After some googling I came across a blog entry (look for September 5, 2011) that describes a bug in bash: Bash, when calling “read” with a timeout, will install a signal handler for SIGALRM and longjump out of the signal handler, leaving SIGALRM blocked forever.

The boot-script runs as init (with pid 1) and therefore will leave SIGALRM blocked for all children. My immediate workaround is to read the filesystem to boot in a sub-shell…seems the bug is fixed with newer versions of bash.

• Skype reverse-engineered by Russian geek
• Efim Bushmanov: “Good products can’t stay proprietary for long”
• Russian Reverse Engineer Praises Skype

So we now have alle the pieces of the puzzle to start writing a plugin for Wireshark to give us a tool to further analyze the network traffic produced by Skype. Maybe an open source client is on the horizon now (there’s still a long way to go since we don’t know the binary formats used by the voice and video codecs in Skype, but maybe keyboard-chat is within reach now). Shameless Plug: If you have resources (money or time) to help writing a Wireshark plugin for Skype, please contact me, I’m trying to coordinate efforts in this direction.
That said, there are rumors that (one of) the Skype Certificate-Authority-Key (the Root key in a certificate chain) was leaked. Lets see what comes from this… leaking the key could make communications available to third parties or forge identities. But be aware that the makers of Skype probably already do have the mechanisms in place to listen into the contents of Skype traffic as was first hinted at by the Silver Needle in the Skype presentation and which I’ve mentioned in my talks on Skype (presentation material linked from my home page).
Looks like Microsoft has aquired a piece of software here that perfectly fits its security record so far — this could be helped by letting independent researchers look at the Skype protocol design, but may well uncover further problems down the road. We again see here that secrecy won’t help security in the long run, we may view this as a generalisation of Kerckhoffs’ Principle. Opening the procotol like speculated in the article Skype reverse-engineered by Russian geek is still a very unlikely move by Microsoft, in my view… but I would certainly welcome this.

Initramfs unpacking failed: junk in compressed archive

and later failed with a kernel panic

VFS: Unable to mount root fs on unknown-block(0,0)

Googling for the error message found a blog entry that indicated a missing LILO option “large-memory” — which wasn’t the problem in my case, the option was already present.
So I booted into GRML and installed grub2 instead of LILO. After a reboot, Grub2 ended up in rescue mode with the error message:

error: out of disk.
grub rescue>

I could display the partitions with ls and also get a listing from my root partition but trying to list other directories produces the “out of disk” error again:

grub rescue> ls
(hd0) (hd0,msdos1) (hd1) (hd2) (hd3)
...
grub rescue> ls (hd0,msdos1)/
./ ../ lost+found/ var/ etc/ media/ initrd.img usr/
...

grub rescue> ls (hd0,msdos1)/boot

error: out of disk.

So my diagnosis was that the BIOS of the Soekris box is unable to address the whole (in this case 60GB) harddisk. The install had only worked before because the kernel and the /boot directory where within the BIOS-accessible area on the disk. So there are still BIOSes out there that don’t support large harddisks — I didn’t find out until now what the limit of the Soekris BIOS is. The fix after this diagnosis was easy: Shrink the root filesystem using resize2fs, create a new root partition and copy the shrunken filesystem there, resize2fs to the new partition size. Create a new small /boot partition at the start of the disk and copy the contents of the old /boot directory there. Of course this is only possible with a working rescue system, my rescue system of choice is a GRML netboot setup which enables me to quickly boot any x86-based system that supports network boot.
Lesson learned: For small X86 embedded hardware it still makes sense to have a small /boot partition.

• Money and Dept: A Solution to the Global Crisis (2nd ed. 1990)
• New Money for Healthy Communities 1994
• Money — Understanding and Creating Alternatives to Legal Tender 2001
• The End of Money and the Future of Civilization 2009

