Question

全部，我试图在Windows 7 64位上访问opensc dll（最新版本）。我正在尝试访问ePass2003令牌。 opensc-tool能够检测到令牌并可以获取名称和其他信息。所以令牌由OpenSC找到。然后我从另一个程序加载opensc dll并致电standard PKCS#11 functions。 C_GetSlotList返回slot 0 ID为-1，slot 1 ID为1. C_GetFunctionList返回指向函数的指针。问题是，当我致电C_GetMechanismList时，c0000005 error发生了崩溃。

我也通过令牌提供的ePass dll访问了令牌，它运行正常。

我无法跟踪此问题，因为它看起来像是opensc dll，opensc无法与卡接口但是openc-tool也应该有同样的问题，但它不会

如果有人可以提供帮助，那就太棒了。

TRACE：pkcs11-tool

追踪＃1：

C:\Program Files\OpenSC Project\OpenSC\tools>pkcs11-tool.exe --module opensc-pkcs11.dll -I
Cryptoki version 2.20
Manufacturer     OpenSC (www.opensc-project.org)
Library          Smart card PKCS#11 API (ver 0.0)
Using slot 1 with a present token (0x1)

追踪＃2：

C:\Program Files\OpenSC Project\OpenSC\tools>pkcs11-tool.exe --module opensc-pkcs11.dll -L
Available slots:
Slot 0 (0xffffffff): Virtual hotplug slot
  (empty)
Slot 1 (0x1): FS USB Token 0
  token state:   uninitialized

追踪＃3：

C:\Program Files\OpenSC Project\OpenSC\tools>pkcs11-tool.exe --module opensc-pkcs11.dll -T
Available slots:
No slots.

追踪＃4：

C:\Program Files\OpenSC Project\OpenSC\tools>pkcs11-tool.exe --module opensc-pkcs11.dll -M
Using slot 1 with a present token (0x1)

与c0000005相同的结果崩溃

Answer 1

OpenSC PKCS＃11库将您的令牌视为“未初始化”。如果我没记错的话，用飞天中间件初始化的ePass令牌不能与OpenSC一起使用，反之亦然。因此，如果您想将ePass与opensc-pkcs11.dll一起使用，则需要使用OpenSC附带的pkcs15-init.exe应用程序来初始化您的令牌。

文档参考：

OpenSC wiki提到了ePass3000 page上重新初始化的要求，但未提及ePass2003 page上的重新初始化要求。欧洲经销商gooze.eu还声明需要重新初始化：

