Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feitian epass2003 is not working with pcsc-lite 1.8.21 after pcscd restart on freebsd 11 #38

Closed
ael92 opened this issue Jun 5, 2018 · 3 comments
Closed

feitian epass2003 is not working with pcsc-lite 1.8.21 after pcscd restart on freebsd 11 #38

ael92 opened this issue Jun 5, 2018 · 3 comments

Comments

@ael92
Copy link

ael92 commented Jun 5, 2018

if a start of the pcscd process occurs during the solicitation of the fetian key, the communication becomes impossible with the Token without a hard reboot.

here is a way to reproduce the bug:

#=======================================================
echo ">>>> run pcscd in debug mode:"
LIBCCID_ifdLogLevel=0x000F pcscd --foreground --debug --apdu --color &
#pcscd -dfa &

if [ "$1" == "init" ]; then
echo ">>>> RAZ token"
#box_init_token -f
/usr/local/bin/pkcs15-init --erase-card
/usr/local/bin/pkcs15-init --create-pkcs15 --profile pkcs15+onepin --use-default-transport-key --label "TOKEN" --pin 0000 --puk 1111
fi

echo ">>>> Generate-key"

pkcs15-init --generate-key rsa/2048 --id 3 --auth-id 1 --key-usage sign,decrypt --label "KEY" --pin 0000 & {
sleep 2; #wait for generate to begin
echo '>>>> kill pcscd !!!!'; pkill pcscd ;
}

sleep 1

echo ">>>> Restart pcscd..."
LIBCCID_ifdLogLevel=0x000F pcscd --foreground --debug --apdu --color &

echo ">>>> Try to get serial"
opensc-tool --serial
sleep 3

echo ">>>> Finally kill pcscd"
pkill pcscd
#=======================================================

traces_pcscd_pb.txt
@LudovicRousseau
Copy link
Owner

From your log:

00000072 APDU: 0C 46 00 00 1D 87 11 01 D0 54 92 FE C6 DB 57 90 4D 2F 90 6D D2 FF 66 4F 8E 08 62 0F A5 94 BC 64 76 A4 00 
00000029 ifdhandler.c:1307:IFDHTransmitToICC() usb:096e/0807:libusb-1.0:0:3:0 (lun: 0)
00000016 commands.c:1623:CmdXfrBlockAPDU_extended() T=0 (extended): 35 bytes
00000049 -> 000000 6F 23 00 00 00 00 28 00 00 00 0C 46 00 00 1D 87 11 01 D0 54 92 FE C6 DB 57 90 4D 2F 90 6D D2 FF 66 4F 8E 08 62 0F A5 94 BC 64 76 A4 00 
00096915 hotplug_libusb.c:403:HPRescanUsbBus() Hotplug stopped
00899197 <- 000000 80 00 00 00 00 00 28 80 03 00 
00000050 commands.c:1552:CCID_Receive() Time extension requested: 0x03
00000017 commands.c:1558:CCID_Receive() New timeout: 9000 ms
00000533 readerfactory.c:1351:RFCleanupReaders() entering cleaning function
00000032 readerfactory.c:1360:RFCleanupReaders() Stopping reader: Feitian ePass2003 00 00
00000018 readerfactory.c:608:RFRemoveReader() UnrefReader() count was: 2
00000031 winscard_svc.c:155:ContextsDeinitialize() remaining threads: 1
00000022 pcscdaemon.c:775:at_exit() cleaning /var/run/pcscd
Failed to generate key: Transmit failed
>>>> Restart pcscd...
>>>> Try to get serial

Why do you stop pcscd?

@ael92
Copy link
Author

ael92 commented Jun 5, 2018

It's the easiest way I've found to reproduce the loss of communication between the Token feitian epass2003 and pcscd, with the error:
ccid_usb.c:849:WriteUSB() write failed (0/3): -7 LIBUSB_ERROR_TIMEOUT
This error appears in a random way, and especially during OS reboots, with the only way to get out of doing an hard reboot server, or unplug and plug the usb key.

@LudovicRousseau
Copy link
Owner

I am not surprised that communication fails after you stop pcscd in the middle of a command to the token. Just don't do that. The way to reset the token is to remove it as you have already found.

There is no problem in the log you sent.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@LudovicRousseau @ael92