DNIe: Dealing with the electronic ID card

Although this has already been discussed previously , I wanted to give another lap to the issue DNIe under Linux. And what the hell! After spending one day and a half on the subject, I wanted to leave the tutorial available somewhere, if I have to do it again.

When I started I was recommended that I tried on Windows first and then if it works, I should try again on Linux. And although I followed the advice, it turns out I am definitely worse in Windows than in Linux (I ended up having to reinstall Windows again), so I tried again where I felt comfortable and understood what I do.

Basically I have been following this three blog posts:
* DNIe on Ubuntu
*
Linux DNIe Squeeze
*
DNIe on Ubuntu

Check your base libraries

The first thing I discovered is that one should not rely on the libraries from the repositories (I use Debian Squeeze). So I installed bare hands OpenSC and its dependencies.

First thing to do is to download the latest libraries available on the website of dnielectronico, in my case:

$ wget https://www.dnielectronico.es/descargas/PKCS11_para_Sistemas_Unix/opensc-dnie_1.4.8_amd64_lenny.tar 
 $ tar xvf opensc-dnie_1.4.8_amd64_lenny.tar
 $ cd opensc-dnie_1.4.8_amd64_lenny 

And also download the dependencies that are no longer available for Debian Squeeze:

$ wget https://ftp.es.debian.org/debian/pool/main/libt/libtool/libltdl3_1.5.26-4+lenny1_amd64.deb

$ wget https://ftp.es.debian.org/debian/pool/main/o/openct/libopenct1_0.6.14-3_amd64.deb 

Installing the dnie drivers

When this is done, we can begin to install the dnie drivers:

 # dpkg-i *. deb libltdl3

# dpkg-i *. deb libopenct

# dpkg-i *. deb libopensc2

# dpkg-i *. deb opensc_

# apt-get install pinentry-qt4

# dpkg-i *. deb opensc-dnie 

And then we make sure not to screw it in future updates, blocking the libraries:

 # echo libopenct1 hold | dpkg - set-selections

# echo opensc hold | dpkg - set-selections

# echo libopensc2 hold | dpkg - set-selections 

Now comes the nice part, where we see that everything works … or not:

 $ sudo apt-get install pcscd pcsc-tools

$ pcsc_scan

PC / SC device scanner

V 1.4.16 (c) 2001-2009, Ludovic Rousseau

Compiled with PC / SC lite version: 1.5.5

Scanning present readers ...

0: Gemplus GemPC Twin 00 00 
Mon Sep 5 20:01:11 2011
Reader 0: Gemplus GemPC Twin 00 00
Card state: Card inserted,
[...]
Electronic DNI (Spanish electronic ID card)
https://www.dnielectronico.es
$ opensc-tool-l
 [opensc-tool] ctx.c: 367: load_dynamic_driver: dynamic library '/ usr/lib64/libopensc-dnie.so': invalid module version
[Opensc-tool] ctx.c: 467: load_card_drivers: Unable to load 'dnie'.
Readers Known about:
Driver Name Nr
Pcsc 0 00 00 Gemplus Twin GemPC
$ opensc-tool-a
 [opensc-tool] ctx.c: 367: load_dynamic_driver: dynamic library '/ usr/lib64/libopensc-dnie.so': invalid module version
[Opensc-tool] ctx.c: 467: load_card_drivers: Unable to load 'dnie'.
Using With A card reader: Gemplus GemPC Twin 00 00
[Opensc-tool] reader-pcsc.c: 239: pcsc_transmit: unable to transmit
[Opensc-tool] apdu.c: 394: do_single_transmit: unable to transmit APDU
3b: 7f: 38:00:00:00:6 a: 44:4 e: 49:65:10:02:4 c: 34:01:13:03:90:00
Delawar @ FZ18E: ~ $ opensc-tool-n
 [opensc-tool] ctx.c: 367: load_dynamic_driver: dynamic library '/ usr/lib64/libopensc-dnie.so': invalid module version
[Opensc-tool] ctx.c: 467: load_card_drivers: Unable to load 'dnie'.
Using With A card reader: Gemplus GemPC Twin 00 00
[Opensc-tool] reader-pcsc.c: 239: pcsc_transmit: unable to transmit
[Opensc-tool] apdu.c: 394: do_single_transmit: unable to transmit APDU
Unidentified card

Not that easy

At this point, we learn that we have screwed up somewhere in the installation. Now OpenSC is waiting for a version of the module that is not what we have installed. Do not panic, there is a solution . We “only” have to create a module that uses the module installed. But deceiving OpenSC by saying it is another version.

