Difference between revisions of "Smartcard bankId eId"

Line 15: Line 15:
  
  
[[File:EId_setup.jpg|900px|caption|eId]]
+
[[File:EId_setup.jpg|500px|caption|eId]]
  
  

Revision as of 10:56, 7 May 2015


BankId and eId are Swedish identification systems. They are very powerful! :-)

  • eId (= official ID card identity) is managed by Telia and work under Linux
  • BankId is NOT Linux friendly at all... :( This is not supported officially and it's hard to get it up and running...


To use eId you can use the official Telia reader or any other you like, as long as you have the correct drivers.

This article explains how to use:

  1. Handelsbanken card reader
  2. Skatteverket national e-ID
  3. Handelsbanken bankId


eId


Linux drivers

Generic USB

First of all, some BankId card readers are not detected automatically...

To resolve that issue you should install libUSB:

apt-get install libusb-dev libusb++-dev


Generic smart-card readers

For BankId and e-Id to work you need both PCSC and OpenSC drivers.

# PCSC driver
apt-get install pcscd
apt-get install libpcsclite1 libpcsclite-dev 
apt-get install libpcsc-perl pcsc-tools

# OpenSC driver
apt-get install pcscd opensc


Since we're talking security, you need to install the following security packages:

apt-get install libp11-dev pkcs11-data
apt-get install libnss3-tools


Enable smart-card reader pinpad:

vim /etc/opensc/opensc.conf

# Force the setting to true, no matter what
enable_pinpad = true;


Old 32bits libraries

BankId requires some old 32 bits libraries...

apt-get install iceweasel nspluginwrapper lib32z1


Handelsbanken smart-card reader drivers

Get drivers

You need to download the Handelsbanken card reader drivers:


Installation

Install the drivers:

# 64 bits
dpkg -i SHB_Deb_1.0.2_64bit.deb
apt-get install -f



e-Id

Telia is the official provider of the e-ID support.

They have a wonderful website: https://cve.trust.telia.com/TeliaElegNG/


Installation

tar xzvf iidsetup_64.tar.gz
cd iidsetup/
sudo ./install

During the installation, reply yes to the following question:

Should the installation try to install the PKCS#11 module using NSS security toolkit? [Y/n]




BankId (community client)

The official Linux BankId support is terrible! ... That the least we can say!...

Fortunately there is a community client available on http://www.fribid.se/


Add the new BankId repository:

# Edit repositories list
sudo vim /etc/apt/sources.list

# Add the new repository
deb http://ppa.launchpad.net/samuellb/fribid/ubuntu trusty main

# Add repository key
sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys C4A5A0B6

# update list of packages
sudo apt-get update


Install the client

sudo apt-get install fribid



BankId (manual install)

!! Officially BankId is not supported on Linux anymore since 2015-01-01 !!

Following instructions are using a legacy client!


Get BankId package

Get the official Linux installation package: https://install.bankid.com/Download/All


Alternative: Download a copy from 2015-05-07: http://daxiongmao.eu/wiki_upload_files/drivers/BISP-4.19.1.11663.tar.gz


Installation

Requirements


Since BankId client hasn't been updated for a long time, you need to install old GTK packages.

apt-get install overlay-scrollbar-gtk2 unity-gtk2-module
apt-get install gtk2-engines-murrine:i386 libidn11:i386


BankId setup

mkdir BankId
mv BISP-4.19.1.11663.tar.gz BankId/
cd BankId
tar xzvf BISP-4.19.1.11663.tar.gz
cd BISP-4.19.1.11663

sudo ./install.4.XXXXX.sh i


Create symlinks

To use BankId in your browser(s) you need to create a symlink for each of them:


ln -s /usr/local/lib/personal/libplugins.so /usr/lib/firefox-addons/plugins/libplugins.so



Installation is now complete! You must reboot your computer



Check your BankId card

To ensure you can read and use your BankId card, the following tests should work:


1. Ensure the reader can be detected and is working

pcsc_scan -n

You need to plug / unplug the reader and the card. You should see movement in the console!


2. Ensure you can read the card contents

Insert your card and run the following command immediately:

pkcs15-tool -L

You should be able to read certificates.


BankId usage

  • BankId shortcut is available in: /usr/share/applications/personal.desktop
  • BankId application is available at: /usr/local/bin/personal


Sources

BankId Linux community:



Useful articles: