Comments (7)
does dlopen on macOS' pcsc implementation yield NULL when requesting SCardControl or do they implement it by always returning an error? In the former case, this may be the reason for #2788 ...
They return SCARD_E_NOT_TRANSACTED (https://blog.apdu.fr/posts/2023/09/macos-sonoma-bug-scardcontrol-returns-scard_e_not_transacted/)
from opensc.
For the record apple has switched to their CCID driver and they did not support SCardControl in 14.0/14.1.
https://blog.apdu.fr/posts/2023/11/apple-own-ccid-driver-in-sonoma/
In the 14.2 they switched back to @LudovicRousseau CCID driver.
In 14.3 they implemented SCardControl in some extent and switched back to their own CCID implementation.
Least PinPAD is working but I am not sure about APDU size parameters. (@LudovicRousseau maybe you can verify this also their driver misidentifies some card readers as pinpads #1438)
from opensc.
does dlopen on macOS' pcsc implementation yield NULL when requesting SCardControl or do they implement it by always returning an error? In the former case, this may be the reason for #2788 ...
from opensc.
then this is not related to the segfault, thanks
from opensc.
@LudovicRousseau
OpenSC is over 20 years old. Back then there where readers that did not ever support max sizes of 255/256.
Today are there any readers that do not support extended APDU?
If we can not get PCSCv2_PART10_PROPERTY_dwMaxAPDUDataSize
should default be the reader can support something like at least 1023/1024?
Is there any reader command to get the max size or at least show if extend is supported?
Could a mod be added to apdu.c that if card supports extended but a command requesting extended fails because the reader does not support extended, apdu.c or the card driver could reset the sizes and try again without extended?
from opensc.
In 14.3 they implemented SCardControl in some extent and switched back to their own CCID implementation. Least PinPAD is working but I am not sure about APDU size parameters.
Apple made some progress in the SCardControl()
implementation of their own CCID driver. But it is not yet ready.
See https://blog.apdu.fr/posts/2024/02/macos-sonoma-bug-scardcontrol-part-2/
from opensc.
Today are there any readers that do not support extended APDU?
Yes. See https://ccid.apdu.fr/select_readers/?dwFeatures=13
A lot of them are tokens and nor readers so you can't use them with a smart card.
I would say most of these readers are "old" but may still be used in the field.
If we can not get
PCSCv2_PART10_PROPERTY_dwMaxAPDUDataSize
should default be the reader can support something like at least 1023/1024?
I think that is a safe choice.
It will fail with non-extended APDU readers if the card requires extended APDU. But this combination would fail whatever you do.
Is there any reader command to get the max size or at least show if extend is supported?
Not at the PC/SC level except PCSCv2_PART10_PROPERTY_dwMaxAPDUDataSize
.
Could a mod be added to apdu.c that if card supports extended but a command requesting extended fails because the reader does not support extended, apdu.c or the card driver could reset the sizes and try again without extended?
You can try something like that.
from opensc.
Related Issues (20)
- Compiling on Windows ignores CNGSDK_INCL_DIR and CPDK_INCL_DIR env. variables values HOT 2
- Problems with test scripts HOT 9
- Reselection of DF after failure in `sc_pkcs15_decipher` function HOT 5
- PIN change fails with CKR_PIN_LEN_RANGE because current PIN is too long HOT 10
- RFE: tools add --module-init arg for non-standard NSS softokn configDir HOT 5
- ActivIdentity Activkey_Sim 00 00 HOT 3
- CI: Check if refresh in documentation is needed
- doc: Python wrapper HOT 6
- pkcs11-tool: return value is 0 when signature verification fails HOT 3
- PKCS15 framework influence PKCS11 interface HOT 3
- docbook-utf8.xsl missing from release archive HOT 1
- Probable Reasons For CKR_GENERAL_ERROR From C_Login HOT 4
- SC-HSM: Support for storing of ECDSA keys HOT 5
- C_FindObjects does not find keys generated by C_GenerateKeyPair without reinserting HOT 3
- In pkcs11-tool CKA_DERIVE is not set for write-object and keygen HOT 2
- pkcs15-crypt signing fails on release 0.25.0 w/ a YubiKey-bound RSA key HOT 2
- When configuring the ECCP256 algorithm certificate, XShell directly crashes when using PKCS11 for authentication connection. HOT 16
- Building without openpace but with openssl on Windows HOT 2
- Outlook not able to decrypt email - part 2 HOT 6
- Move _ec_curve_info from pkcs11-tool.c to pkcs11.h HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from opensc.