fortify
fortify copied to clipboard
PeculiarVentures
Add support for '3bbf96008131fe5d00640411040f31c073f701d000900074' token
Reader name: DATEV Virtueller SmartCard Leser 0 ATR: 3BBF96008131FE5D00640411040F31C073F701D000900074
{
"cards": [{
"atr": "3BBF96008131FE5D00640411040F31C073F701D000900074",
"name": "Token name",
"driver": "22321E684272425A40627493D0F794B5F51F310D"
}],
"drivers": [{
"id": "22321E684272425A40627493D0F794B5F51F310D",
"name": "Driver name",
"file": {
"windows": "path/to/pkcs11.dll",
"osx": "path/to/pkcs11.dylib"
}
}]
}
Smart card ATR parsing 3BBF96008131FE5D00640411040F31C073F701D000900074
@JanSlabon can you provide some additional details, for example:
- What is the path to the PKCS#11 library?
- What is the name of the token?
Ryan, I simply don't know... how/where do I find the exact information you need?
It's this token: https://www.datev.de/web/de/datev-shop/it-loesungen-und-security/datev-midentity-compact/ Drivers can be download here: https://www.datev.de/web/de/service/software-auslieferung/download-bereich/it-loesungen-und-security/treiber-fuer-smartcard-lesegeraete-und-den-datev-midentity/?stat_Mparam=int_url_datev_sc-treiber
Try to update your ~/.fortify/card.json file. Looks like OpenSC supports this token
https://github.com/OpenSC/OpenSC/blob/master/src/libopensc/card-tcos.c#L47
- open
card.jsonfile - add card to "cards" array
- restart Fortify
OpenSC
{
"cards": [
{
"atr": "3BBF96008131FE5D00640411040F31C073F701D000900074",
"name": "DATEV mIDentity compact",
"driver": "993988460d8f49a2ac519a2935f11533"
}
]
}
Let me know if it works I'll publish new version of card.json
now.
Do you find that file anywhere on your computer?
Does this card work in other applications? If so what applications?
I found this file in C:\Windows\SysWOW64\opensc-pkcs11.dll If I copy it to C:\Windows\System32\opensc-pkcs11.dll I get:
The card works e.g. with IE 11 and Chrome.
@microshine my guess is that driver doesn’t have the 64bit path specified.
Please check the json and update as appropriate.
Jan go ahead and remove the copied file.
Fortify is looking for OpenSC in %WINDIR/System32/opensc-pkcs11.dll
https://github.com/PeculiarVentures/webcrypto-local/blob/master/packages/cards/lib/card.json#L378-L386
Please update card.json again
{
"id": "993988460d8f49a2ac519a2935f11533",
"name": "OpenSC driver",
"file": {
"osx": "/Library/OpenSC/lib/pkcs11/opensc-pkcs11.so",
"linux": [
"/usr/lib/opensc-pkcs11.so",
"/usr/lib/x86_64-linux-gnu/opensc-pkcs11.so"
],
"windows": {
"x86": ["%WINDIR/System32/opensc-pkcs11.dll"],
"x64": ["%WINDIR/SysWOW64/opensc-pkcs11.dll"]
}
}
}
When I update the driver entry to this, I get asked if I want to report new card readers. Again this is raised up again. I also get this.
But I do not see any new provider.
Can you disable fortify log and share it with me ([email protected])?
You can find log file in ~/.fortify/fortify.log.
I don't see Provider:Token:Insert logs for 3bbf96008131fe5d00640411040f31c073f701d000900074
Can you double check that this ATR is in card and has existing driver?
I've updated card.json to v1.0.22. Fortify will rewrite your card.json file on restart
You can disable card.json updating by adding "disableCardUpdate": false to ~/.fortify/config.json
I can use the card in Chrome or IE 11... that's what I know. There was a single setup package, which brought the card to live: https://www.datev.de/web/de/service/software-auslieferung/download-bereich/it-loesungen-und-security/treiber-fuer-smartcard-lesegeraete-und-den-datev-midentity/?stat_Mparam=int_url_datev_sc-treiber
Regarding 1.0.22: does that mean that I should update fority now?
card.json version doesn't depend of Fortify version. You don't need to update Fortify.
I cannot find which PKCS#11 library your token uses. Let's try to use OpenSC again
- Install OpenSC https://github.com/OpenSC/OpenSC/releases/tag/0.19.0
- Update card.json
- Enable Fortify log
- Restart Fortify
Error: Win32 error 193
Can you download ProcessMonitor https://docs.microsoft.com/ru-ru/sysinternals/downloads/procmon and find out which dependecy is missing?