STATUS
======

This project is nearly deprecated.  There is a new efford to support several
usb crypto tokens at the same time in one driver. This driver is directly
integrated into opensc. The 13/3/2003 snapshot is so far working fine
(with the Aladdin eToken PRO), so check it out.

Download the latest snapshot via http://etoken.sourceforge.net/


I will still fix bus for this project, but further development
is unlikely. If someone wants to take over, please do so.















This is a pcsc-lite driver ("ifdhandler v2") for
Aladdin eToken PRO (some special usb token).

Required Software:
 - pcsc-lite (www.linuxnet.com)
 - libusb (libusb.sourceforge.net)

To install:
 - edit paths in Makefile 
 - make
 - cp libetoken.so to the pcsclite directory.

USB Diagnosis
=============

Is your usb working? Please look at this:
 - is the usbdevfs mounted? "mount" should tell you. 
   you can also look at it with ls:
	simulacron:~# ls /proc/bus/usb/
	001  devices  drivers
	simulacron:~# 
   if it isn't mounted, you can do this yourself:
	mount -t usbdevfs none /proc/bus/usb
   also you can add an entry to /etc/fstab, so it will be always mounted:
   	none	/proc/bus/usb   usbdevfs	defaults        0       0

 - is the etoken detected by the kernel?
	simulacron:~# cat /proc/bus/usb/devices 
   should give you detailed information on all devices.

   Look out for something like this:
	T:  Bus=01 Lev=02 Prnt=05 Port=02 Cnt=01 Dev#=  7 Spd=1.5 MxCh= 0
	D:  Ver= 1.00 Cls=ff(vend.) Sub=00 Prot=00 MxPS= 8 #Cfgs=  1
	P:  Vendor=0529 ProdID=050c Rev= 1.00
	S:  Manufacturer=AKS
	S:  Product=eToken Pro 4151
	C:* #Ifs= 1 Cfg#= 1 Atr=80 MxPwr= 34mA
	I:  If#= 0 Alt= 0 #EPs= 0 Cls=ff(vend.) Sub=00 Prot=00 Driver=(none)

   Also acceptable is 
   	S: Product=eToken PRO 4153
   or
   	S: Product=eToken PRO 4157
   and maybe
        P:  Vendor=0529 ProdID=0514 Rev= 1.00
   	S: Product=eToken PRO 4253

The most common mistake is, to not load uhci or ohci. These two modules
support the hardware usb chip on you motherboard. Most people with intel
will need the uhci support.

If the usb doesn't work (i.e. /proc/bus/usb/devices is empty), you might
want to look at the linux usb documentation, or ask for help on the 
linux usb users mailing lists. 

Testing PCSC-Lite
=================

So, now that usb should work, we can start to configure pcsc-lite.

1.) create a /etc/reader.conf, for examle like this:
	FRIENDLYNAME    "Aladdin eToken PRO"
	DEVICENAME      ALADDIN_ETOKEN
	LIBPATH         /home/aj/opensc/lib/libetoken.so
	CHANNELID       0x0

2.) start pcscd (as root)
3.) build "testpcsc". This is part of pcsc-lite. If you can't find it:
	cd to the "src" directory of pcsc-lite and create it with
	"make testpcsc".
4.) run testpcsc. the usual output is:

this:aj@simulacron:~/pcsc/src/pcsc-lite-1.1.1/src$ ./testpcsc 

MUSCLE PC/SC Lite Test Program

Testing SCardEstablishContext		: Command successful.
Testing SCardGetStatusChange 
Please insert a working reader		: Command successful.
Testing SCardListReaders		: Command successful.
Reader 01: Aladdin eToken PRO 0 0
Enter the reader number			: 01

Waiting for card insertion
					: Command successful.
Testing SCardConnect			: Command successful.
Testing SCardStatus			: Command successful.
Current Reader Name			: Aladdin eToken PRO 0 0
Current Reader State			: 34
Current Reader Protocol			: 1
Current Reader ATR Size			: c
Current Reader ATR Value		: 3B E2 00 FF C1 10 31 FE 55 C8 02 9C 
Testing SCardDisconnect			: Command successful.
Testing SCardReleaseContext		: Command successful.

