance from an OS X fan!

Smart card reader refusing to work on OS X Mavericks

Hi,
I am the owner of a bit4id Minilector EVO, a little smart card reader (manufactured by ACS Advanced Card Systems) who I use to comply with the digital signatures required by the Italian law.
There is an official application to use the smart cards; however, I'm experiencing major issues with it.
Shortly:
- When I plug the bit4id smart card reader into the USB port of my MBP, the LED shows it is recognized; System Information also tells it has been fully implemented into OS X
- When I then insert the smart card, no issues are reported and the bit4id LED becomes fixed;
But, when I start the application to digitally sign, it tries to detect what cryptographic module I'm using. It detects the correct one but reports an «Internal error» halting the process.
I know there is an implementation of PCSC for OS X called PCSC-Lite, and that there is a terminal command to show if all is working properly.
Something like pcsc[something] .
Can you help me?
Thanks in advance,
Tyrexionibus

SCS is a very good app, since I've read that Apple has discontinued support for PC/SC interfaces after the release of Mountain Lion.
(My previous installation was a Mavericks upgrade from Lion)
However, I don't know what and how to debug using Smart Card Services. Do you know any commands to use?
Apparently, the SC reader reports no issues: the LED is blinking blue when no smart card is present and becomes fixed blue when a smart card is inserted – according to the manuals, this shows that there is correct communication between the OS and the CCID reader.
I don't know what to do; I'm beginning to hypothesize it's a digital signer issue. In fact, my smart card only supports one application called File Protector (by Actalis) to officially sign digital documents. This application seems to have major difficulties in identifying the miniLector EVO.
The generic and ambiguous internal error comes when I try to manually identify the peripheral.
Athena CNS is one of the Italian smart cards and is automatically recognized and configured (so it's correct – no doubts about this), while "ACS ACR 38U-CCID 00 00" seems to be the real name of the miniLector.
(I'm assuming this because System Information also returns that the real manufacturer is ACS... bit4id is a re-brander)
However, when I click on it and then tap OK, it returns internal error.
As first attempt, I would try to completely erase&clean File Protector files to try a reinstall. Then, if this still doesn't work, I'd debug using the terminal.
So:
- Do you know any applications to 100% clean files created by an installer?
- Do you have in mind any solutions that I might have forgotten?
Thanks in advance from an OS X fan!

Can you suggest me a cheap smart card/reader model?

Hi all,
I am new to java card world. I am reading through various tutorials. for hands on coding practice I would try JCWDE. but I also would like to try
programming a real java enabled smart card. can some one please
suggest me :
1. a cheap smart card (java card enabled)-preferebly that can be
interfaced to my pc through USB port with some sort of adapter.
2. if USB interfacable smart card is not available- anything else.
could you please provide the url to the website.
also where can I download the package+API for java card rmi client programming and SATSA package.
thanks
yankee

1. a cheap smart card (java card enabled)-preferebly
that can beMaybe a JCOP card?
interfaced to my pc through USB port with some
ome sort of adapter.The common "adapter" for communication with smart cards is a card terminal. Most card terminals can be connected to the pc by USB xor Serial (RS232).
also where can I download the package+API for java
card rmi client programming and SATSA package."SATSA 1.0 Installation Guide":
http://java.sun.com/j2me/docs/satsa/Install177.pdf
JC-RMI is only supported by Java Card version 2.2.1. If you want to use it don't by old card of version 2.1.2! Search for JCOP41v2.2 cards. At the moment they can be only bought directly from IBM:
http://www.zurich.ibm.com/jcop/order/tools.html
It includes a license for the JCOP Java Card development environment plugin for eclipse 2 or 3.1 wich is a good start in my opinion.
Jan

MS Remote Desktop and smart card reader

I have installed MS Remote Desktop Conn. on my iMac and connected a smart card reader via the USB. Although my reader energizes when the computer is on, the computer doesn't seem to recognize the reader. When I insert a CAC card into the reader and try to log in remotely, I continue to get a "username/password" box instead of the CAC PIN number. Do I need to install some kind of smart card driver or does Apple already have it? I'm at a loss as to how to fix this.

