Support for Feitian ePass2003

Status changed to 'Confirmed' because the bug affects multiple users.

I have an upgrade to 0.13 in progress. Can you help test it? If so, please email me and I'll either get you a deb or setup a PPA.

It does not yet work with the 0.13 version from your opensc PPA.

dveeden@daniel-thinkpad:~$ opensc-tool --serial
Using reader with a card: Feitian ePass2003 00 00
sc_card_ctl(*, SC_CARDCTL_GET_SERIALNR, *) failed
dveeden@daniel-thinkpad:~$ dpkg -S $(which opensc-tool)
opensc: /usr/bin/opensc-tool
dveeden@daniel-thinkpad:~$ apt-cache policy opensc
opensc:
  Installed: 0.13.0-3ubuntu1
  Candidate: 0.13.0-3ubuntu1
  Version table:
 *** 0.13.0-3ubuntu1 0
        100 /var/lib/dpkg/status
     0.12.2-2ubuntu2 0
        500 http://nl.archive.ubuntu.com/ubuntu/ raring/universe amd64 Packages
dveeden@daniel-thinkpad:~$ opensc-tool --reader 0 --name
epass2003
dveeden@daniel-thinkpad:~$ pkcs15-tool --dump
Using reader with a card: Feitian ePass2003 00 00
PKCS#15 binding failed: Unsupported card
dveeden@daniel-thinkpad:~$ dpkg -S $(which pkcs15-tool)
opensc: /usr/bin/pkcs15-tool

Daniel, Thanks for trying this. Where did you try the 0.13 or where did you read that it supported the card? Ubuntu didn't really change this package much.

From https://github.com/OpenSC/OpenSC/blob/master/NEWS:
"New in 0.13.0; 2012-12-04
* New card driver ePass2003."

And https://github.com/OpenSC/OpenSC/pull/57

It has become apparent that 0.13.0 or 0.13.1 doesn't support the epass, so I'm bailing on this update.

Status changed to 'Confirmed' because the bug affects multiple users.

Applying some upstream commits in master not in 0.13.0 fixed the issue for me. Attached you'll find a debdiff and packages are available on my PPA. https://launchpad.net/~gertvdijk/+archive/epass2003

Please incorporate it in Ubuntu for 14.04.

Thanks for those commented in the Fedora bug tracker to notice the upstream commits providing proper support. https://bugzilla.redhat.com/show_bug.cgi?id=981462

The attachment "opensc_0.13.0-3ubuntu4.debdiff" seems to be a debdiff. The ubuntu-sponsors team has been subscribed to the bug report so that they can review and hopefully sponsor the debdiff. If the attachment isn't a patch, please remove the "patch" flag from the attachment, remove the "patch" tag, and if you are member of the ~ubuntu-sponsors, unsubscribe the team.

[This is an automated message performed by a Launchpad user owned by ~brian-murray, for any issue please contact him.]

@Gert: Thanks for the work. In what vcs did you find those commits? I've been trying to look at e.g https://github.com/OpenSC/OpenSC/commit/ed0f273 but that gives an invalid url error

@Sebastien Hmm, you're right. It looks like I've taken the commit hashes after cherry-picking them. I'll upload a new debdiff with the correct hashes when I find the opportunity. Thanks for noticing!

In the meantime, here are the correct ones:

4c1cafe epass2003: key generation allows stricter privkey/pubkey ACLs
https://github.com/OpenSC/OpenSC/commit/4c1cafed7cd202c5e5539fc132a38fff5d3d5e94

b1a4775 epass2003: properly disable padding
https://github.com/OpenSC/OpenSC/commit/b1a4775310a4e30d8fd5c1cc91e60971f922e64a

83dc469 epass2003: list_files implemented
https://github.com/OpenSC/OpenSC/commit/83dc469f07fb753664400e4dec6ce2d657d7ad64

ee48ea1 Fix to allow exponents other than 65537 for Feitian ePass 2003
https://github.com/OpenSC/OpenSC/commit/ee48ea187abb6815d7ddd886c712fd0be2dbfab2

Here's the promised debdiff with appropriate changelog.

Thanks! Sponsored.

This bug was fixed in the package opensc - 0.13.0-3ubuntu4

---------------
opensc (0.13.0-3ubuntu4) trusty; urgency=low

  * debian/patches/0002-fix-epass2003-support-from-upstream.patch:
    Add upstream fixes for ePass2003 token. Cherry-picking commits
    - 4c1cafe epass2003: key generation allows stricter privkey/pubkey ACLs
    - b1a4775 epass2003: properly disable padding
    - 83dc469 epass2003: list_files implemented
    - ee48ea1 Fix to allow exponents other than 65537 for Feitian ePass 2003
    (LP: #1176305)
 -- Gert van Dijk <email address hidden> Mon, 10 Mar 2014 19:38:23 +0100