it is possible to use estonian identity card in manjaro linux (arch linux based).
install the middleware to access smart cards:
# pacman -S pcsclite pcsc-tools ccid
enable and start pcscd service:
# systemctl enable pcscd# systemctl start pcscd
now you can test your estonian identity card. run "pcsc_scan" application in console. if the card is unresponsive, then try inserting it again:
$ pcsc_scanUsing reader plug'n play mechanismScanning present readers...0: Gemalto PC Twin Reader (24F70B5A) 00 00Sun Jul 12 00:54:32 2020Reader 0: Gemalto PC Twin Reader (24F70B5A) 00 00Event number: 1Card state: Card removed,Sun Jul 12 00:54:39 2020Reader 0: Gemalto PC Twin Reader (24F70B5A) 00 00Event number: 2Card state: Card inserted, Shared Mode, Unresponsive card,Sun Jul 12 00:54:42 2020Reader 0: Gemalto PC Twin Reader (24F70B5A) 00 00Event number: 3Card state: Card removed,Sun Jul 12 00:54:44 2020Reader 0: Gemalto PC Twin Reader (24F70B5A) 00 00Event number: 4Card state: Card inserted, Shared Mode,ATR: 3B FA 18 00 00 80 31 FE 45 FE 65 49 44 20 2F 20 50 4B 49 03ATR: 3B FA 18 00 00 80 31 FE 45 FE 65 49 44 20 2F 20 50 4B 49 03+ TS = 3B --> Direct Convention+ T0 = FA, Y(1): 1111, K: 10 (historical bytes)TA(1) = 18 --> Fi=372, Di=12, 31 cycles/ETU129032 bits/s at 4 MHz, fMax for Fi = 5 MHz => 161290 bits/sTB(1) = 00 --> VPP is not electrically connectedTC(1) = 00 --> Extra guard time: 0TD(1) = 80 --> Y(i+1) = 1000, Protocol T = 0-----TD(2) = 31 --> Y(i+1) = 0011, Protocol T = 1-----TA(3) = FE --> IFSC: 254TB(3) = 45 --> Block Waiting Integer: 4 - Character Waiting Integer: 5+ Historical bytes: FE 65 49 44 20 2F 20 50 4B 49Category indicator byte: FE (proprietary format)+ TCK = 03 (correct checksum)Possibly identified card (using /usr/share/pcsc/smartcard_list.txt):3B FA 18 00 00 80 31 FE 45 FE 65 49 44 20 2F 20 50 4B 49 03Estonian Identity Card (EstEID v3.5 (10.2014) cold) (eID)http://id.ee/
install some estonian goverment packages from AUR:
$ yay -S qdigidoc4 esteidpkcs11loader chrome-token-signing
you now have software to sign documents digitally, it can also display some data of the inserted card, like: name, expiration date, personal code. run the application by typing "qdigidoc4" in console:
$ qdigidoc4qt5ct: using qt5ct pluginChache configuration serial: 108Bundled configuration serial: 108QObject: Cannot create children for a parent that is in a different thread.(Parent is QSigner(0x5623ffcd52c0), parent's thread is QThread(0x5623ff94c8b0), current thread is QSigner(0x5623ffcd52c0)Loading: "opensc-pkcs11.so"2020-07-11T22:15:20Z D [Connect.cpp:50] - Connecting to URL: https://ec.europa.eu/tools/lotl/eu-lotl.xml2020-07-11T22:15:20Z D [Connect.cpp:72] - Connecting to Host: ec.europa.eu:443 timeout: 10qdigidoc4.MainWindow: noReader_NoCard_Loading_Event 3qt5ct: palette support is disabledqt5ct: custom style sheet is disabled2020-07-11T22:15:20Z D [TSL.cpp:573] - Remote ETag: "5c254-5aa15d6b87040"2020-07-11T22:15:20Z D [TSL.cpp:579] - Cached ETag: "5c254-5aa15d6b87040"2020-07-11T22:15:20Z D [TSL.cpp:248] - TSL eu-lotl.xml (269) signature is valid2020-07-11T22:15:20Z D [Connect.cpp:50] - Connecting to URL: https://sr.riik.ee/tsl/estonian-tsl.xml2020-07-11T22:15:20Z D [Connect.cpp:72] - Connecting to Host: sr.riik.ee:443 timeout: 102020-07-11T22:15:20Z D [TSL.cpp:573] - Remote ETag: "4592b-5a2aec8e4cb80-gzip"2020-07-11T22:15:20Z D [TSL.cpp:579] - Cached ETag: "4592b-5a2aec8e4cb80-gzip"2020-07-11T22:15:20Z D [TSL.cpp:248] - TSL EE.xml (49) signature is valid2020-07-11T22:15:20Z I [X509CertStore.cpp:84] - Loaded 46 certificates into TSL certificate store.TSL loading finished"OPENSC PROJECT (2.20)""OPENSC SMARTCARD FRAMEWORK (0.20)"Flags: 0qdigidoc4.QSigner: Disconnected from card "loading"qdigidoc4.QSigner: Read sign cert "*********"qdigidoc4.QSigner: Cert is empty: falseqdigidoc4.QSmartCard: Pollingqdigidoc4.QSmartCard: Read "Gemalto PC Twin Reader (24F70B5A) 00 00"qdigidoc4.MainWindow: Select card "*********"qdigidoc4.QSmartCard: Read card "*********" infoqdigidoc4.QSmartCard: Pollingqdigidoc4.QSmartCard: Pollingqdigidoc4.QSmartCard: Pollingqdigidoc4.QSmartCard: Pollingqdigidoc4.QSmartCard: Pollingqdigidoc4.QSmartCard: Pollingqdigidoc4.QSmartCard: Pollingqdigidoc4.QSmartCard: Pollingqdigidoc4.QSmartCard: Pollingqdigidoc4.QSmartCard: Pollingqdigidoc4.QSmartCard: Pollingqdigidoc4.QSmartCard: Pollingqdigidoc4.QSmartCard: Pollingqdigidoc4.QSmartCard: Pollingqdigidoc4.QSmartCard: Pollingqdigidoc4.QSmartCard: Pollingqdigidoc4.QSmartCard: Polling
install estonian goverment addons on firefox. addon names are "PKCS11 loader" (Configures Firefox to use PKCS11 for authentication) and "Token signing" (Use your eID smart card on the web). author is "Raul Metsma".
now you have access to banks, you can make payments, enter patients portal (https://digilugu.ee/), and use other electronic services of estonian goverment (https://eesti.ee/).
Comments