I was able to get rdesktop 1.6.0 to install on my Mac and I was able to get CAC log-in to work.
However, the installation is a little tricky. I downloaded rdesktop 1.6.0 from this link:
<<http://www.rdesktop.org>>
My instructions for installation:
1. Make sure Xcode Tools is installed on your computer. It should be on your OS X install disk.
2. Find out where your X11 libraries are located:
-From the Finder menu, selct "Go" >> "Go to Folder..."
-Type (without the quotes) "/usr/X11", and click "Go"
You should see a bunch of folders. Make sure the "include" and "lib" folders are there. Otherwise you need to find out where the X11 "include" and "lib" folders are located on your computer.
3. Download rdesktop and place the (unarchived) rdesktop-1.6.0 folder on your Desktop
4. Open the X11 application (should be in your Utilities folder)
5. In the X11 window type the following (without the quotes):
"cd Desktop/rdesktop-1.6.0 && ./configure --enable-smartcard -x-includes=/usr/X11/include -x-libraries=/usr/X11/lib && make && sudo make install"
4. Hit enter. When prompted, enter your administrator password and hit enter.
rdesktop should now be installed in the following folder:
/usr/local/bin
So, to launch rdesktop with smartcard log in enabled, open the X11 application (or Terminal application) and type the following (without the quotes, and replace your.server.address with the server address):
"cd /usr/local/bin && ./rdesktop -r scard your.server.address"
Hit enter and it should launch a new X11 window that will try to access the remote server where you should be prompted for your PIN.
To explore more options with rdesktop, open X11 and type the following (without quotes):
"cd /usr/local/bin && ./rdesktop"
Hit enter and you should get a list of options available to rdesktop.

Error while Accessing Smart Card using Open Card Frame Work

HI
Using Open Card Frame work I am trying to access GemAlto provided Smart Card (java card). I downloaded the Open Card Frame work from http://www.openscdp.org/ocf/download.html.
I am executing a basic program to access the data stored in smart card.
public static void main(String[] args)
                    System.out.println("reading smartcard file...");
                    try {
                    SmartCard.start();
                    CardRequest cr = (FileAccessCardService.class);
                    System.out.println("calling waitforCard");
                    SmartCard sc = SmartCard.waitForCard(cr); //Error comes after this line
                    System.out.println("After waitForCard called");
                    FileAccessCardService facs = (FileAccessCardService)
                    sc.getCardService(FileAccessCardService.class, true);
                    CardFile root = new CardFile(facs);
                    CardFile file = new CardFile(root, ":c009");
                    byte[] data = facs.read(file.getPath(), 0,
                    file.getLength() );
                    sc.close();
                    String entry = new String(data);
                    entry = entry.trim();
                    System.out.println(entry);
                    } catch (Exception e) {
                         e.printStackTrace(System.err);
                    System.exit(0);
The content of the opencard.properties are :
          OpenCard.services = opencard.opt.util.PassThruCardServiceFactory
OpenCard.terminals = com.ibm.opencard.terminal.pcsc10.Pcsc10CardTerminalFactory
OpenCard.trace = opencard:5 com.ibm:4 opencard.opt.database:6
After the line SmartCard sc = SmartCard.waitForCard(cr);
the program is expecting a card to be inserted but while inserting Smartcard the following error message come :
          calling waitforCard
          [ERROR    ] com.ibm.opencard.terminal.pcsc10.OCFPCSC1.OCFPCSC1.SCardConnect
--- message
--- thread Thread[Thread-0,5,main]
--- source com.ibm.opencard.terminal.pcsc10.OCFPCSC1@2e7263
[ERROR    ] com.ibm.opencard.terminal.pcsc10.OCFPCSC1.OCFPCSC1.SCardConnect
--- message Protocol = 0
--- thread Thread[Thread-0,5,main
--- source com.ibm.opencard.terminal.pcsc10.OCFPCSC1@2e7263
Basically the error is coming from the SCardConnect function of OCFPCSC1.cpp file.
Please reply to my mail id if any body has any idea how to resolve this issue.
MAIL-ID : [email protected]
With Regards
Swarup
Finacle Archie
Infosys Technologies Limited,Bhubaneswar,India

Sounds like an issue that has to do with JavaScript Origin policy. You'll have to use Domain Relaxing for this. Read all about it here:
http://help.sap.com/saphelp_nw04/helpdata/en/59/87b54064c2742ae10000000a155106/frameset.htm
here:
http://help.sap.com/saphelp_nw04/helpdata/en/5e/473d4124b08739e10000000a1550b0/frameset.htm
and here:
http://help.sap.com/saphelp_nw04/helpdata/en/cb/f8751d8c6b254dac189f4029c76112/frameset.htm

Need advice for an application that restricts access to other applications using a smart card

Hello everybody,
I am developing a system that uses a smart card reader attached to a USB port of a PC.
What the system should provide is:
When computer boots up and shows the users login screen, a user, previously registered, can use his smart card to access the system, instead of entering his password
Once the user is logged in, when he tries to launch an application, which has previously marked as "secured", a dialog box is shown indicating that the user has to present his smart card. If the smart card has access to the application, the application
is launched, otherwise an error message is shown to the user and the application is not executed.
I develop in C++ and C#. I have already created a library (in Visual C++) that manages the smart card reader and provides the card presented to it.
Now I am developing the applicastion (in C#) that will configure the security (assigning cards to users and applications).
Concerning this, I have 2 questions regarding each point above:
Is it possible to create the centralized application that lists all users and allows to assign cards to them? Then, when the users login screen is shown, the system must access that data before logging in, so that it can check which card was presented and
what user it corresponds to. I have seen in laptops, that have embedded fingerprint readers, a user must login to his account first and then he can register his fingerprints. In fact, what I need to do is something similar but with smart card reader instead
of fingerprint reader. So, perhaps, user must login into his account first and then he will be able to add his card and store that information somewhere (in windows registry maybe).
How can I launch my application when other application is executed but before its interface is actually shown? this is similar to what antivirus programs do, because they check the executable before it is actually ran. What is the best method to address
the application? by executable file name? process name? or other? if the best is by process name, how can I know the process name without actually running the application?
Well, that is all what I need to do. Please advice regarding this subject.
I look forward to hearing from you,
Best regards,
Jaime
Powered by C++

> what was the guidance?
1. Research other software that does similar things (not just exactly the same) as you need. If you like something in their solutions, copy it :)
The only software I know that does that is an antivirus, but I am unlucky to find some code in c++ that allows to intercept the program execution before actually executing it.
2. If a kernel driver would fit in your solution, go for it (google for what is available for free, or find a consultant to write it for you).
There are a lot of information about kernel drivers, but the question is, is that really the solution?
Otherwise, you can just hide the application from user's reach and substitute the executable in shortcuts, etc. to run your program instead.
Definetly this is not the way to go
What is the best method to address the application? by executable file name? process name? or other?
By executable file name, like in the Windows Applocker, I think. Processes do not have names (they are artifact of Task manager and debugging tools, to represent the processes for user somehow). Or, only by the filename part of the full path.
I agree with that
if the best is by process name, how can I know the process name without actually running the application?
When the user runs the application, the driver will detect this and do its magic.
I have found this page: http://stackoverflow.com/questions/3556048/how-to-detect-win32-process-creation-termination-in-c. They mention WMI, but I will study it tommorow... it is so late for today :-)
Regards,
-- pa
Regards
Jaime
Powered by C++

ISE 802.1x EAP-TLS machine and smart card authentication

I suspect I know the answer to this, but thought that I would throw it out there anway...
With Cisco ISE 1.2 is it possible to enable 802.1x machine AND user smart card authentication simultaneously for wired/wireless clients (specifically Windows 7/8, but Linux or OSX would also be good). I can find plenty of information regarding 802.1x machine authentication (EAP-TLS) and user password authentication (PEAP), but none about dual EAP-TLS authentication using certificates for machines and users at the same time. I think I can figure out how to configure such a policy in ISE, but options seem to be lacking on the client end. For example, the Windows 7 supplicant seems only able to present either a machine or user smart card certificate, not one then the other. Plus, I am not sure how the client would know which certificate to present, or if the type can be specified from the authenticator.

