Difference between revisions of "Smartcard bankId eId"

m (WikiFreak moved page Smartcard bankId to Smartcard bankId eId: Add Skatteverket eId setup instructions)
Line 1: Line 1:
 
[[Category:Linux]]
 
[[Category:Linux]]
  
BankId is the Swedish identification system. That's very powerful! :)  
+
BankId and eId are Swedish identification systems. They are very powerful! :-)
  
However BankId is not Linux friendly at all...
+
* ''eId'' (= official ID card identity) is managed by ''Telia'' and work under Linux
 +
* ''BankId'' is NOT Linux friendly at all... :( This is not supported officially and it's hard to get it up and running...
 +
 
 +
 
 +
To use ''eId'' you can use the official ''Telia'' reader or any other you like, as long as you have the correct drivers.
 +
 
 +
This article explains how to use:
 +
# Handelsbanken card reader
 +
# Skatteverket national e-ID
 +
# Handelsbanken bankId
 +
 
 +
 
 +
[[File:EId_setup.jpg|900px|caption|eId]]
  
  
Line 23: Line 35:
 
==Generic smart-card readers==
 
==Generic smart-card readers==
  
For BankId to work you need both PCSC and OpenSC drivers.
+
For BankId and e-Id to work you need both PCSC and OpenSC drivers.
  
 
<syntaxhighlight lang="bash">
 
<syntaxhighlight lang="bash">
Line 33: Line 45:
 
# OpenSC driver
 
# OpenSC driver
 
apt-get install pcscd opensc
 
apt-get install pcscd opensc
 +
</syntaxhighlight>
 +
 +
 +
Since we're talking security, you need to install the following security packages:
  
# Security libraries
+
<syntaxhighlight lang="bash">
 
apt-get install libp11-dev pkcs11-data
 
apt-get install libp11-dev pkcs11-data
 +
apt-get install libnss3-tools
 
</syntaxhighlight>
 
</syntaxhighlight>
 +
  
  
Line 60: Line 78:
  
  
=Handelsbanken drivers=
+
=Handelsbanken smart-card reader drivers=
  
  
Line 82: Line 100:
 
apt-get install -f
 
apt-get install -f
 
</syntaxhighlight>
 
</syntaxhighlight>
 +
 +
 +
 +
 +
=e-Id=
 +
 +
Telia is the official provider of the e-ID support.
 +
 +
They have a wonderful website: https://cve.trust.telia.com/TeliaElegNG/
 +
 +
 +
=Installation=
 +
 +
* Download the latest package from the official website: https://cve.trust.telia.com/TeliaElegNG/NetId
 +
* Extract package and run the installation process:
 +
 +
<syntaxhighlight lang="bash">
 +
tar xzvf iidsetup_64.tar.gz
 +
cd iidsetup/
 +
sudo ./install
 +
</syntaxhighlight>
 +
 +
During the installation, reply '''yes''' to the following question:
 +
 +
<code>Should the installation try to install the PKCS#11 module using NSS security toolkit? [Y/n]</code>
 +
 +
 +
  
  

Revision as of 10:56, 7 May 2015


BankId and eId are Swedish identification systems. They are very powerful! :-)

  • eId (= official ID card identity) is managed by Telia and work under Linux
  • BankId is NOT Linux friendly at all... :( This is not supported officially and it's hard to get it up and running...


To use eId you can use the official Telia reader or any other you like, as long as you have the correct drivers.

This article explains how to use:

  1. Handelsbanken card reader
  2. Skatteverket national e-ID
  3. Handelsbanken bankId


eId


Linux drivers

Generic USB

First of all, some BankId card readers are not detected automatically...

To resolve that issue you should install libUSB:

apt-get install libusb-dev libusb++-dev


Generic smart-card readers

For BankId and e-Id to work you need both PCSC and OpenSC drivers.

# PCSC driver
apt-get install pcscd
apt-get install libpcsclite1 libpcsclite-dev 
apt-get install libpcsc-perl pcsc-tools

# OpenSC driver
apt-get install pcscd opensc


Since we're talking security, you need to install the following security packages:

apt-get install libp11-dev pkcs11-data
apt-get install libnss3-tools


Enable smart-card reader pinpad:

vim /etc/opensc/opensc.conf

# Force the setting to true, no matter what
enable_pinpad = true;


Old 32bits libraries

BankId requires some old 32 bits libraries...

apt-get install iceweasel nspluginwrapper lib32z1


Handelsbanken smart-card reader drivers

Get drivers

You need to download the Handelsbanken card reader drivers:


Installation

Install the drivers:

# 64 bits
dpkg -i SHB_Deb_1.0.2_64bit.deb
apt-get install -f



e-Id

Telia is the official provider of the e-ID support.

They have a wonderful website: https://cve.trust.telia.com/TeliaElegNG/


Installation

tar xzvf iidsetup_64.tar.gz
cd iidsetup/
sudo ./install

During the installation, reply yes to the following question:

Should the installation try to install the PKCS#11 module using NSS security toolkit? [Y/n]




BankId (community client)

The official Linux BankId support is terrible! ... That the least we can say!...

Fortunately there is a community client available on http://www.fribid.se/


Add the new BankId repository:

# Edit repositories list
sudo vim /etc/apt/sources.list

# Add the new repository
deb http://ppa.launchpad.net/samuellb/fribid/ubuntu trusty main

# Add repository key
sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys C4A5A0B6

# update list of packages
sudo apt-get update


Install the client

sudo apt-get install fribid



BankId (manual install)

!! Officially BankId is not supported on Linux anymore since 2015-01-01 !!

Following instructions are using a legacy client!


Get BankId package

Get the official Linux installation package: https://install.bankid.com/Download/All


Alternative: Download a copy from 2015-05-07: http://daxiongmao.eu/wiki_upload_files/drivers/BISP-4.19.1.11663.tar.gz


Installation

Requirements


Since BankId client hasn't been updated for a long time, you need to install old GTK packages.

apt-get install overlay-scrollbar-gtk2 unity-gtk2-module
apt-get install gtk2-engines-murrine:i386 libidn11:i386


BankId setup

mkdir BankId
mv BISP-4.19.1.11663.tar.gz BankId/
cd BankId
tar xzvf BISP-4.19.1.11663.tar.gz
cd BISP-4.19.1.11663

sudo ./install.4.XXXXX.sh i


Create symlinks

To use BankId in your browser(s) you need to create a symlink for each of them:


ln -s /usr/local/lib/personal/libplugins.so /usr/lib/firefox-addons/plugins/libplugins.so



Installation is now complete! You must reboot your computer



Check your BankId card

To ensure you can read and use your BankId card, the following tests should work:


1. Ensure the reader can be detected and is working

pcsc_scan -n

You need to plug / unplug the reader and the card. You should see movement in the console!


2. Ensure you can read the card contents

Insert your card and run the following command immediately:

pkcs15-tool -L

You should be able to read certificates.


BankId usage

  • BankId shortcut is available in: /usr/share/applications/personal.desktop
  • BankId application is available at: /usr/local/bin/personal


Sources

BankId Linux community:



Useful articles: