I’m trying to make Gemalto dotnet USB smart card token work.
https://www.creaplus.si/images/Gemalto/USB_Shell_Token__transparent_and_black.jpg
I’ve followed this post
https://forums.opensuse.org/showthread.php/522418-OpenSUSE-Tumbleweed-smartcard-issue
this guide:
https://kamarada.github.io/en/2019/06/28/using-smart-cards-on-opensuse-linux/
I added security_chipcard repo, installed tools and the pcsced.service is started
I can see the card in pcsc_scan
pcsc_scan
Using reader plug'n play mechanism
Scanning present readers...
0: Gemalto USB Shell Token V2 (AB5751A5) 00 00
Mon Aug 24 21:46:37 2020
Reader 0: Gemalto USB Shell Token V2 (AB5751A5) 00 00
Event number: 0
Card state: Card inserted,
ATR: 3B 7F 96 00 00 80 31 80 65 B0 85 03 00 EF 12 0F FE 82 90 00
ATR: 3B 7F 96 00 00 80 31 80 65 B0 85 03 00 EF 12 0F FE 82 90 00
+ TS = 3B --> Direct Convention
+ T0 = 7F, Y(1): 0111, K: 15 (historical bytes)
TA(1) = 96 --> Fi=512, Di=32, 16 cycles/ETU
250000 bits/s at 4 MHz, fMax for Fi = 5 MHz => 312500 bits/s
TB(1) = 00 --> VPP is not electrically connected
TC(1) = 00 --> Extra guard time: 0
+ Historical bytes: 80 31 80 65 B0 85 03 00 EF 12 0F FE 82 90 00
Category indicator byte: 80 (compact TLV data object)
Tag: 3, len: 1 (card service data byte)
Card service data byte: 80
- Application selection: by full DF name
- EF.DIR and EF.ATR access services: by GET RECORD(s) command
- Card with MF
Tag: 6, len: 5 (pre-issuing data)
Data: B0 85 03 00 EF
Tag: 1, len: 2 (country code, ISO 3166-1)
Country code: 0F FE
Tag: 8, len: 2 (status indicator)
SW: 9000
Possibly identified card (using /usr/share/pcsc/smartcard_list.txt):
3B 7F 96 00 00 80 31 80 65 B0 85 03 00 EF 12 0F FE 82 90 00
3B 7F .. 00 00 80 31 80 65 B0 .. .. .. .. 12 0F FE 82 90 00
IDPrime MD 8840, 3840, 3810, 840 and 830 Cards T=0
3B 7F 96 00 00 80 31 80 65 B0 85 03 00 EF 12 0F FE 82 90 00
Gemalto IDPrime MD 840 (PKI)
http://www.gemalto.com/Products/IDPrime_MD/index.html
I added root CAs for the certs I have on device in Firefox and loaded library=/usr/lib64/pkcs11/opensc-pkcs11.so
I also tried adding security device to Chromium
https://kamarada.github.io/en/2019/09/26/setting-up-smart-card-authentication-on-google-chrome-chromium/
But when I try logging in websites (gov or bank) I don’t get pin prompt.