原因是ePass2003已预先初始化为可识别在Windows7下由飞天专有软件。为了可以使用， ePass2003需要由OpenSC初始化。

实际例子：

我已经使用飞天中间件初始化了我的ePass2003令牌，并使用专有的eps2003csp11.dll库进行了测试 - 它工作正常：

C:\Program Files (x86)\OpenSC Project\OpenSC\tools>pkcs11-tool.exe --module eps2003csp11.dll -M
Using slot 0 with a present token (0x1)
Supported mechanisms:
  RSA-PKCS-KEY-PAIR-GEN, keySize={1024,2048}, hw, encrypt, decrypt, sign, verify, generate_key_pair
  RSA-PKCS, keySize={512,2048}, hw, encrypt, decrypt, sign, sign_recover, verify, verify_recover, wrap, unwrap
  RSA-X-509, keySize={512,2048}, encrypt, decrypt, sign, sign_recover, verify, verify_recover, wrap, unwrap
  MD2-RSA-PKCS, keySize={512,2048}, sign, verify
  MD5-RSA-PKCS, keySize={512,2048}, sign, verify
  SHA1-RSA-PKCS, keySize={512,2048}, hw, sign, verify
  DH-PKCS-KEY-PAIR-GEN, keySize={128,2048}, generate_key_pair
  DH-PKCS-DERIVE, keySize={128,2048}, derive
  SHA256-RSA-PKCS, keySize={512,2048}, hw, sign, verify
  SHA384-RSA-PKCS, keySize={512,2048}, sign, verify
  SHA512-RSA-PKCS, keySize={1024,2048}, sign, verify
  mechtype-70, keySize={512,2048}, sign, verify
  RC2-KEY-GEN, keySize={8,1024}, generate
  RC2-ECB, keySize={8,1024}, encrypt, decrypt
  RC2-CBC, keySize={8,1024}, encrypt, decrypt
  RC2-CBC-PAD, keySize={8,1024}, encrypt, decrypt
  RC4-KEY-GEN, keySize={8,2048}, generate
  RC4, keySize={8,2048}, encrypt, decrypt
  DES-KEY-GEN, keySize={56,56}, generate
  DES-ECB, keySize={64,64}, hw, encrypt, decrypt
  DES-CBC, keySize={64,64}, hw, encrypt, decrypt
  DES-CBC-PAD, keySize={64,64}, encrypt, decrypt
  DES3-KEY-GEN, keySize={112,112}, generate
  DES3-ECB, keySize={128,192}, hw, encrypt, decrypt
  DES3-CBC, keySize={128,192}, hw, encrypt, decrypt
  DES3-CBC-PAD, keySize={128,192}, encrypt, decrypt
  MD2, digest
  MD5, digest
  SHA-1, keySize={512,512}, hw, digest, sign, verify
  SHA-1-HMAC, keySize={8,2048}, sign, verify
  SHA256, keySize={512,512}, hw, digest, sign, verify
  mechtype-597, digest
  SHA384, digest
  SHA512, digest
  GENERIC-SECRET-KEY-GEN, keySize={8,2048}, generate
  AES-KEY-GEN, keySize={128,256}, generate
  AES-ECB, keySize={128,256}, hw, encrypt, decrypt
  AES-CBC, keySize={128,256}, hw, encrypt, decrypt
  AES-CBC-PAD, keySize={128,256}, encrypt, decrypt

然后我用opensc-pkcs11.dll进行了测试，并得到了你所描述的相同的崩溃：

C:\Program Files (x86)\OpenSC Project\OpenSC\tools>pkcs11-tool.exe --module opensc-pkcs11.dll -M
Using slot 1 with a present token (0x1)

OpenSC command line tool stopped working

所以我擦掉了卡片。

C:\Program Files (x86)\OpenSC Project\OpenSC\tools>pkcs15-init.exe --erase-card
Using reader with a card: FS USB Token 0

..使用OpenSC pkcs15-init应用程序初始化..

C:\Program Files (x86)\OpenSC Project\OpenSC\tools>pkcs15-init.exe --create-pkcs15 --profile pkcs15+onepin --use-default-transport-key --pin 0000 --puk 111111 --label "ePass2003"
Using reader with a card: FS USB Token 0
2014-07-29 22:35:08.208 cannot lock memory, sensitive data may be paged to disk
2014-07-29 22:35:08.442 cannot lock memory, sensitive data may be paged to disk
2014-07-29 22:35:08.882 cannot lock memory, sensitive data may be paged to disk
2014-07-29 22:35:10.059 cannot lock memory, sensitive data may be paged to disk
2014-07-29 22:35:10.497 cannot lock memory, sensitive data may be paged to disk

..然后opensc-pkcs11.dll开始工作：

C:\Program Files (x86)\OpenSC Project\OpenSC\tools>pkcs11-tool.exe --module opensc-pkcs11.dll -M
Using slot 1 with a present token (0x1)
Supported mechanisms:
  SHA-1, digest
  SHA256, digest
  SHA384, digest
  SHA512, digest
  MD5, digest
  RIPEMD160, digest
  GOSTR3411, digest
  RSA-X-509, keySize={512,2048}, hw, decrypt, sign, verify
  RSA-PKCS, keySize={512,2048}, hw, decrypt, sign, verify
  SHA1-RSA-PKCS, keySize={512,2048}, sign, verify
  SHA256-RSA-PKCS, keySize={512,2048}, sign, verify
  MD5-RSA-PKCS, keySize={512,2048}, sign, verify
  RIPEMD160-RSA-PKCS, keySize={512,2048}, sign, verify
  RSA-PKCS-KEY-PAIR-GEN, keySize={512,2048}, generate_key_pair

然而，飞天发布的eps2003csp11.dll停止按预期工作：

C:\Program Files (x86)\OpenSC Project\OpenSC\tools>pkcs11-tool.exe --module eps2003csp11.dll -M
No slot with a token was found.

OpenSC程序崩溃与Windows上的c0000005

TRACE：pkcs11-tool

1 个答案: