<html xmlns="http://www.w3.org/1999/xhtml" xmlns:html="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>
EstonianEid – OpenSC
</title><style type="text/css">
@import url(trac.css);
</style></head><body><div id="content" class="wiki">
<div class="wikipage searchable">
<h1 id="EstonianeID">Estonian eID</h1>
<p>
OpenSC is the official software for the Estonian eID card for non-WinCSP platforms as well as PKCS#11 provider on all three supported platforms: Windows, Mac OS X, Linux/BSD/*nix
</p>
<p>
Resources:
</p>
<ul><li>The official home page for the Estonian eID card is <a class="ext-link" href="http://www.id.ee" shape="rect"><span class="icon"> </span>http://www.id.ee</a>.
</li><li>Martin Paljak has more information (in Estonian) and binary and source downloads: <a class="ext-link" href="http://ideelabor.ee/id-kaart/" shape="rect"><span class="icon"> </span>http://ideelabor.ee/id-kaart/</a>. Contact him with any issues and questions regarding EstEID
<ul><li>No end-user troubleshooting. End-user support is available from <a class="ext-link" href="http://support.sk.ee" shape="rect"><span class="icon"> </span>http://support.sk.ee</a> or by calling 1777 from Estonia.
</li></ul></li><li>A nice movie in English that explains the solution: <a class="ext-link" href="http://www.openxades.org/files/id_movie_eng.mpeg" shape="rect"><span class="icon"> </span>http://www.openxades.org/files/id_movie_eng.mpeg</a>
</li><li>And some paperwork: <a class="ext-link" href="http://www.infosec.co.uk/ExhibitorLibrary/168/EstoniaID_CaseStudy.pdf" shape="rect"><span class="icon"> </span>http://www.infosec.co.uk/ExhibitorLibrary/168/EstoniaID_CaseStudy.pdf</a>
</li><li>The eID card and surrounding infrastructure is a key component in the e-voting system. General overview of the system can be found from here: <a class="ext-link" href="http://www.vvk.ee/elektr/docs/Yldkirjeldus-eng.pdf" shape="rect"><span class="icon"> </span>http://www.vvk.ee/elektr/docs/Yldkirjeldus-eng.pdf</a>. OpenSC PKCS#11 is used for card access on non-windows platforms (Linux, OS X).
</li></ul><p>
Estonian eID card uses <a class="wiki" href="Micardo.html" shape="rect">Micardo</a> card driver or a similar MULTOS application. This is what is available on the card (Isikutuvastus = authentication, allkirjastamine = digital signature):
</p>
<pre class="wiki" xml:space="preserve">martin$ pkcs15-tool -D
Using reader with a card: SCM SPR 532 00 00
PKCS#15 Card [MARTIN PALJAK]:
Version : 2
Serial number : A1528610
Manufacturer ID: AS Sertifitseerimiskeskus
Flags : Read-only, PRN generation, EID compliant
PIN [PIN1]
Com. Flags: 0x0
ID : 01
Flags : [0x00]
Length : min_len:4, max_len:12, stored_len:12
Pad char : 0x00
Reference : 1
Type : ascii-numeric
Path :
Tries left: 3
PIN [PIN2]
Com. Flags: 0x0
ID : 02
Flags : [0x00]
Length : min_len:5, max_len:12, stored_len:12
Pad char : 0x00
Reference : 2
Type : ascii-numeric
Path :
Tries left: 3
PIN [PUK]
Com. Flags: 0x40
ID : 03
Flags : [0x40], unblockingPin
