[PATCH] SCP03 support for g&d sc 7 card.
Ticket:
https://pagure.io/dogtagpki/issue/1663 Add SCP03 support
This allows the use of the g&d 7 card.
This will require the following:
1. An out of band method is needed to generate an AES based master key.
We do not as of yet have support with tkstool for this:
Ex:
/usr/lib64/nss/unsupported-tools/symkeyutil -d . -K -n new_master_aes -t aes -s 16
2. There are some new config params that can be adjusted to support either the 6.0 or 7.0
cards:
Ex:
tks.defKeySet._005=## tks.prot3 , protocol 3 specific settings
tks.defKeySet._006=## divers= emv,visa2 : Values for the master key case, or > version
one.
tks.defKeySet._007=## diversVer1 = emv,visa2, or none. This is for developer or version
one keyset
tks.defKeySet._008=## devKeyType = DES3or AES. This is for the key type of developer or
version one keys.
tks.defKeySet._009=## masterKeyType = DES3 or AES. This is for the type of key for the
master key.
tks.defKeySet._010=##
tks.defKeySet._011=## Only supports two tokens now: G&D Smart Cafe 6 and Smart Cafe
7, use these exact settings
tks.defKeySet._013=## Smart Cafe 6 settings:
tks.defKeySet._014=## tks.defKeySet.prot3.divers=emv
tks.defKeySet._015=## tks.defKeySet.prot3.diversVer1Keys=emv
tks.defKeySet._016=## tks.defKeySet.prot3.devKeyType=DES3
tks.defKeySet._017=## tks.defKeySet.prot3.masterKeyType=DES3
tks.defKeySet._018=##Smart Cafe 7 settings:
tks.defKeySet._019=## tks.defKeySet.prot3.divers=none
tks.defKeySet._020=## tks.defKeySet.prot3.diversVer1Keys=none
tks.defKeySet._021=## tks.defKeySet.prot3.devKeyType=AES
tks.defKeySet._022=## tks.defKeySet.prot3.masterKeyType=AES
tks.defKeySet._023=##
tks.defKeySet._024=##
_______________________________________________
Pki-devel mailing list
Pki-devel(a)redhat.com
https://www.redhat.com/mailman/listinfo/pki-devel