Tom then proceed to outline the history of money: It started out with barter exchange, the first form of money was commodity-money, various commodities like tobacco (cigarettes), flour or grain, nails and precious metals like silver and gold (highly valued in small amounts, portable, durable) served as money. What follows is symbolic money: the first bankers were goldsmiths depositing gold for their customers, the receipt from the bank about the deposit of gold served as a place-holder for the gold. When goldsmiths discovered that they could give receipts not only to people depositing gold, but also to people who came to borrow it, credit money (the 3rd form) was born. The last form is credit clearing where we keep only an account for each member and incoming money is added while outgoing money is subtracted. The main problem of credit is interest which exploits people.
Then a discussion where Franz Nahrada claimed that money is always an alienation ensued. Thomas explained that the farther the relationships among people are, the higher the need for money: In the family we don’t need (and don’t want) money. With a close neighbor we expect some reciprocity (we keep in mind if the other person is always taking). For dealing with people you don’t know we need some kind of formalized structure. But he agreed that a closer community relationship is a good goal. It was mentioned that experiences without money (where you lose your wallet and have to find your way without money for some time) can be a lasting positive experience, on the other hand money may cut through relationships…
In the discussion I asked about Toms view about demurrage, a negative interest rate on money. He answered that demurrage is an unnecessary “stamp scrip” (so called because some demurrage currencies use stamps that have to be bought and affixed to the banknotes) first introduced by Silvio Gesell and that it’s unfortunate that demurrage is the only one of his proposals that is generally remembered. Demurrage currencies where successful in a time where any kind of exchange medium would have been successful. The problem demurrage tries to solve, the prevention of hording (mainly of paper currencies) could be solved by reallocating excess money to (new) businesses. I noted that Gesell also had this in mind when he argues that when depositing excess money in a bank for re-lending, he proposes that there should be no demurrage. (I’m still not fully convinced that demurrage might not be a good tool at times) We agreed that a shortcoming of Gesell is that he can only envision a central banking system while Thomas recommends the separation of money and state (I also think this currently is our best option). There is also a blog post on demurrage by Tom.
During the discussion Tom remarked that due to the “Bubble and Bust Cycle” of our current money system, banks always have to find new ways to indept the people. When he studied, there were no student loans. This is a new idea that came up in the 60s. In the 90s we had the dot com bubble and the recent crisis in 2008 added a lot more dept to the private sector. He thinks we reached the end of the line, the dollar will probably be inflated out of existence. One of the outcomes of a hyper-inflation like Weimar in the 1920s is that the middle class gets wiped out. They still have savings but these won’t buy anything. Maybe the plan for after the inflation is a global currency. A question about the timeframe for these predicted events was answered that it’s hard to say, but China already has satisfied its appetite on US government bonds now buying gold. Maybe an America-wide new currency (Amero) or a global currency will be the plan. This would wipe out everyones savings and re-start the game, hopefully not everybody will go along with this.
In the later discussion I asked — when Tom had talked about the Government and the central banks cooperating — that up until now I had seen the private banking as the problem and the state more in the role of a victim. Tom replied that they are cooperating and that this cooperation was introduced in the early days of the Bank of England (when the king needed money for war). In a blog post When will the dollar die? Greco also outlines a facet of that cooperation: “National governments are unique in being able to play this role [of borrower of last resort] because of their collusive arrangement with the banking cartel.”
We also had some discussions on emerging trends, barter exchanges (which aren’t really barter in the original sense of the word). Tom said that if businesses are not involved early on in an alternative currency project, it is bound to fail. Barter exchanges that only involve retailers can work to a certain degree of circulation. But for a robust system, manufacturers, employess are needed to close the circle. Not all suppliers are within a region, so we have to get regions to cooperate. Mistakes that have been made by some local exchanges (which is detrimental to their own business and the whole “industry”) are:

• competition with members (taking the best things for themselves)
• too much credit for themselves (debasing their own currency)

Tom also mentioned Argentina during the discussion which had a strong social currency movement in the early 2000s with dozens of trade exchanges. The system (nearly) collapsed due to mis-managed, my question if this was induced by outsiders was answered that there were accusations of counterfeiting by the central government or other authorities but it is unclear if this is true. When he visited Argentina, there already was counterfeiting in some of the largest exchanges and they didn’t do anything about it. Now they have better safeguards.
The following links are taken from the discussions (no particular order, Tom is not affiliated with any of them as far a I know but knows some of the creators as “cooperatively minded entrepreneurs”), during the discussion I noted that we would need a common protocol among different barter and community currency enterprises, so that not everybody builds his own “walled garden” which was agreed… I’ve written about that problem before when writing about cloud computing.

• Cyclos, a system for manageing lets trading circles
• zacle.com an newly started web-based exchange (this takes ages to load for me with layers upon layers of javascript, that by default isn’t enabled when I surf with noscript, so not a site I’d ever use)
• poiu.com , another trading system
• community exchange network www.ces.org.za
• getsplus.com: a proprietary platform where a lot of money was invested, it’s a cashless trading platform which might eventually become open source
• virtualbarter.net an online barter exchange
• imsbarter.com one of the biggest US barter companies
• www.favors.org a social network by Sergio Lub
• www.livingdirectory.org one of the first social networks with 60.000 people worldwide participating, has levels “identified” (a real person), “sponsor” (trust someone to sponsor other people) and “networker” (full access to the system).

At the end we watched the short film The Essence of Money (4:13) that outlines how money works. In my opinion it’s also a good illustration how a distributed money system — where every player in the game can issue his/her own money — could work. With todays electronic systems we maybe can come up with a solution that is distributed: compare this to file-sharing systems that started out as centralized systems like Napster and evolved into distributed systems like Gnutella today. The film Money as Dept was recommended, there seems to be a sequel, the original seems to be available in several places on the net.

from socket import socket, SOCK_SEQPACKET, AF_UNIX, SOL_SOCKET
from struct import unpack
try :
    # Not implemented in python 2.6, maybe higher
    from socket import SO_PEERCRED
except ImportError :
    SO_PEERCRED = 17 # Linux
sock = socket (AF_UNIX, SOCK_SEQPACKET)
path = '/path/to/socket'
try :
    os.remove (path)
except OSError :
    pass
sock.bind (path)
conn, adr = self.sock.accept ()
ucred = conn.getsockopt (SOL_SOCKET, SO_PEERCRED, 12)
pid, uid, gid = unpack ('LLL', ucred)
if uid... check uid:
    error...
    conn.close ()

data = conn.recv (4096)

Code for client (python):

from socket import socket, SOCK_SEQPACKET, AF_UNIX
s = socket (AF_UNIX, SOCK_SEQPACKET)
s.connect ('path/to/socket')
s.send (.....)
s.close ()

def skype_crc (s, seed = 0xFFFFFFFF) :
    return (crc32 (s, seed ^ 0xFFFFFFFF)) ^ 0xFFFFFFFF

With this crc implementation I’m now able to also decrypt UDP (see updated code) packets. I’ve shown this some days ago at my talk @linuxwochenende, for slides see my events page.

• somebody who wants to blackmail others
• a willing victim to go into the trap

You have the choice: Only use a service which at least provides a way to get your data out. (To be fair, it seems Ning will be offering this according to the blog entry cited above, but the details are still unclear)
But: The data alone is nothing without the software. So you need a service where you can export the data and have open source software available to do something with the extracted data. But the first part is the crucial one: If you have only the data, software can be written…
I’ve written earlier in this blog (and talked @Manchester) about the problem of vendor lock-in in “cloud computing” which is almost the same as “web 2.0 services”, namely software as a service (SAAS). Ning falls into that category as do other social network services like facebook or Xing.
This boils down to what the open cloud initiative has defined as cloud computing openness: For open content you ideally want to go for a free cloud with open APIs, open formats, open source (software), and open data.
Note that facebook is no alternative to ning: People have been thrown off facebook for retrieving their data, cited in these two entries on Henry Story’s blog.
But the choice has to be made by customers (or non-paying users) of these services: Don’t use something where you lock in your data. Or your data might be at risk, or locked in, or dead.
Doc Searls, co-Author of Cluetrain Manifesto and Editor of Linux Journal has written about this in a blog entry called Silos End: “These problems cannot be solved by the companies themselves. Companies make silos. It’s as simple as that. Left to their own devices, that’s what they do. Over and over and over again.”
Ideally there would be a standardized service and hosters agree to use the same software (maybe customized in the appearance) to host services for users. A hosting standard for collaboration software. Starting with the services Facebook, Xing, etc. are offering today. We want an interchange format that everybody can use, export, import.
I think a standard for these types of services will leave us with a network of hosters. This — in comparison to the status quo today — will be a distributed system, maybe a peer-to-peer system, not some big players locking in users. A common standard will hopefully keep the players honest.
To get there: Lets try to evaluate replacement software for Ning. Work on interchange formats. A suitable format for contact information is the Friend of a Friend (FOAF) format endorsed by the W3C, this is part of the semantic web effort.
One software that comes close to this goal might be elgg — I’ve not tried it myself, but there is already a group of Elgg Service Providers which comes close to the goal of a support infrastructure built around an open source project.
I’ve two points of critique, one of them being more personal taste, the other related to the license. The first is that the software is in PHP. The license is the GNU General Public License which offers no protection against a service provider making own modifications to the hosted software and not releasing these modifications as open source software. Details are in my earlier article on the subject. So far, the team of elgg seems to play the game very open. The Source code with (yet) unrelease modifications to the software is freely accessible as a subversion software repository. Furthermore they offer nightly builds for download.
There are many other good points, too: It offers syndication with RSS and JSON, and has an API to interconnect with software running elsewhere — which are the basic ingredients for a distributed system. The API is Representational State Transfer (REST) that happens to be the same mechanism on which the semantic web can be built.
So lets take some steps in the direction of a system built on standardized components where no vendor can lock us in.
When we get there, we’ve left Web 2.0 behind. The future is a distributed system, lets call it Web 3.0.

Vor zwei Wochen habe ich endlich die Amateurfunkprüfung gemacht — ich wollte das eigentlich schon immer tun — und habe jetzt ein Rufzeichen für Österreich. Schon früher habe ich ein bisschen SWL (Kurzwellen-Hören) betrieben, inklusive digitaler Modi wie RTTY (Funkfernschreiben). Jetzt kann ich auch die Sendeseite ausprobieren… Danke an die Metafunk Gruppe im Metalab und an Mike, OE3MZC und Gerhard, OE3GSU für die Unterstützung unserer gemeinsame Vorbereitung.

apt-get install pcscd opensc libengine-pkcs11-openssl

The following NEW packages will be installed:
  libengine-pkcs11-openssl libp11-0

If your smartcard reader is not supported by pcscd, you should install the openct package in addition to the packages above. You can then run pcscd on top of openct.
After installing these programs, we need to configure pcscd to correctly use our reader. Configure /etc/opensc/opensc.conf to use the pcscd method, search for reader_drivers inside the app default stanza of the config file and modify this to:

reader_drivers = pcsc;

For CCID compatible readers without openct installed, the reader should be visible after plugging in the reader into the USB port:

Readers known about:
Nr.    Driver     Name
0      pcsc       Gemplus GemPC Key 00 00

If the card reader is not directly supported by pcscd (but is supported by openct) we need to configure /etc/reader.conf.d/openct, a config file of pcscd, to use OpenCT as the input method, for this the file should contain:

FRIENDLYNAME     "OpenCT"
DEVICENAME       /dev/null
LIBPATH          /usr/lib/openct-ifd.so
CHANNELID        0

after modifying this file on Debian (on non-Debian systems you’ll probably have to modify /etc/reader.conf directly) we have to run:

update-reader.conf

which creates a new /etc/reader.conf. Now stop and restart openct and pcscd in the following order:

