2

所有,我正在尝试opensc dll在 Windows 7 64 位上访问(最新版本)。我正在尝试访问ePass2003令牌。能够检测到令牌并opensc-tool可以获得名称和其他信息。所以令牌是由 找到的OpenSC。然后我opensc dll从另一个程序加载并调用standard PKCS#11 functions. C_GetSlotList将插槽 0 ID 返回为 -1,将插槽 1 ID 返回为 1。C_GetFunctionList返回我指向函数的指针。问题是当我打电话时C_GetMechanismList我遇到了崩溃c0000005 error

我也通过ePass dll提供的令牌访问了令牌,它工作得很好。

我无法跟踪这个问题,因为它看起来像opensc dllopensc无法与卡连接,但opensc-tool也应该有同样的问题,但它没有。

如果有人可以提供帮助,那就太好了。

跟踪:pkcs11-工具

跟踪#1:

C:\Program Files\OpenSC Project\OpenSC\tools>pkcs11-tool.exe --module opensc-pkcs11.dll -I
Cryptoki version 2.20
Manufacturer     OpenSC (www.opensc-project.org)
Library          Smart card PKCS#11 API (ver 0.0)
Using slot 1 with a present token (0x1)

跟踪#2:

C:\Program Files\OpenSC Project\OpenSC\tools>pkcs11-tool.exe --module opensc-pkcs11.dll -L
Available slots:
Slot 0 (0xffffffff): Virtual hotplug slot
  (empty)
Slot 1 (0x1): FS USB Token 0
  token state:   uninitialized

跟踪#3:

C:\Program Files\OpenSC Project\OpenSC\tools>pkcs11-tool.exe --module opensc-pkcs11.dll -T
Available slots:
No slots.

追踪#4:

C:\Program Files\OpenSC Project\OpenSC\tools>pkcs11-tool.exe --module opensc-pkcs11.dll -M
Using slot 1 with a present token (0x1)

与 c0000005 相同的结果崩溃

4

1 回答 1

0

OpenSC PKCS#11 库将您的令牌视为“未初始化”。如果我没记错的话,用飞天中间件初始化的 ePass 令牌不能用于 OpenSC,反之亦然。因此,如果您想使用 ePass,opensc-pkcs11.dll则需要使用pkcs15-init.exeOpenSC 随附的应用程序来初始化您的令牌。

文档参考:

OpenSC wiki 在ePass3000 页面提到了重新初始化的要求,但在 ePass2003 页面上没有。欧洲经销商gooze.eu还声明需要重新初始化:

原因是ePass2003被飞天专有软件预初始化在Windows7下可以识别。要使用,ePass2003 需要由 OpenSC 初始化。

实际例子:

我已经使用飞天中间件初始化了我的 ePass2003 令牌并使用专有eps2003csp11.dll库进行了测试 - 它工作正常:

