Guys - I am strugling to run my eID card - Now Certisign asks me to install a .deb our .rpm package - Is it possible to buitd it on NixOS ?
You can repackage them, similar to what’s done with steam, and other binaries.
It’s probably not a copy&paste-able solution though, but will need some evolving.
Look for example at skypeforlinux or other binary packages:
Well, I am trying a lot of stuff. This is my set-up:
services.pcscd.enable = true;
services.pcscd.plugins = with pkgs;
[ pcsclite
opensc # Encryption
openssl
pcsctools
libusb
libusb1
ccid
pcsc-cyberjack
encfs
cryptsetup # Encrypted USB sticks etc
pinentry # GPG password entry from the terminal
gnupg # Encryption key management
gnupg1orig
pcmciaUtils # PCMCIA Tools
acsccid # SmartCard Apps
glibc # Para o WebSigner Certsign
chrome-token-signing # Chrome and Firefox extension for signing with your eID on the web
];
The card reader is OK - But it miss-recognize the eID card:
Using reader plug'n play mechanism
Scanning present readers...
0: CASTLES EZCCID Smart Card Reader 00 00
Tue May 19 15:12:48 2020
Reader 0: CASTLES EZCCID Smart Card Reader 00 00
Event number: 0
Card state: Card inserted,
ATR: 3B FD 18 00 00 80 31 FE 45 73 66 74 65 2D 63 64 30 38 30 2D 6E 66 DC
ATR: 3B FD 18 00 00 80 31 FE 45 73 66 74 65 2D 63 64 30 38 30 2D 6E 66 DC
+ TS = 3B --> Direct Convention
+ T0 = FD, Y(1): 1111, K: 13 (historical bytes)
TA(1) = 18 --> Fi=372, Di=12, 31 cycles/ETU
129032 bits/s at 4 MHz, fMax for Fi = 5 MHz => 161290 bits/s
TB(1) = 00 --> VPP is not electrically connected
TC(1) = 00 --> Extra guard time: 0
TD(1) = 80 --> Y(i+1) = 1000, Protocol T = 0
-----
TD(2) = 31 --> Y(i+1) = 0011, Protocol T = 1
-----
TA(3) = FE --> IFSC: 254
TB(3) = 45 --> Block Waiting Integer: 4 - Character Waiting Integer: 5
+ Historical bytes: 73 66 74 65 2D 63 64 30 38 30 2D 6E 66
Category indicator byte: 73 (proprietary format)
+ TCK = DC (correct checksum)
Possibly identified card (using /home/wjjunyor/.cache/smartcard_list.txt):
3B FD 18 00 00 80 31 FE 45 73 66 74 65 2D 63 64 30 38 30 2D 6E 66 DC
G&D Sm@Cafe 3.1 (eID)
My card is a Brazilian eCPF, not a G&D Sm@Cafe 3.1 - Also, I have to integrate it to be recognized by the browser app.
Good afternoon @tohl2 - I am using Firefox and Chromium.
The objective is document signing, and governamental portals login.
On Windows, I used to use a extension provided by one of my certificates issuers - Certisign [https://chrome.google.com/webstore/detail/acfifjfajpekbmhmjppnmmjgmhjkildl] - This Extension uses a packages whom recognizes the certificate and allow the use of it by the webpage for document signing or login authentication.
The packages this extension uses are available on https://get.websignerplugin.com/.
Examples of sites I use whom uses this set-up of tools, apps, extensions and etc. are:
I guess it is all.
In the end, I’ve discovered my digital certificate wasn’t linux compatible. So I couldn’t conclude this set-up! In the next renewall, I’ll take care buying a new and compatible card.