/etc/init.d/pcscd stop
/etc/init.d/openct restart
/etc/init.d/pcscd start

When everything went OK, you should see a pcscd based reader using opensc-tool:

opensc-tool -l

Readers known about:
Nr.    Driver     Name
0      pcsc       OpenCT 00 00

Add user to “scard” group in /etc/group and log in again to have the permissions to access the card. This is necessary if you want to use a reader provided by openct without going through pcscd.
If all else fails, you can still use openct without pcscd and set reader_drivers in /etc/opensc/opensc.conf to:

reader_drivers = openct;

Then a reader should be visible like this:

opensc-tool -l

Readers known about:
Nr.    Driver     Name
0      openct     Aladdin eToken PRO 64k
1      openct     OpenCT reader (detached)
2      openct     OpenCT reader (detached)
3      openct     OpenCT reader (detached)
4      openct     OpenCT reader (detached)

Now we should be able to read the card, if there is only one token in the USB port and no other smartcard readers are installed, we can leave out the -r option (for specifying the reader to use):

cardos-info

3b:f2:18:00:02:c1:0a:31:fe:58:c8:09:75
Info : CardOS V4.2B (C) Siemens AG 1994-2005
Chip type: 123
Serial number: 27 37 c0 09 2b 18
Full prom dump:
33 66 00 45 CB CB CB CB 7B FF 27 37 C0 09 2B 18 3f.E....{.'7..+.
00 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00 ................
OS Version: 200.9 (that's CardOS M4.2b)
Current life cycle: 32 (administration)
Security Status of current DF:
Free memory : 1024
ATR Status: 0x0 ROM-ATR
Packages installed:
Ram size: 4, Eeprom size: 32, cpu type: 66, chip config: 63
Free eeprom memory: 27686
System keys: PackageLoadKey (version 0xfe, retries 10)
System keys: StartKey (version 0xff, retries 10)
Path to current DF:

1.   Using Java-based Smartcards
Java-based smartcards need some preparation to work with OpenSC. First you should make sure that you have a card that permits you to upload your own applet (cardlet) to the card. This usually means you need a so-called developer version. Avoid cards that have a proprietary manufacturer applet in read-only memory! You also usually need some development keys to upload a cardlet to the card.
For the following instructions I’ve used the Gemalto TOP IM FIPS CY2 (Cyberflex Access 64k v2) which is an old card that has a Java virtual machine version 1.1 from 2001 (!) but the card is well established and will probably be available for some time.
For the card reader I’ve used the Gemalto USB Shell V2 (GemPC Key), a CCID compatible reader. When buying a new reader, you should use one that follows the CCID specification from the PC/SC Workgroup, this ensures that OpenCT will support it. The card reader I’m using can read ID-000 format cards, also called SIM cards. These are small form-factor cards that are nice for authentication purposes. The Cyberflex card I’m using is available in ID-000. If a card isn’t available in ID-000, chances are you can make it fit using a service similar to this SIM cutting service.
Preparing the card for use with OpenSC is a two-step process. The first step is to obtain the necessary applet for the card. The second is to upload the applet to the card and initialize the card with a default PIN. Note that 2048 bit keys may not work with MCardApplet with the current software versions, see Some notes on key sizes.

1.1.   Obtaining the MCardApplet for your card
I recommend building your own version of the applet from source. Get the source code from svn://svn.debian.org/muscleplugins/trunk/MCardApplet using the source code control tool subversion:

svn co svn://svn.debian.org/muscleplugins/trunk/MCardApplet

I had to make several changes to use Java 1.6 for cross-building for the ancient Java VM that runs on the card. My Cflex.properties looks like this:

CARD_NAME=Cflex
JAVA_BUILD_HOME=/usr
JC_HOME=${basedir}/depends/jc212
API_JAR=${JC_HOME}/lib/api21.jar
API_EXPORT_FILES=${JC_HOME}/api21_export_files
CAPTRANS=${basedir}/depends/jc212/bin/captransf.jar
VM_SOURCE_VERSION=1.2
VM_TARGET_VERSION=1.1
BOOTCLASSPATH=${basedir}/depends/jdk1.2.2/depends/jdk1.2.2/lib

In particular, I’m using the native java environment installed on debian lenny. This lives in /usr. Otherwise you should follow the excellent building instructions in the file INSTALL. Then I’ve modified the javac in the target named compile in the common.xml ant build file as follows:

<target depends="precompile" name="compile">
    <mkdir dir="${OUTPUT_DIR}"/>
    <javac debug="on"
        verbose="on"
        fork="true"
        executable="${JAVA_BUILD_HOME}/bin/javac"
        srcdir="${APPLET_SRC}"
        destdir="${OUTPUT_DIR}"
        target="${VM_TARGET_VERSION}"
        source="${VM_SOURCE_VERSION}">
        <bootclasspath>
            <pathelement location="${BOOTCLASSPATH}"/>
        </bootclasspath>
        <classpath>
            <pathelement location="${API_JAR}"/>
            <pathelement location="."/>
            <pathelement path="${java.class.path}"/>
        </classpath>
    </javac>
</target>

I’ve added the target and source options. These refer to the specific java virtual machine version we’re cross-building for. I’ve also added the bootclasspath to get the classes that are VM specific from the old java development package.
This allows me to cross-build the applet for an old version of the java virtual machine without running the old java development environment which does no longer run on recent versions of Linux due to library incompatibilities.
I also had to change all the backslashes in common.xml to forward slashes. It looks like the java compiler can handle the backslashes in path names, but the other tools cannot.
Before building you should also look through CflexCapabilities.properties for any capabilities you want to enable which are not enabled in the default configuration. I had to enable -DWITH_RSA_2048 and -DWITH_SIGN for example.
For the impatiant I’m offering a pre-compiled version of the applet. I’ll update this text with the build instructions soon.

1.2.   Uploading the applet to the card
As a preparation for this step, you should install the pcsc daemon and the pcsclite development packages on debian:

apt-get install pcscd libpcsclite-dev

For uploading the applet to the card, I recommend using gpshell, a tool from the globalplatform project which depends on the globalplatform library. Unfortunately these are not yet packaged as Debian packages, so obtain the sourcecode to both, gpshell and the globalplatform library . Unpack these packages and build using the normal process:

./configure
make
make install

For the globalplatform library you need the development libraries for libpcsclite, available as the Debian package libpcsclite-dev which should be installed before the ./configure step above.
If you installed the globalplatform library without root privileges, you have to run ldconfig as root to make the new library available in the shared library cache.
Check that your smartcard services are running (see above for how to do that) and verify that you see your card reader (or token) using:

opensc-tool -l

The gpshell tool interfaces to the card via pcscd, so you should see something similar to the following:

Readers known about:
Nr.    Driver     Name
0      pcsc       Gemplus GemPC Key 00 00

Now we can proceed to upload the applet using gpshell. We need the following applet upload gpshell script, put this into the file applet_install.gpshell, note that lines terminated with “\” need to be concatenated, gpshell currently doesn’t understand continuation lines:

enable_trace
establish_context
card_connect
select -AID a000000003000000
open_sc -security 1 -keyind 0 -keyver 0 \
   -mac_key 404142434445464748494a4b4c4d4e4f \
   -enc_key 404142434445464748494a4b4c4d4e4f
delete -AID a00000000101
delete -AID a000000001
delete -AID a0000003230101
delete -AID a00000032301
install_for_load -pkgAID a000000001 -nvCodeLimit 16000 \
   -sdAID a000000003000000
load -file CardEdgeCflex.ijc
install_for_install -instParam 00 -priv 02 -AID a00000000101 \
   -pkgAID a000000001 -instAID a00000000101 -nvDataLimit 32000
card_disconnect
release_context

and run the script with gpshell:

gpshell applet_install.gpshell

Finally we will have to set a default PIN for the card using opensc-tool:

opensc-tool -s 00:A4:04:00:06:A0:00:00:00:01:01 -s \
B0:2A:00:00:38:08:4D:75:73:63:6C:65:30:30:04:01:08:\
30:30:30:30:30:30:30:30:08:30:30:30:30:30:30:30:30:\
05:02:08:30:30:30:30:30:30:30:30:08:30:30:30:30:30:\
30:30:30:00:00:17:70:00:02:01

This sets the PIN to eight zeros, “00000000″. After this procedure the card can be used like a normal PKCS#15 based card with OpenSC.

1.2.1.   Some notes on using the gpshell script with other cards
Many of the magic numbers in the gpshell script depend on the card in use and on the applet that is uploaded. An AID is an applet-ID. The open_sc command has nothing to do with OpenSC, but opens a secure channel to the card. The parameters are the developer keys of the card. In our example, the key is used twice and the hex-bytes denote the string:

@ABCDEFGHIJKLMNO

The AID used for the secure channel is different for other brands of cards. I was able to find out this AID using the following AID gpshell script:

enable_trace
establish_context
card_connect
open_sc -security 1 -keyind 0 -keyver 0 \
   -mac_key 404142434445464748494a4b4c4d4e4f \
   -enc_key 404142434445464748494a4b4c4d4e4f
get_status -element 80
card_disconnect
release_context

This displays for the Gemalto TOP IM FIPS CY2:

List of applets (AID state privileges)
a000000003000000        7       0

The delete commands remove older versions of the applet — there also was a version that had another applet ID — from the card before uploading the new version. Think of the applet living in a package named a000000001 and the applet named a00000000101. The install_for_load command establishes the package inside the a000000003000000 package. Then the install_for_install command installs the applet into non volatile memory after upload.
Note that these numbers are hard-coded into the applet that is being uploaded. This is defined during compile-time and for the MCardApplet this can be configured in the common.xml ant-file. When packaging the compiled java classes, the build process generates .cap files which contain the applet ID in binary format, notably the Applet.cap file contains the AID of the applet.
So if these numbers are changed when building a custom applet, be sure to adapt the upload commands, too. A warning here: All tools that depend on the MCardApplet expect the given AID, so changing the AID would incur a change of all tools or at least their configuration.