C:\Program Files (x86)\OpenSC Project\OpenSC\tools>pkcs11-tool.exe --module eps2003csp11.dll -M
Using slot 0 with a present token (0x1)
Supported mechanisms:
  RSA-PKCS-KEY-PAIR-GEN, keySize={1024,2048}, hw, encrypt, decrypt, sign, verify, generate_key_pair
  RSA-PKCS, keySize={512,2048}, hw, encrypt, decrypt, sign, sign_recover, verify, verify_recover, wrap, unwrap
  RSA-X-509, keySize={512,2048}, encrypt, decrypt, sign, sign_recover, verify, verify_recover, wrap, unwrap
  MD2-RSA-PKCS, keySize={512,2048}, sign, verify
  MD5-RSA-PKCS, keySize={512,2048}, sign, verify
  SHA1-RSA-PKCS, keySize={512,2048}, hw, sign, verify
  DH-PKCS-KEY-PAIR-GEN, keySize={128,2048}, generate_key_pair
  DH-PKCS-DERIVE, keySize={128,2048}, derive
  SHA256-RSA-PKCS, keySize={512,2048}, hw, sign, verify
  SHA384-RSA-PKCS, keySize={512,2048}, sign, verify
  SHA512-RSA-PKCS, keySize={1024,2048}, sign, verify
  mechtype-70, keySize={512,2048}, sign, verify
  RC2-KEY-GEN, keySize={8,1024}, generate
  RC2-ECB, keySize={8,1024}, encrypt, decrypt
  RC2-CBC, keySize={8,1024}, encrypt, decrypt
  RC2-CBC-PAD, keySize={8,1024}, encrypt, decrypt
  RC4-KEY-GEN, keySize={8,2048}, generate
  RC4, keySize={8,2048}, encrypt, decrypt
  DES-KEY-GEN, keySize={56,56}, generate
  DES-ECB, keySize={64,64}, hw, encrypt, decrypt
  DES-CBC, keySize={64,64}, hw, encrypt, decrypt
  DES-CBC-PAD, keySize={64,64}, encrypt, decrypt
  DES3-KEY-GEN, keySize={112,112}, generate
  DES3-ECB, keySize={128,192}, hw, encrypt, decrypt
  DES3-CBC, keySize={128,192}, hw, encrypt, decrypt
  DES3-CBC-PAD, keySize={128,192}, encrypt, decrypt
  MD2, digest
  MD5, digest
  SHA-1, keySize={512,512}, hw, digest, sign, verify
  SHA-1-HMAC, keySize={8,2048}, sign, verify
  SHA256, keySize={512,512}, hw, digest, sign, verify
  mechtype-597, digest
  SHA384, digest
  SHA512, digest
  GENERIC-SECRET-KEY-GEN, keySize={8,2048}, generate
  AES-KEY-GEN, keySize={128,256}, generate
  AES-ECB, keySize={128,256}, hw, encrypt, decrypt
  AES-CBC, keySize={128,256}, hw, encrypt, decrypt
  AES-CBC-PAD, keySize={128,256}, encrypt, decrypt

然后我已经测试opensc-pkcs11.dll并得到了你描述的同样的崩溃:

C:\Program Files (x86)\OpenSC Project\OpenSC\tools>pkcs11-tool.exe --module opensc-pkcs11.dll -M
Using slot 1 with a present token (0x1)

OpenSC 命令行工具停止工作

所以我把卡删了。。

C:\Program Files (x86)\OpenSC Project\OpenSC\tools>pkcs15-init.exe --erase-card
Using reader with a card: FS USB Token 0

..用 OpenSCpkcs15-init应用程序初始化..

C:\Program Files (x86)\OpenSC Project\OpenSC\tools>pkcs15-init.exe --create-pkcs15 --profile pkcs15+onepin --use-default-transport-key --pin 0000 --puk 111111 --label "ePass2003"
Using reader with a card: FS USB Token 0
2014-07-29 22:35:08.208 cannot lock memory, sensitive data may be paged to disk
2014-07-29 22:35:08.442 cannot lock memory, sensitive data may be paged to disk
2014-07-29 22:35:08.882 cannot lock memory, sensitive data may be paged to disk
2014-07-29 22:35:10.059 cannot lock memory, sensitive data may be paged to disk
2014-07-29 22:35:10.497 cannot lock memory, sensitive data may be paged to disk

..然后opensc-pkcs11.dll开始工作:

C:\Program Files (x86)\OpenSC Project\OpenSC\tools>pkcs11-tool.exe --module opensc-pkcs11.dll -M
Using slot 1 with a present token (0x1)
Supported mechanisms:
  SHA-1, digest
  SHA256, digest
  SHA384, digest
  SHA512, digest
  MD5, digest
  RIPEMD160, digest
  GOSTR3411, digest
  RSA-X-509, keySize={512,2048}, hw, decrypt, sign, verify
  RSA-PKCS, keySize={512,2048}, hw, decrypt, sign, verify
  SHA1-RSA-PKCS, keySize={512,2048}, sign, verify
  SHA256-RSA-PKCS, keySize={512,2048}, sign, verify
  MD5-RSA-PKCS, keySize={512,2048}, sign, verify
  RIPEMD160-RSA-PKCS, keySize={512,2048}, sign, verify
  RSA-PKCS-KEY-PAIR-GEN, keySize={512,2048}, generate_key_pair

然而eps2003csp11.dll飞天分发的按预期停止工作:

C:\Program Files (x86)\OpenSC Project\OpenSC\tools>pkcs11-tool.exe --module eps2003csp11.dll -M
No slot with a token was found.
于 2014-07-28T18:12:21.923 回答