Hope this video link will help you
http://www.labminutes.com/sec0045_ise_1_1_wired_dot1x_machine_auth_eap-tls

Digital Signatures with Smart Cards

Hi folks,
It is my first time with digital signatures on R/3 system. Im at customer that uses smart cards (hardware cryptography). We are doing the SAPCRYPTOLIB and front end installations. After finish these tasks, we need to implement the signatures into 3 workflow processes. I already read the SSF programmers guide, API specifications and SSF user guide. But I still have some doubts:
The SSF profile is stored into smart card with private key information, but where are the public keys stored? (PAB Private Address Book of my trusted circle).
Do I need the CRLs? Note: this is only for workflow processes that run inside of customer landscape; this is not a B2B scenario.
We dont have clear yet how we sign the data; we are thinking sign a BOR object. Create an attribute and use it to pass the signer data. Note: for the customer, the objective is user authenticity guarantee.
The BOR object instance ends when the flows finish, so wee need to store the signed data for auditable reasons. A database table can be a good approach or there is another standard way?
P.S.: anyone have documentation about this subject, something like how-to with guidelines?
Thanks in advance,
Ricardo.
Message was edited by:
Ricardo Quintino

The SmartCard device is present at the frontend PC - and that's the place where the digital signature operation has to take place. Important is the "What You See Is What You Sign" principle: it has to be ensured that the data that is to be signed (using the private key stored on the SmartCard) is exactly the same as the one that is displayed to the user.
Notice: there is a different scenario where the server is signing the data (after prompting the user for userID and password and validating that information).
The signed data is then transported back to the server where it is stored (to ensure auditibility); usually you'll have to keep the (archived) data for years; the public key need to be archived as well.
Notice: it is possible to attach the certificate (-> public key) which has been used to sign the data to the signed data.
Regards, Wolfgang

Smart Card and Java Card (URGENT)

Dear everyone.
I have purchased a card reader (which is supposed to be java card compatible).
I have 2 problems.
1. I just wonder if i can use a Smart Card generally available. Do i need to have a special card for Java Card??
2. Can i use card kit to interface to the reader/writer? How do i install my applets??
Please reply soon.
Thank you very much.

I tried to execute the OCF samples.
this code
OpenCard.services = com.ibm.opencard.factory.MFCCardServiceFactory
did not give any trouble
this code
OpenCard.terminals = com.ibm.opencard.terminal.pcsc10.Pcsc10CardTerminalFactory
gave some troubles. May be because iam not using ibm terminal(card).
And also, i think the OCF samples will not work anyhow, because the Reflex reader is not OCF complaint.
So the following may not work
OpenCard.services = com.slb.opencard.Cyberflex
I have most imp. questions to ask you now.
1. What card should i purchase and from whom (along with some software if necessary)?
2. What is the procedure for reading/writing to that card using the Reflex reader.
Please help.
Thanks
Goldy.

Sun Ray Smart Card User Authentication

Hello All,
I recently installed SRSS 4.1 I created 6 users for testing, 3 of which use SRWC to connect to Windows VM's. My problem is with the smart cards. They are required for the user access the SunRay and that part works, however it doesnt seem the cards are binded to any particular user. For instance any of the 6 cards can be inserted and logged into any of the accounts (correct username and pw of course). I thought that each card was linked to one user account which provided increased security. The way it is working now is kind of useless.
Any Suggestions?

Hi,
It depends very much on which type of card you are using and what authentication mechanism you set up.
The SIMPLE card that SUN ships as the Sun Ray card does AFAIK not have any options for personalisation on the Card.
What you can do with it is to use AMGH ( Advanced Multi Group Homeing is a SunRay server feature ) and tie
the CARD ID to a user name. So that when the card is inserted in the Sun Ray , you user ID will be pre-entered in the
UNIX login dialoge. But this does not prohibit the card from being used to log in as a differernt user ID .
If you use the Sun VDI 2.0 ( virtual desktop infrastructure ) software. You need to Populate the Sun Ray Server DataStore
with the Names that will be used as machine names of the virtual PC's in VMware. It is almost nessesary that the
User name is equal to the Vmware Virtual Machin name.
So in VDI the the Username in SRS-DS assoiated with a CARD becomes the virtual Machine name.
( this is not the same as the user name in AMGH but keeping the two the same probably limits the confusion )
If you get hold of a more advanced Public KEY Interchange card, it is possible to set up PKI login to a windows session
this involves some software in the windows XP client to read the smart card in the Sun Ray and to authenticate the card
whit PKI to a known certificate that you have stored for the Card in a Directory ( Active Directory or some other one )
The Sun Ray server can be loaded with the PC/SC - bypass software that allows a Windows server/client using the
Sun Windows Connector RDP software, to read and write directly to the SmartCard inserted in the SUnRay.
The Virtual PC or terminal server will work with the Smartcard reader as if it was local on the WIndows machine.
The "Active CARD" company has such a solution amongst others.
Regards
//Lars

Provider problem by building a secure transmission to a Smart Card

Hi
I have this problem:
I must accomplish a secure transmission with a smart card,
So the transmission is RSA coded.
A RSA key is generated, without any problems I think because the modulus is printed out.
And because he write the key to the card.
But when the transmission with the card begin the program breaks with the error message it could not find any RSA Provider
I use :
- Java 1.4.1
- bcprov-jdk14-117.jar
- jce unrestricted policy files
- cryptix-jce-20030102-snap
- FlexiFullProvider-1.1.3.signed.jar
- OCF1.2
The Programm code with causes the Error :
Line 78
public boolean enableSecureMessaging(CardFilePath path, byte keyNumber)
throws NoSuchAlgorithmException,
InvalidKeyException,
CardServiceException,
CardTerminalException {
KeyPairGenerator rsaKeyPairGenerator;
KeyPair rsaKeyPair;
RSAPubKey     rsaPublicKey;
RSAPrivCrtKey rsaPrivateKey;
RSAPrivateKeySpec rsaPrivateKeySpec;
DESedeKeySpec desKeySpec;
IV iv;
byte[] modulus;
byte[] exponent;
byte[] privateExponent;
byte[] modulusRecord;
byte[] exponentRecord;
byte[] sessionKey;
CredentialBag credentialBag;
TCOS2CredentialStore credentialStore;
ReceiveRSACommunicationCredential rsaCommunicationCredential;
DESedeCommunicationCredential desCommunicationCredential;
PassThruCommunicationCredential passThruCommunicationCredential;
// - RSA KeyPairGenerator initialisieren und ein Schl�sselpaar mit
// 512 Bit erstellen
rsaKeyPairGenerator = KeyPairGenerator.getInstance("RSA");
rsaKeyPairGenerator.initialize(0x200);
rsaKeyPair = rsaKeyPairGenerator.generateKeyPair();
//::B::
Provider[] providern =java.security.Security.getProviders();
     for (int i = 0; i<providern.length;i++)
          System.out.println(providern.getName());
     System.out.println(providern[i].getInfo());
          System.out.println("----------*******----------");
//::E::
// - Public und Private Key aus dem Schl�sselpaar extrahieren
System.out.println(rsaKeyPair);
rsaPublicKey = (RSAPubKey)rsaKeyPair.getPublic();
System.out.println(rsaPublicKey.toString());
rsaPrivateKey = (RSAPrivCrtKey)rsaKeyPair.getPrivate();
modulus = rsaPublicKey.getModulus().toByteArray();
exponent = rsaPublicKey.getPublicExponent().toByteArray();
privateExponent = rsaPrivateKey.getPrivateExponent().toByteArray();
// - Komponenten des Public Key f�r die recordbasierte Speicherung in ein
// Bytearray schreiben
modulusRecord = new byte[0x43];
exponentRecord = new byte[0x06];
modulusRecord[0x00] = (byte)0x01;
modulusRecord[0x01] = (byte)0x41;
exponentRecord[0x00] = (byte)0x02;
exponentRecord[0x01] = (byte)0x04;
System.arraycopy(modulus, 0x00, modulusRecord, 0x43-modulus.length, modulus.length);
System.arraycopy(exponent, 0x00, exponentRecord, 0x06-exponent.length, exponent.length);
// - Komponenten des Public Key auf die Karte schreiben
// Dieser Public Key wird anschlie�end benutzt, um den SessionKey f�r die
// �bertragung zu verschl�sseln
fscs.writeRecord(path, 0x01, modulusRecord);
fscs.writeRecord(path, 0x02, exponentRecord);
// - Private Key in einer KeySpec speichern
rsaPrivateKeySpec = new RSAPrivateKeySpec(rsaPrivateKey.getModulus(),
rsaPrivateKey.getPrivateExponent());
// - Credential f�r die KommuniKation mit der Karte erstellen
// Verschl�sselt wird die RAPDU von der Karte zum PC mit dem zuvor in der
// Karte abgelegten Public Key
credentialBag = new CredentialBag();
credentialStore = new TCOS2CredentialStore();
rsaCommunicationCredential = new ReceiveRSACommunicationCredential();
System.out.println("Hier bricht die Sau ab!! [Martin, hat nat�rlich recht]");
//THIS LINE CAUSES THE ERROR AS YOU SEE
rsaCommunicationCredential.initCipher(rsaPrivateKeySpec, keyNumber, null); System.out.println("Das Schwein i weiter unten!! [Amir]");