Length : min_len:8, max_len:12, stored_len:12
Pad char : 0x00
Reference : 0
Type : ascii-numeric
Path :
Tries left: 3
Private RSA Key [Isikutuvastus]
Com. Flags : 1
User consent: no
Usage : [0x3F], encrypt, decrypt, sign, signRecover, wrap, unwrap
Access Flags: [0x1D], sensitive, alwaysSensitive, neverExtract, local
ModLength : 1024
Key ref : 1
Native : yes
Path :
Auth ID : 01
ID : 01
Private RSA Key [Allkirjastamine]
Com. Flags : 1
User consent: yes
Usage : [0x200], nonRepudiation
Access Flags: [0x1D], sensitive, alwaysSensitive, neverExtract, local
ModLength : 1024
Key ref : 2
Native : yes
Path :
Auth ID : 02
ID : 02
X.509 Certificate [Isikutuvastus]
Flags : 0
Authority: no
Path : 3f00eeeeaace
ID : 01
X.509 Certificate [Allkirjastamine]
Flags : 0
Authority: no
Path : 3f00eeeeddce
ID : 02
</pre><p>
Known ATR-s of the card are:
</p>
<ul><li><a class="ext-link" href="http://smartcard-atr.appspot.com/parse?ATR=3B%206E%2000%2000%2045%2073%2074%2045%2049%2044%2020%2076%2065%2072%2020%2031%202E%2030" shape="rect"><span class="icon"> </span>3B 6E 00 00 45 73 74 45 49 44 20 76 65 72 20 31 2E 30</a>
</li><li><a class="ext-link" href="http://smartcard-atr.appspot.com/parse?ATR=3B%206E%2000%20FF%2045%2073%2074%2045%2049%2044%2020%2076%2065%2072%2020%2031%202E%2030" shape="rect"><span class="icon"> </span>3B 6E 00 FF 45 73 74 45 49 44 20 76 65 72 20 31 2E 30</a>
</li><li><a class="ext-link" href="http://smartcard-atr.appspot.com/parse?ATR=3B%20DE%2018%20FF%20C0%2080%20B1%20FE%2045%201F%2003%2045%2073%2074%2045%2049%2044%2020%2076%2065%2072%2020%2031%202E%2030%202B" shape="rect"><span class="icon"> </span>3B DE 18 FF C0 80 B1 FE 45 1F 03 45 73 74 45 49 44 20 76 65 72 20 31 2E 30 2B</a>
</li><li><a class="ext-link" href="http://smartcard-atr.appspot.com/parse?ATR=3B%20FE%2094%2000%20FF%2080%20B1%20FA%2045%201F%2003%2045%2073%2074%2045%2049%2044%2020%2076%2065%2072%2020%2031%202E%2030%2043" shape="rect"><span class="icon"> </span>3B FE 94 00 FF 80 B1 FA 45 1F 03 45 73 74 45 49 44 20 76 65 72 20 31 2E 30 43</a>
</li><li><a class="ext-link" href="http://smartcard-atr.appspot.com/parse?ATR=3B%20FE%2096%2000%20FF%20C0%200A%2031%20FE%204D%2045%2073%2074%2045%2049%2044%2020%2076%2065%2072%2020%2031%202E%2030%209B" shape="rect"><span class="icon"> </span>3B FE 96 00 FF C0 0A 31 FE 4D 45 73 74 45 49 44 20 76 65 72 20 31 2E 30 9B</a>
</li></ul>
</div><ul class="tags"><li class="header">Tags</li><li><a href="/opensc/tags/%27eID%27" rel="tag" shape="rect">eID</a> </li><li><a href="/opensc/tags/%27maintained%27" rel="tag" shape="rect">maintained</a> </li><li><a href="/opensc/tags/%27martin%27" rel="tag" shape="rect">martin</a> </li><li><a href="/opensc/tags/%27readonly%27" rel="tag" shape="rect">readonly</a> </li><li><a href="/opensc/tags/%27supported%27" rel="tag" shape="rect">supported</a> </li></ul>
</div><div class="footer"><hr></hr><p><a href="index.html">Back to Index</a></p></div></body></html>
distrib
>
Fedora
>
13
>
x86_64
>
media
>
updates
>
by-pkgid
>
64d7525dee9596ae0eae9ecd4241861b
>
files
>
62