My module version is 1.0.4 and opensc the 0.11.13-1.1, you must change this numbers with yours:

 $ mkdir / tmp / dnie
 $ cd / tmp / dnie
 $ cp / usr/lib/libopensc-dnie.so.1.0.4 libopensc-dnie.so.1.0.4_orig

Edit a file:

 $ vi patch.c
 char * version_maligna = "0.11.13-1.1";
 sc_driver_version char * () {
 version_maligna return;
 }

Patching the library and place it where it belongs:

$ gcc-fpic -g-c-Wall patch.c

$ objcopy - redefine-sym-libopensc sc_driver_version = orig_sc_driver_version libopensc-dnie.so.1.0.4 dnie.so.1.0.4_orig

$ chmod + x libopensc-dnie.so.1.0.4

$ gcc-shared-Wl,-soname, libwrapper-dnie.so libopensc-dnie.so.1.0.4 patch.o-o-dnie.so.1.0.0 libwrapper

$ sudo cp-dnie.so.1.0.0 libwrapper libopensc-dnie.so.1.0.4 / usr / lib

$ sudo ldconfig

Now that we have the library, we make opensc to use it in the file / etc / opensc / opensc.conf, replacing module = / usr / lib / libopensc-dnie.so, by < em> module = / usr / lib / libwrapper-dnie.so, .

Now opensc recognizes our electronic ID:

$ opensc-tool -l Known Readers about: Driver Name Nr Pcsc 0 00 00 Gemplus Twin GemPC

How to use the browser or an application to sign has already been extensively described in other manuals, including the official pages of the electronic ID.

The importance of open data

I’ve been thinking for a while about writing about the importance of open data, but is with the advertising given to Google Map Maker when I really understood the urgency of the matter.

Can you imagine a country with so poor geographic data that even the government doesn’t known which cities and towns do they have? How could they invest on roads, literacy, drinking water or even know that there are people who live there? How could they collect taxes or… count votes in elections!? Can you imagine that a battalion of soldiers use maps that are wrong and establish a base in the nearest country? An absurdity that happened recently on the border between Nicaragua and Costa Rica , which almost causes an international conflict.

Public Data

If institutions publish their data and leave it to free access, anyone can verify the accuracy of the data and may suggest changes or corrections. But while this data remains locked away in dusty archives, the same mistakes will be made over and over again. We are not talking about sensitive data or national security, we discuss data that anyone who is physically present at the location can check whether it is correct.

But it is important not only that the open data is freely available. It is also important to be free in their use. I gain nothing by looking at a map on page X of the Public Service if I can not use the data I am seeing. Seeing the traffic before you leave home can help you, but if my GPS can not use that information to guide me through the best path, it is useless.

Well, someone may say, if the source of the data (for example, the government) provide all services we will be needing, we don’t need a free use of the data. It is not enough. Why? Because open data may have myriad of uses. It is a newly opened market to explore.

Private Map Providers

But, how does it benefit the private map provider? Are we suggesting to have data servers and offer free data without charging for its use? Is it the culture of all free? Of course not, nobody in their right mind would ever ask for this. The private provider can get great benefits releasing their data (others than charging for services based on this data) :

The first benefit is straightforward: if you manage a large community, the cost of renovation and expansion of their data will be greatly reduced. Vendors like TomTom or Nokia begin to understand the importance of these updates from their own users. OpenStreetMap is another clear example and direct the power of users: a source of geographic data that can compete (and win) on Google Maps or Bing created entirely and only by a combination of free data supplied by its users.

The second advantage is perhaps more complex to understand because it is not so straightforward. Ignoring all the classic advantages of freedom, there is still one more: You can always charge for commercial or intensively use. Although it does not benefit you at the beginning, if your data is good enough, sooner or later someone will think of some utility .

Google Map Maker

Some hustlers will have, at this point, if this is not what Google Map Maker does. Do they not collect updates of their users, giving them maps for free and charging only for intensive or commercial? No. To begin with, data isn’t free. This means that if you collaborate with Google Map Maker and update their maps and tomorrow you want to use these data to set up a commercial service, you couldn’t do it without going through a convoluted series of licenses. However, if instead of working with Google Map Maker, you contributed with a free platform for geographic data, you will be able to use this data on your service without problems.

Does this mean that I think Google Map Maker is useless? Neither. Probably someone will find a good use. But whatever the intended use, you can always get at least the same functionality with OpenLayers , OpenStreetMap data and free PNOA and the Cadastre (recently released). So why use an exclusive platform when you can use a free platform much more powerful?

But Google is good, someone may say, it offers free, quality data. Sure, and no doubt. But never forget that Google, beyond any good intentions, remains a business. And finally, the top priority of a company is to generate business to survive. And if Google has to change its way, to get ride of free offerings that are inconsistent with their business, they will. In fact, they already do it .