credentialStore.storeCredential(0x00, rsaCommunicationCredential);
credentialBag.addCredentialStore(credentialStore);
Debug Message::
Bitte Karte einlegen
[INFO     ] de.telesec.opencard.tcos20.service.TCOS2CardServiceFactory.getCardType
--- message TCOS 2.0 Release 3 smart card detected
--- thread Thread[main,5,main]
--- source class de.telesec.opencard.tcos20.service.TCOS2CardServiceFactory
[DEBUG    ] de.telesec.opencard.tcos20.service.TCOS2BaseCardService.initialize
--- message
--- thread Thread[main,5,main]
--- source class de.telesec.opencard.tcos20.service.TCOS2BaseCardService
[DEBUG    ] de.telesec.opencard.tcos20.service.TCOS2BaseCardService.initialize
--- message
--- thread Thread[main,5,main]
--- source class de.telesec.opencard.tcos20.service.TCOS2BaseCardService
[DEBUG    ] de.telesec.opencard.tcos20.service.TCOS2BaseCardService.initialize
--- message
--- thread Thread[main,5,main]
--- source class de.telesec.opencard.tcos20.service.TCOS2BaseCardService
[DEBUG    ] de.telesec.opencard.tcos20.service.TCOS2BaseCardService.initialize
--- message
--- thread Thread[main,5,main]
--- source class de.telesec.opencard.tcos20.service.TCOS2BaseCardService
[DEBUG    ] de.telesec.opencard.tcos20.service.TCOS2BaseCardService.initialize
--- message
--- thread Thread[main,5,main]
--- source class de.telesec.opencard.tcos20.service.TCOS2BaseCardService
FlexiCore
SunJSSE
Sun JSSE provider(implements RSA Signatures, PKCS12, SunX509 key/trust factories, SSLv3, TLSv1)
SunJCE
SunJCE Provider (implements DES, Triple DES, Blowfish, PBE, Diffie-Hellman, HMAC-MD5, HMAC-SHA1)
SunRsaSign
SUN's provider for RSA signatures
SUN
SUN (DSA key/parameter generation; DSA signing; SHA-1, MD5 digests; SecureRandom; X.509 certificates; JKS keystore; PKIX CertPathValidator; PKIX CertPathBuilder; LDAP, Collection CertStores)
SunJGSS
Sun (Kerberos v5)
CryptixCrypto
Cryptix JCE Strong Crypto Provider
BC
BouncyCastle Security Provider v1.17
java.security.KeyPair@80fa6f
modulus n: 0x4fa8e0ef3fba114c9a4fa74848007f611e01dc4b9ecde00dce08bcf86643a7385a82b4fb8206c6bf28ed82ce69e1541947c7a91e4528e10dc5c06c1142e10a91
exponent e: 0x10001
[DEBUG    ] de.telesec.opencard.tcos20.service.TCOS2BaseCardService.tcosSelect
--- message mode: 8 response mode: 0 data: DF 01 45 C1
--- thread Thread[main,5,main]
--- source class de.telesec.opencard.tcos20.service.TCOS2BaseCardService
[DEBUG    ] de.telesec.opencard.tcos20.service.TCOS2BaseCardService.buildAndSendCommandAPDU
--- message cla ins p1 p2 data le
--- thread Thread[main,5,main]
--- source class de.telesec.opencard.tcos20.service.TCOS2BaseCardService
[DEBUG    ] de.telesec.opencard.tcos20.service.TCOS2BaseCardService.buildAndSendCommandAPDU
--- message cred: null
--- thread Thread[main,5,main]
--- source class de.telesec.opencard.tcos20.service.TCOS2BaseCardService
[INFO     ] de.telesec.opencard.tcos20.service.TCOS2BaseCardService.sendCommandAPDU
--- message Command: APDU_Buffer = 00A4080004DF0145C100 (hex) | lc = 4 | le = 0
--- thread Thread[main,5,main]
--- source class de.telesec.opencard.tcos20.service.TCOS2BaseCardService
[INFO     ] de.telesec.opencard.tcos20.service.TCOS2BaseCardService.sendCommandAPDU
--- message Response: opencard.core.terminal.ResponseAPDU@1b9ce4b
0000: 6F 2F 83 02 45 C1 81 02 00 50 82 03 05 41 43 85 o/..E....P...AC.
0010: 06 01 C4 06 10 00 00 86 18 B2 00 00 00 FF FF DC ................
0020: 00 00 00 FF FF 2A 00 00 00 FF FF EE 00 00 00 FF .....*..........
0030: FF 90 00 ...
--- thread Thread[main,5,main]
--- source class de.telesec.opencard.tcos20.service.TCOS2BaseCardService
[DEBUG    ] de.telesec.opencard.tcos20.isofs.fileinfo.TCOS2CardFileInfo.TCOS2CardFileInfo