2.   OpenVPN Preparation: Step by step process with high-level tool
This section describes how to initialize a token, create a user key and certificate using tools that come with OpenVPN. This was only tested on Linux since the certificate handling scripts for OpenVPN are more advanced on Linux.
I had to patch the pkitool of OpenVPN to use the pkcs15-init command instead of the pkcs11-tool command for initializing the token and creating keys. The reason is that Aladdin limits their tokens to use one key for only one purpose (encryption or signing). The pkcs15-init command allows the specification of the key purpose while the pkcs11-tool command does not.
In the following we assume you are in the easy-rsa directory of OpenVPN, and you have initialized the configuration by reading the configuration in vars. It’s also always a good idea to have a backup of all the OpenVPN keys before starting.
Initializing the token for first use (or re-using an already formatted token) THIS DESTROYS ALL DATA ON THE TOKEN:

./pkitool --pkcs15-init 0 "Thomas Mustermann"

New User PIN.
Please enter User PIN:
Please type again to verify:
Unblock Code for New User PIN (Optional - press return for no PIN).
Please enter User unblocking PIN (PUK):
Please type again to verify:

If the token was already initialized, the procedure would also ask for the old password.
Now we can check that everything worked, by looking at the PINs:

pkcs15-tool --list-pins

Now we can proceed to generate a key pair and a certificate, this takes a long time:

./pkitool --pkcs15 /usr/lib/opensc-pkcs11.so 0 45 "user cert" client27

When everything went OK, we should be able to display keys, public keys, and certificates on the token:

pkcs15-tool --list-keys
pkcs15-tool --list-public-keys
pkcs15-tool --list-certificates

3.   What is needed for Windows
I’ve first installed the latest OpenVPN installer, only this package has the necessary TAP network driver for Linux. Only the TAP driver needs to be installed.
I’ve used a compiled version of OpenVPN that comes bundled with OpenSC from the binary windows repository, I’ve used the latest

opensc-i686-w32-mingw32-007-*.*

files (from Oct 2009). For 64bit Windows (AMD64) the

opensc-x86_64-pc-mingw32-003*.*

files should be used. Everything unpacked from these files should be installed to

C:\Programs\OpenVPN

I’ve also created a configuration directory under that directory called config. In config there are the necessary certificates (root ca) and hash keys and the client.ovpn configuration file.
When using my OpenVPN admin script, Python for windows from python.org and the Python WIN32 package are needed. In addition my rsclib library needs to be installed. For installing rsclib, unpack the .zip file and run:

setup.py install

from a command prompt. The admin script in pyovpn.zip has the same installation procedure.
After installing everything, basic working of the smart card can be verified with the OpenSC tools:

opensc-tool -l
cardos-info
pkcs15-tool --list-certificates

3.1.   Aladdin Token
For using the Aladdin eToken with Windows, the smart card tools of the manufacturer have to be installed — these include the driver for accessing the tokens. I’ve used:

PKIClient-x32-5.00.msi

from

eToken PKI Client 5.0 SP1 Windowsx32.zip

3.2.   Gemalto USB Shell Token V2
The driver for the Gemalto USB Shell Token reader can be downloaded free of charge from the Gemalto website.

4.   Using OpenVPN with SmartCard
OpenVPN uses a PKCS#11 provider library, on Debian this is /usr/lib/opensc-pkcs11.so, to access the smart card. We can show which certificates are on the card by issuing:

openvpn --show-pkcs11-ids /usr/lib/opensc-pkcs11.so

The following objects are available for use.
Each object shown below may be used as parameter to
--pkcs11-id option please remember to use single quote mark.

Certificate
      DN:             /C=AT/ST=AT/L=Weidling/ ...
      Serial:         03
      Serialized id:  OpenSC\x20Project/PKCS\x20 ...

Now OpenVPN can be started with the smartcard. I’m using the following additional config entries for OpenVPN — pkcs11-providers is set to the path of the PKCS#11 provider library:

pkcs11-providers "/usr/lib/opensc-pkcs11.so"
pkcs11-id-management
management 127.0.0.1 4711
management-query-passwords
management-hold

For Windows the provider library becomes (assuming the OpenSC tools where installed to C:ProgramsOpenVPNbin):

pkcs11-providers "C:\\Programs\\OpenVPN\\bin\\opensc-pkcs11.dll"

The other parameters are the same as for other operating systems.
Note also that the askpass option of OpenVPN does not work for querying the token password. In my experiment I had to give the token password to OpenVPN via the management interface using the config option management-query-passwords.
This configuration tells OpenVPN to open the management interface on Port 4711 of localhost. It will ask for the passphrase of the Aladdin token on that port. Additionally we wait (management-hold) until a management program has opened the management interface and told OpenVPN to proceed.
The pkcs11-id-management tells OpenVPN to accept the pkcs11-id to use via the management interface. With a little intelligence in the management interface we can avoid having the pkcs11-id in the configuration file (which would then be different for each user).
OpenVPN can be asked via the management interface about a listing of all pkcs11-ids. If there is only one certificate on the card, we feed the id of the only certificate back to OpenVPN when it asks about the pkcs11-id. This can be done without user intervention.
Unfortunately the feature that OpenVPN can ask the smartcard for all the certificates depends on the Token being present when OpenVPN is started. An alternative is to specify the pkcs11-id` directly in the configuration file. If this is specified, the management interface will ask for the token if it isn’t present when starting OpenVPN. The parameter to the pkcs11-id config parameter is the Serialized id from the command output above.
Since I have not found any graphical user interface programs for OpenVPN that can deal with asking the user for the token passphrase, I’ve written a little command-line python script which can be run on both, Windows and Linux, and will ask the user to insert the token and specify the token passphrase.
OpenVPN can be started with the script by issuing the command:

pyovpn

in a command prompt window. The command will start openvpn and proceed to ask for necessary token passwords.