PC/SC Test Completed Successfully !
aj@simulacron:~/pcsc/src/pcsc-lite-1.1.1/src$

The "Current Reader State" is important! If it is "c" instead of "34"
something is fishy. The details are unknown, i cannot reproduce it,
when trying to track the bug down. Please try pcsc-lite-1.0.1,
that should work fine.

PCSC-Lite and Bundle files
==========================

I'm sorry, the bundle / hotplug mechanism of pcscd is currently not supported.
You need to create a reader.conf. If you did, you can savely ignore any warning
from the pcsc daemon concerning "hotplug".

Opensc implementation
=====================

opensc is an implementation of the PKCS#11 api conforming to PKCS #15.
More details are available at www.opensc.org.

There is an ongoing efford to get etoken working with opensc, however
there is not much that currently works. But you can at least try this:

aj@simulacron:~/opensc$ ./bin/opensc-explorer 
OpenSC Explorer version 0.7.0
Connecting to card in reader Aladdin eToken PRO 0 0...
Using card driver: Aladdin eToken PRO
OpenSC [3F00]> ls
FileID	Type	Size
[6666]	 DF	 5416	 Name: AKS
OpenSC [3F00]> cd 6666
OpenSC [3F00/6666]> ls
FileID	Type	Size
[1000]	DF	5416
[1001]	DF	5416
[1002]	DF	5416
[1003]	DF	5416
[5000]	DF	5416
[6000]	DF	5416
[7000]	DF	5416
OpenSC [3F00/6666]> 

So at least browsing the smartcard directories does work, also
file upload/download should work.

We noticed a problem: the way aladdin stores certificates on the etoken
is not conforming to PKCS#15. So maybe certificates stored on the etoken
will only be accessable under windows or under linux, but not both,
because the drivers have different ideas, in what directory the certificate
should be. This is a problem with all files and keys, not only certificates.

Changelog
=========

13.03.2003	version 0.3.9 released
#inclde <string.h> was missing from ifdhandler.c

23.02.2003	version 0.3.8 released
Get/SetCapabilites still broken, but now return IFD_Error_Tag
(IFD_COMMUNICATIONS_ERROR is not allowed).
Also fix IFDHPowerICC, return the correct status codes
(SUCCESS, NOT_SUPPORTED, POWER_ACTION).
Added very ugly hack to IFDHPowerICC, so it will alway succeed 
when it is called for the very first time.

08.01.2003	version 0.3.7 released
Minor bugfix in etoken.c/power_up_etoken. 
Thanks for reporting to Andreas Gutscher <gutscher@nadja.enst.fr>

28.10.2002	version 0.3.6 released
The atr returned is now the atr the token gives us.
So far i don't analyze the atr, so it's a gamble on
what changes Aladdin did to the newer versions.

Test program now build by default,
etoken compiled with -DDEBUG by default.

Thanks to Nelson Escravana <nelson@escravana.net> for
endless debugging.

16.10.2002	version 0.3.5 released
Fixed a -DDEBUG compile error in ifdhandler.c
New reset handling, hopefully better.
Create my own ifdhandler.h, because pcsc-lite stoped installing it.
We finaly have a webpage, thanks to Panagiotis Peikidis!
I heavily modified it, so blame me for everything that is wrong.

6.8.2002	
Added Info.plist by Roland Dirlewanger <rd@dr15.cnrs.fr>

31.7.2002	version 0.3.4 released
Added documentation on usb.

31.7.2002	version 0.3.3 released
Added documentation on testpcsc and opensc.
Removed dependency stuff from Makefile.

1.7.2002	version 0.3.2 released
#include <string.h> in etoken.c added.

25.6.2002	version 0.3.1 released
added new product id 0x514 as reported by
Roland Dirlewanger <rd@dr15.cnrs.fr>. thanks Roland!

13.6.2002	verson 0.3 released
debugging now via syslog
fix in t=1
both done by olaf kirch, thanks!

8.2.2002	version 0.2 release
fixed very nasty bug in t1 protocol

7.2.2002	version 0.1 released
added note about paths to Readme and Makefile
test eToken != NULL and eToken->usb != null in usb_transmit
additional documentation

3.2.2002	version 0.0 released



TODO 
 - select() doesn't return the directory content. why ?
 - how to reset the smartcard chip ?
   currently i do a usb reset of the whole token in power_off.
 - remove obsolete debugging code
