Comments (4)
@frankmorgner I recall you saying Microsoft has dropped PIN PAD readers.
They simply don't support the CCID extension for PIN entry (and never did).
Regarding SCardControl, I think it returns 0x00000001
if one of the input parameters are bad (see LudovicRousseau/pyscard#19 for a similar issue) - in this case I assume it doesn't know GET_FEATURE_REQUEST
. But as said before, we need more analyis, maybe with pyscard...
from opensc.
It is not clear when this started. I only have Windows 10 22H2 and 11 22H2.
What we really need is for someone with older Windows 10 to try 0.24.0 msi packages with a sc-hsm or other card that needs extended APDUs, i.e. larger then the default 255/256 to work.
CygWin uses the Windows, winscard.dll so would have the same problem. In my testing with CygWin I do not get the rv=0x00000001
I get rv = 0
and rcount
is not changed. (I have tried setting it to 0, 256 and sizeof(buf)
with same results.
also casting some parameters DWORD. and fiddling with the command code.
Have also installed VS 2022, with C:\Program Files (x86)\Windows Kits\10\Include\10.0.22621.0 to see the header files. Best I can tell we are doing what is expected, which is slightly different then pcsc-lite on linux.
I also do testing using VirtualBox with an Ubuntu 22.4 guest, which has no problems accessing the sc-hsm
token on the windows 11 host. So the token and its reader should return the results. (note that the VM access it in exclusive mode. Have not tried doing that the CygWin or the msi install.
CygWin is using gcc (GCC) 11.4.0 as is Ubuntu gcc (Ubuntu 11.4.0-1ubuntu1~22.04) 11.4.0
If windows can not give us dwMaxAPDUDataSize
from a reader that can return it we need to find a better way to allow a driver that depends on extended APDUs to not be stuck with using the default 255/256.
Right now I have been testing with the sc-hsm, there maybe other drivers that could have the same problem.
from opensc.
@frankmorgner
@LudovicRousseau
Using tip from LudovicRousseau/pyscard#19 with x86 version of pkcs11-tool -O
shows:
2023-12-20 10:21:36.639 (Thread = 0x000054E0) - SCardControl( hCard = 0xEA010000 on reader "SCM Microsystems SCx35xx v2.0 USB SC Reader 0", dwControlCode = 0x00313520, lpOutBuffer = 0x00F3F298, nOutBufferSize = 256, lpBytesReturned = 0x00F3F284 ):
Input command =
2023-12-20 10:21:36.649 (Thread = 0x000054E0) - SCardControl Response =
Duration = 1 ms
this looks correct, as on Windows dwControlCode is 0x0031<<16 | 3600<<2 but it looks like it is not returning anything.
from opensc.
I think we can close this issue, because
- we verified that the windows driver doesnt support the request for the query of max data and we can't fix that
- we are currently already working around this where needed by assuming the reader supports the minimum data sizes required (e.g. in sc-hsm)
- we have code snippets to set the data sizes based on the reader name
OpenSC/src/libopensc/reader-pcsc.c
Lines 1282 to 1286 in 773fcc6
If you want to, you may add data sizes of your reader with a PR extending reader-pcsc.c
from opensc.
Related Issues (20)
- Error: Could not add card "/usr/local/lib/opensc-pkcs11-local.so": agent refused operation HOT 2
- New epass2003 token fails to initialize with error `Failed to create PKCS #15 meta structure: Card command failed` HOT 23
- Update Links in README.md before making a release HOT 2
- Building eOI (Slovenian eID) on ubuntu 22.04 HOT 12
- Compiling on Windows ignores CNGSDK_INCL_DIR and CPDK_INCL_DIR env. variables values HOT 2
- Problems with test scripts HOT 9
- Reselection of DF after failure in `sc_pkcs15_decipher` function HOT 5
- PIN change fails with CKR_PIN_LEN_RANGE because current PIN is too long HOT 10
- RFE: tools add --module-init arg for non-standard NSS softokn configDir HOT 5
- ActivIdentity Activkey_Sim 00 00 HOT 3
- CI: Check if refresh in documentation is needed
- doc: Python wrapper HOT 6
- pkcs11-tool: return value is 0 when signature verification fails HOT 3
- PKCS15 framework influence PKCS11 interface HOT 3
- docbook-utf8.xsl missing from release archive HOT 1
- Probable Reasons For CKR_GENERAL_ERROR From C_Login HOT 4
- SC-HSM: Support for storing of ECDSA keys HOT 5
- C_FindObjects does not find keys generated by C_GenerateKeyPair without reinserting HOT 3
- In pkcs11-tool CKA_DERIVE is not set for write-object and keygen HOT 2
- pkcs15-crypt signing fails on release 0.25.0 w/ a YubiKey-bound RSA key HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from opensc.