4.1.   Low-level usage of the management interface
With the management-query-passwords option, OpenVPN will ask the password from the management interface. After starting the OpenVPN daemon and connnecting to the managment interface on the defined port (e.g., using telnet) we see the following message:

>INFO:OpenVPN Management Interface Version 1 -- type 'help' for more info
>PASSWORD:Need 'OpenSC Card (New User) token' password

The password can then be entered using the password command of the managment interface:

password 'OpenSC Card (New User) token' sehrgeheimespasswort

OpenVPN answers with:

SUCCESS: 'OpenSC Card (New User) token' password entered, but not yet verified

5.   Key Revocation
Revoke a certificate:

openssl ca  -config $KEY_CONFIG -revoke keys/02.pem

(re-) generate key revocation list (CRL):

openssl ca  -config $KEY_CONFIG -gencrl -out keys/crl.pem

6.   OpenVPN Preparation: Step by step process with low-level tools
This section describes the low-level tools as used by the patched pkitool from OpenVPN. It does not create a certificate with OpenSSL. This is for documentation purposes only (to understand what goes on behind the scenes) and was my first approach to getting started with OpenSC.

• Erase the card — if you already have a Security Officer PIN installed, you need this for erasing the card:

  
  pkcs15-init -E
  

• Create PKCS#15 structure (option –no-so-pin specified not to create security officer PIN and user PUK) on the card — note that the keys need to be between 6 and 8 characters long and should be numeric if you intend to use a keypad for key-entry (which applies mostly to smartcards not to USB tokens). Also note that if you omit –no-so-pin you should keep the Security Officer PIN secure — only with it can the token be re-formatted:

  
  pkcs15-init --create-pkcs15 --no-so-pin
  

  New Security Officer PIN (Optional - press return for no PIN).
  Please enter Security Officer PIN:
  Please type again to verify:
  Unblock Code for New User PIN (Optional - press return for no PIN).
  Please enter User unblocking PIN (PUK):
  Please type again to verify:
  

• The steps above can be rolled into one command:

  
  pkcs15-init -E --create-pkcs15 --no-so-pin
  

• Add an authentication (user) ID to the token with corresponding PIN and PUK:

  
  pkcs15-init --store-pin --auth-id 01 --label "User Name"
  

  New User PIN.
  Please enter User PIN:
  Please type again to verify:
  Unblock Code for New User PIN (Optional - press return for no PIN).
  Please enter User unblocking PIN (PUK):
  Please type again to verify:
  

• Check that everything worked, by looking at the PINs:

  
  pkcs15-tool --list-pins
  

  PIN [Security Officer PIN]
      Com. Flags: 0x3
      ID        : ff
      Flags     : [0xB2], local, initialized, needs-padding, soPin
      Length    : min_len:6, max_len:8, stored_len:8
      Pad char  : 0x00
      Reference : 1
      Type      : ascii-numeric
      Path      : 3f005015
  
  PIN [User Name]
      Com. Flags: 0x3
      ID        : 01
      Flags     : [0x32], local, initialized, needs-padding
      Length    : min_len:4, max_len:8, stored_len:8
      Pad char  : 0x00
      Reference : 3
      Type      : ascii-numeric
      Path      : 3f005015
  

• Now we can generate an RSA key on the card. Note that we could also import a PKCS-12 key onto the card, but the more secure option is to let the card generate the key (so the key will never be available outside the card). The split-key option actually generates two key-pairs, one for encryption and one for signing. There are some labelling options to attach names to the generated keys but these aren’t needed if you want only one key. You could specify an application profile with the –id option, if this isn’t given the default ID 45 (authentication purposes) is used. The command will ask for the Security officer PIN, then for the User PIN, then again for the Security officer PIN (!):

  
  pkcs15-init --generate-key rsa/2048 --auth-id 01 --split-key
  

  Note that with Java smartcards the keysize 2048 might not work with the current version of the tools, see Some notes on key sizes.

• Now we can verify that the key was actually stored on the card:

  
  pkcs15-tool --list-keys
  

  Private RSA Key [Private Key]
      Com. Flags  : 3
      Usage       : [0x4], sign
      Access Flags: [0x1D], sensitive, alwaysSensitive, neverExtract, local
      ModLength   : 2048
      Key ref     : 16
      Native      : yes
      Path        : 3f005015
      Auth ID     : 01
      ID          : 45
  

• List public keys:

  
  pkcs15-tool --list-public-keys
  

  Public RSA Key [Public Key]
      Com. Flags  : 2
      Usage       : [0x4], sign
      Access Flags: [0x0]
      ModLength   : 2048
      Key ref     : 0
      Native      : no
      Path        : 3f0050153048
      Auth ID     :
      ID          : 45
  