--- message Data: 0000: 6F 2F 83 02 45 C1 81 02 00 50 82 03 05 41 43 85 o/..E....P...AC.
0010: 06 01 C4 06 10 00 00 86 18 B2 00 00 00 FF FF DC ................
0020: 00 00 00 FF FF 2A 00 00 00 FF FF EE 00 00 00 FF .....*..........
0030: FF .
--- thread Thread[main,5,main]
--- source class de.telesec.opencard.tcos20.isofs.fileinfo.TCOS2CardFileInfo
[DEBUG    ] de.telesec.opencard.tcos20.service.TCOS2BaseCardService.tcosUpdateRecord
--- message SFI: -1 Mode: 4 Record Number: 1 Data: 0000: 01 41 00 4F A8 E0 EF 3F BA 11 4C 9A 4F A7 48 48 .A.O...?..L.O.HH
0010: 00 7F 61 1E 01 DC 4B 9E CD E0 0D CE 08 BC F8 66 ..a...K........f
0020: 43 A7 38 5A 82 B4 FB 82 06 C6 BF 28 ED 82 CE 69 C.8Z.......(...i
0030: E1 54 19 47 C7 A9 1E 45 28 E1 0D C5 C0 6C 11 42 .T.G...E(....l.B
0040: E1 0A 91 ...
--- thread Thread[main,5,main]
--- source class de.telesec.opencard.tcos20.service.TCOS2BaseCardService
[DEBUG    ] de.telesec.opencard.tcos20.service.TCOS2BaseCardService.buildAndSendCommandAPDU
--- message cla ins p1 p2 data
--- thread Thread[main,5,main]
--- source class de.telesec.opencard.tcos20.service.TCOS2BaseCardService
[DEBUG    ] de.telesec.opencard.tcos20.service.TCOS2BaseCardService.buildAndSendCommandAPDU
--- message cred: null
--- thread Thread[main,5,main]
--- source class de.telesec.opencard.tcos20.service.TCOS2BaseCardService
[INFO     ] de.telesec.opencard.tcos20.service.TCOS2BaseCardService.sendCommandAPDU
--- message Command: APDU_Buffer = 00DC0104430141004FA8E0EF3FBA114C9A4FA74848007F611E01DC4B9ECDE00DCE08BCF86643A7385A82B4FB8206C6BF28ED82CE69E1541947C7A91E4528E10DC5C06C1142E10A91 (hex) | lc = 67 | le = -1
--- thread Thread[main,5,main]
--- source class de.telesec.opencard.tcos20.service.TCOS2BaseCardService
[INFO     ] de.telesec.opencard.tcos20.service.TCOS2BaseCardService.sendCommandAPDU
--- message Response: opencard.core.terminal.ResponseAPDU@1292d26
0000: 90 00 ..
--- thread Thread[main,5,main]
--- source class de.telesec.opencard.tcos20.service.TCOS2BaseCardService
[DEBUG    ] de.telesec.opencard.tcos20.service.TCOS2BaseCardService.tcosUpdateRecord
--- message SFI: -1 Mode: 4 Record Number: 2 Data: 0000: 02 04 00 01 00 01 ......
--- thread Thread[main,5,main]
--- source class de.telesec.opencard.tcos20.service.TCOS2BaseCardService
[DEBUG    ] de.telesec.opencard.tcos20.service.TCOS2BaseCardService.buildAndSendCommandAPDU
--- message cla ins p1 p2 data
--- thread Thread[main,5,main]
--- source class de.telesec.opencard.tcos20.service.TCOS2BaseCardService
[DEBUG    ] de.telesec.opencard.tcos20.service.TCOS2BaseCardService.buildAndSendCommandAPDU
--- message cred: null
--- thread Thread[main,5,main]
--- source class de.telesec.opencard.tcos20.service.TCOS2BaseCardService
[INFO     ] de.telesec.opencard.tcos20.service.TCOS2BaseCardService.sendCommandAPDU
--- message Command: APDU_Buffer = 00DC020406020400010001 (hex) | lc = 6 | le = -1
--- thread Thread[main,5,main]
--- source class de.telesec.opencard.tcos20.service.TCOS2BaseCardService
[INFO     ] de.telesec.opencard.tcos20.service.TCOS2BaseCardService.sendCommandAPDU
--- message Response: opencard.core.terminal.ResponseAPDU@5329c5
0000: 90 00 ..
--- thread Thread[main,5,main]
--- source class de.telesec.opencard.tcos20.service.TCOS2BaseCardService
Hier bricht die Sau ab!! [Martin, hat nat�rlich recht]
java.lang.RuntimeException: Cannot find any provider supporting RSA
     at de.telesec.opencard.tcos20.security.credential.ReceiveRSACommunicationCredential.initCipher(ReceiveRSACommunicationCredential.java:132)
     at sample.enableSecureMessaging(sample.java:160)
     at sample.start(sample.java:522)
     at sample.main(sample.java:564)
Process sample finished
I hope you can help me !

