<html xmlns="http://www.w3.org/1999/xhtml" xmlns:html="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <title> EstonianEid – OpenSC </title><style type="text/css"> @import url(trac.css); </style></head><body><div id="content" class="wiki"> <div class="wikipage searchable"> <h1 id="EstonianeID">Estonian eID</h1> <p> OpenSC is the official software for the Estonian eID card for non-WinCSP platforms as well as PKCS#11 provider on all three supported platforms: Windows, Mac OS X, Linux/BSD/*nix </p> <p> Resources: </p> <ul><li>The official home page for the Estonian eID card is <a class="ext-link" href="http://www.id.ee" shape="rect"><span class="icon"> </span>http://www.id.ee</a>. </li><li>Martin Paljak has more information (in Estonian) and binary and source downloads: <a class="ext-link" href="http://ideelabor.ee/id-kaart/" shape="rect"><span class="icon"> </span>http://ideelabor.ee/id-kaart/</a>. Contact him with any issues and questions regarding EstEID <ul><li>No end-user troubleshooting. End-user support is available from <a class="ext-link" href="http://support.sk.ee" shape="rect"><span class="icon"> </span>http://support.sk.ee</a> or by calling 1777 from Estonia. </li></ul></li><li>A nice movie in English that explains the solution: <a class="ext-link" href="http://www.openxades.org/files/id_movie_eng.mpeg" shape="rect"><span class="icon"> </span>http://www.openxades.org/files/id_movie_eng.mpeg</a> </li><li>And some paperwork: <a class="ext-link" href="http://www.infosec.co.uk/ExhibitorLibrary/168/EstoniaID_CaseStudy.pdf" shape="rect"><span class="icon"> </span>http://www.infosec.co.uk/ExhibitorLibrary/168/EstoniaID_CaseStudy.pdf</a> </li><li>The eID card and surrounding infrastructure is a key component in the e-voting system. General overview of the system can be found from here: <a class="ext-link" href="http://www.vvk.ee/elektr/docs/Yldkirjeldus-eng.pdf" shape="rect"><span class="icon"> </span>http://www.vvk.ee/elektr/docs/Yldkirjeldus-eng.pdf</a>. OpenSC PKCS#11 is used for card access on non-windows platforms (Linux, OS X). </li></ul><p> Estonian eID card uses <a class="wiki" href="Micardo.html" shape="rect">Micardo</a> card driver or a similar MULTOS application. This is what is available on the card (Isikutuvastus = authentication, allkirjastamine = digital signature): </p> <pre class="wiki" xml:space="preserve">martin$ pkcs15-tool -D Using reader with a card: SCM SPR 532 00 00 PKCS#15 Card [MARTIN PALJAK]: Version : 2 Serial number : A1528610 Manufacturer ID: AS Sertifitseerimiskeskus Flags : Read-only, PRN generation, EID compliant PIN [PIN1] Com. Flags: 0x0 ID : 01 Flags : [0x00] Length : min_len:4, max_len:12, stored_len:12 Pad char : 0x00 Reference : 1 Type : ascii-numeric Path : Tries left: 3 PIN [PIN2] Com. Flags: 0x0 ID : 02 Flags : [0x00] Length : min_len:5, max_len:12, stored_len:12 Pad char : 0x00 Reference : 2 Type : ascii-numeric Path : Tries left: 3 PIN [PUK] Com. Flags: 0x40 ID : 03 Flags : [0x40], unblockingPin Length : min_len:8, max_len:12, stored_len:12 Pad char : 0x00 Reference : 0 Type : ascii-numeric Path : Tries left: 3 Private RSA Key [Isikutuvastus] Com. Flags : 1 User consent: no Usage : [0x3F], encrypt, decrypt, sign, signRecover, wrap, unwrap Access Flags: [0x1D], sensitive, alwaysSensitive, neverExtract, local ModLength : 1024 Key ref : 1 Native : yes Path : Auth ID : 01 ID : 01 Private RSA Key [Allkirjastamine] Com. Flags : 1 User consent: yes Usage : [0x200], nonRepudiation Access Flags: [0x1D], sensitive, alwaysSensitive, neverExtract, local ModLength : 1024 Key ref : 2 Native : yes Path : Auth ID : 02 ID : 02 X.509 Certificate [Isikutuvastus] Flags : 0 Authority: no Path : 3f00eeeeaace ID : 01 X.509 Certificate [Allkirjastamine] Flags : 0 Authority: no Path : 3f00eeeeddce ID : 02 </pre><p> Known ATR-s of the card are: </p> <ul><li><a class="ext-link" href="http://smartcard-atr.appspot.com/parse?ATR=3B%206E%2000%2000%2045%2073%2074%2045%2049%2044%2020%2076%2065%2072%2020%2031%202E%2030" shape="rect"><span class="icon"> </span>3B 6E 00 00 45 73 74 45 49 44 20 76 65 72 20 31 2E 30</a> </li><li><a class="ext-link" href="http://smartcard-atr.appspot.com/parse?ATR=3B%206E%2000%20FF%2045%2073%2074%2045%2049%2044%2020%2076%2065%2072%2020%2031%202E%2030" shape="rect"><span class="icon"> </span>3B 6E 00 FF 45 73 74 45 49 44 20 76 65 72 20 31 2E 30</a> </li><li><a class="ext-link" href="http://smartcard-atr.appspot.com/parse?ATR=3B%20DE%2018%20FF%20C0%2080%20B1%20FE%2045%201F%2003%2045%2073%2074%2045%2049%2044%2020%2076%2065%2072%2020%2031%202E%2030%202B" shape="rect"><span class="icon"> </span>3B DE 18 FF C0 80 B1 FE 45 1F 03 45 73 74 45 49 44 20 76 65 72 20 31 2E 30 2B</a> </li><li><a class="ext-link" href="http://smartcard-atr.appspot.com/parse?ATR=3B%20FE%2094%2000%20FF%2080%20B1%20FA%2045%201F%2003%2045%2073%2074%2045%2049%2044%2020%2076%2065%2072%2020%2031%202E%2030%2043" shape="rect"><span class="icon"> </span>3B FE 94 00 FF 80 B1 FA 45 1F 03 45 73 74 45 49 44 20 76 65 72 20 31 2E 30 43</a> </li><li><a class="ext-link" href="http://smartcard-atr.appspot.com/parse?ATR=3B%20FE%2096%2000%20FF%20C0%200A%2031%20FE%204D%2045%2073%2074%2045%2049%2044%2020%2076%2065%2072%2020%2031%202E%2030%209B" shape="rect"><span class="icon"> </span>3B FE 96 00 FF C0 0A 31 FE 4D 45 73 74 45 49 44 20 76 65 72 20 31 2E 30 9B</a> </li></ul> </div><ul class="tags"><li class="header">Tags</li><li><a href="/opensc/tags/%27eID%27" rel="tag" shape="rect">eID</a> </li><li><a href="/opensc/tags/%27maintained%27" rel="tag" shape="rect">maintained</a> </li><li><a href="/opensc/tags/%27martin%27" rel="tag" shape="rect">martin</a> </li><li><a href="/opensc/tags/%27readonly%27" rel="tag" shape="rect">readonly</a> </li><li><a href="/opensc/tags/%27supported%27" rel="tag" shape="rect">supported</a> </li></ul> </div><div class="footer"><hr></hr><p><a href="index.html">Back to Index</a></p></div></body></html>