• For the following steps we will need a minimum openssl config file:

  
  openssl_conf            = openssl_init
  
  [ openssl_init ]
  engines                 = engine_section
  
  [ req ]
  default_bits            = 2048
  default_keyfile         = privkey.pem
  distinguished_name      = req_distinguished_name
  
  [ req_distinguished_name ]
  countryName                     = Country Name (2 letter code)
  countryName_default             = AT
  countryName_min                 = 2
  countryName_max                 = 2
  stateOrProvinceName             = State or Province Name (full name)
  stateOrProvinceName_default     = Austria
  localityName                    = Locality Name (eg, city)
  localityName_default            = Vienna
  0.organizationName              = Organization Name (eg, company)
  0.organizationName_default      = example.com
  organizationalUnitName          = Organizational Unit Name (eg, section)
  organizationalUnitName_default  = IT-Department
  commonName                      = Common Name (eg, server\'s hostname)
  commonName_max                  = 64
  emailAddress                    = Email Address
  emailAddress_max                = 40
  
  [ engine_section ]
  pkcs11 = pkcs11_section
  
  [ pkcs11_section ]
  engine_id = pkcs11
  dynamic_path = /usr/lib/engines/engine_pkcs11.so
  MODULE_PATH = /usr/lib/opensc-pkcs11.so
  init = 0
  

• Generate a certificate request (CSR) from this key using openssl:

  
  CLIENT=newclient
  openssl req -days 3650 -new -out $CLIENT.csr -config openssl.cnf \
    -engine pkcs11 -keyform engine -key 0:45 -sha1
  

  This will ask for all the certificate parameters. Alternatively these can be specified using the -subj option of openssl (this is broken into several lines but should be assembled into one line) with the following parameter:

  /C=AT/ST=Austria/L=Vienna/O=example.com/OU=IT-Department
  /CN=$CLIENT/emailAddress=user@example.com
  

• You can view the contents of the CSR using:

  
  openssl req -in $CLIENT.csr -noout -text
  

• Now sign the certificate request with whatever tools you are using. With the pkitool of OpenVPN this would become (after having copied the certificate request newclient.csr to the keys directory):

  
  pkitool --sign newclient
  

  The message about not being able to access newclient.key can be ignored.

• You may want to delete old certificates from the token:

  
  pkcs15-init --delete-objects cert --id=45
  

• Then import the new certificate onto the token:

  
  pkcs15-init --store-certificate newclient.crt --id=45
  

• Reading a certificate from the token and output with openssl:

  
  pkcs15-tool --read-certificate 45 | openssl x509 -noout -text
  

6.1.   Some notes on key sizes
Using 2048 bit keys should generally be possible with newer cards. I had some problems with these key sizes using my Java smartcard, though.
After uploading the applet to the card, it is possible to create a key with either 1024 or 2048 bit. This indicates that the card is able to handle the large keysize. When trying to generate a CSR using openssl the command failed with:

[opensc-pkcs11] iso7816.c:99:iso7816_check_sw: No precise diagnosis
[opensc-pkcs11] muscle.c:745:msc_compute_crypt_process: returning with:
                Card command failed
[opensc-pkcs11] muscle.c:840:msc_compute_crypt: returning with:
                Card command failed
[opensc-pkcs11] card-muscle.c:749:muscle_compute_signature:
                Card signature failed: Card command failed
[opensc-pkcs11] sec.c:53:sc_compute_signature: returning with:
                Card command failed
[opensc-pkcs11] pkcs15-sec.c:273:sc_pkcs15_compute_signature:
                sc_compute_signature() failed: Card command failed
20808:error:0E06D06C:configuration file routines:NCONF_get_string:no value:
conf_lib.c:329:group=req_attributes name=unstructuredName_min
20808:error:0E06D06C:configuration file routines:NCONF_get_string:no value:
conf_lib.c:329:group=req_attributes name=unstructuredName_max
20808:error:8000A005:Vendor defined:PKCS11_rsa_sign:General Error:
p11_ops.c:97:
20808:error:0D0C3006:asn1 encoding routines:ASN1_item_sign:EVP lib:
a_sign.c:276:

Worse, after reinitializing the card in this state with:

pkcs15-init -E --create-pkcs15 --no-so-pin
pkcs15-init --store-pin --auth-id 01 --label "User Name"

and trying to generate a smaller key, this fails with:

pkcs15-init --generate-key rsa/1024 --auth-id 01 --split-key

[pkcs15-init] iso7816.c:102:iso7816_check_sw: Unknown SWs; SW1=9C, SW2=03
[pkcs15-init] muscle.c:557:msc_generate_keypair: returning with:
              Card command failed
[pkcs15-init] card.c:678:sc_card_ctl: returning with:
              Card command failed
[pkcs15-init] pkcs15-muscle.c:272:muscle_generate_key:
              Unable to generate key
[pkcs15-init] pkcs15-muscle.c:273:muscle_generate_key: returning with:
              Card command failed
Failed to generate key: Card command failed

I was able to fix this by re-downloading the applet onto the card. This also happens the other way round, when generating a 1024 bit key first and trying — after reinitializing the card with pkcs15-init — to generate a 2048 bit key.
So I recommend to stick with 1024 bit keys with the current software versions (debian lenny).