Ok i have solved the Problem by myself, the solution is to do :
-rsaKeyPairGenerator = KeyPairGenerator.getInstance("RSA");
but the cipher musst be
- cipher = Cipher.getInstance("RSA/ECB/PKCS#1");
in the Java-Security all Providers have to disable be adding a # bevor each line
only this line has to put in
- security.provider.1=sun.security.provider.Sun
and last you have to load the Flexi Core and the cryptix Providers dynamicly
-Security.addProvider(new de.flexiprovider.core.FlexiCoreProvider());
-Security.addProvider(new cryptix.jce.provider.CryptixCrypto());

Help with Smart Card (CAC) reader installation

Need help connecting my smart card reader to my Mac Book Pro. Either using Fire Fox, Explorer using Parallels with windows XP, or safari. I downloaded all the documentation from the Army AKO and still have problems with my Card reader.

Hi there, I have written a really good "How-to" on firefox and CAC and also Safari. You might also want to try VMware since Parallels and DoD really don't mix at this time. If yu have any question please let me know.
Jonathan
http://www.applemacgeniusville.com

Smart Card setup in 10.6.4

Hello,
I am working on an iMac running 10.6.4. I am trying to get a smartcard (Athena ASEKey USB Token) to be recognized by the system. Note: this smartcard is not for local system authentication. It is for authentication through a remote desktop connection to a Windows terminal server. I was able to get it working in 10.5.x without too much difficulty. The procedure for getting it working in 10.5.x was as follows:
1. Modify /etc/authorization as specified in the Apple Smart Card Setup Guide.
(This is available at Http://images.apple.com/server/macosx/docs/SmartCard_SetupGuide.pdf)
2. Compile driver with Xcode
3. Copy driver to /usr/libexec/SmartCardServices/drivers/
4. Compile rdesktop 1.6.0 with smart card support
I'm not sure what has changed in 10.6.x to cause this not to work. It appears as though the device is recognized as it appears in the System Profiler under USB when it is plugged in. Any insight will be greatly appreciated. Thank you!
Message was edited by: NetAdmins

I'm trying to make work my Smart Card either. I've looking around the web and seems a matter of luck - you have a combination system-hardware that works or not. People download drivers, installers, library stuff and the card remains away from here. Most of cases is only to access home banking, almost all require smart cards or you only can see, but not to touch.
My VASCO DP905 is listed in USB devices at system profile. I'd install SCA packages from opensc as manufacturer says, but both browsers Safari and FireFox says Applet SmartCardX notinitiated (or notloaded in FF).
In FireFox you can install the device "by hand", but still won't work. In Safari I don't know how to manage this kind stuff.
It's amazing how hard is to make work such simple device, don't you think?

Good Smart Card offline terminal?

Similar Messages

Maybe you are looking for