Ludovic
Thanks for your response.
If I run your pcsc_scan I get the following output:
PC/SC device scanner
V 1.1.0 (c) 2001-2002, Ludovic Rousseau <[EMAIL PROTECTED]>
PC/SC lite version: 1.1.1
0: GemPC430 0 0
Wed Aug 21 08:16:51 2002
Reader 0 (GemPC430 0 0)
Card state: Card inserted, Unresponsive card,
The program then hangs.
If I run testpcsc from pcsc-lite-1.1.1 I get the following output
MUSCLE PC/SC Lite Test Program
Testing SCardEstablishContext : Command successful.
Testing SCardGetStatusChange
Please insert a working reader : Command successful.
Testing SCardListReaders : Command successful.
Reader 01: GemPC430 0 0
Enter the reader number : 01
Waiting for card insertion
: Command successful.
Testing SCardConnect : Command successful.
Testing SCardStatus : Command successful.
Current Reader Name : GemPC430 0 0
Current Reader State : c
Current Reader Protocol : ffffffff
Current Reader ATR Size : 0
Current Reader ATR Value :
Testing SCardDisconnect : Command successful.
Testing SCardReleaseContext : Command successful.
PC/SC Test Completed Successfully !
I have written a small application which connects to the reader asking for
T=1, i.e.
rv = SCardConnect(hContext, &mszReaders[0], SCARD_SHARE_EXCLUSIVE,
SCARD_PROTOCOL_T1, &hCard, &dwActiveProtocol);
but I get back dwActiveProtocol=0.
I then have still try to send an APDU via
rv = SCardTransmit(hCard, SCARD_PCI_T1, pbSendBuffer, dwSendLength,
&pioRecvPci, pbRecvBuffer, &pcbRecvLength);
and I get a 'Card protocol mismatch' after stringifying rv.
Unfortunately, I only have a T=1 card so I can not check if T=0 works, but
I am pretty sure I have it set everything up right.
Many thanks
Kieron
------------------------------------------------
Dr. Kieron Messer.
Centre for Vision, Speech and Signal Processing,
School of Electronics, Computing and Maths,
University of Surrey,
Guildford,
Surrey, UK.
GU2 7XH
Email: [EMAIL PROTECTED]
Phone: +44 (0)1483 686049
Mob: (07855) 447882
Fax: +44 (0)1483 686031
Web: http://www.ee.surrey.ac.uk/Personal/K.Messer
-------------------------------------------------
On Tue, 20 Aug 2002 [EMAIL PROTECTED] wrote:
> Send Muscle mailing list submissions to
> [EMAIL PROTECTED]
>
> To subscribe or unsubscribe via the World Wide Web, visit
> http://lists.musclecard.com/mailman/listinfo/muscle
> or, via email, send a message with subject or body 'help' to
> [EMAIL PROTECTED]
>
> You can reach the person managing the list at
> [EMAIL PROTECTED]
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of Muscle digest..."
>
>
> Today's Topics:
>
> 1. new list (David Corcoran)
> 2. last test (David Corcoran)
> 3. Re: MUSCLE Stupid Newbie Tricks (Aladdin Etoken Pro & linux smartcard login
> or xcardII) ([EMAIL PROTECTED])
> 4. MUSCLE Auto reply: Vacation ([EMAIL PROTECTED])
> 5. Re: Getting Started with MUSCLE (Muhd. Dawud)
> 6. mailing list (David Corcoran)
> 7. MUSCLE is there any way to load applet on cyberflex access developper 32k
>(anis khai)
> 8. Re: MUSCLE PAM authentication with Cryptoflex trouble (Sean Atkinson)
> 9. MuscleCard applet (David Corcoran)
> 10. GemPlus430 and T=1 (Kieron J Messer)
> 11. Re: GemPlus430 and T=1 (Ludovic Rousseau)
>
> --__--__--
>
> Message: 1
> Date: Mon, 19 Aug 2002 17:24:50 -0700 (PDT)
> From: David Corcoran <[EMAIL PROTECTED]>
> To: [EMAIL PROTECTED]
> Subject: [Muscle] new list
> Reply-To: [EMAIL PROTECTED]
>
> Hello,
>
> You should be able to send to: [EMAIL PROTECTED] as the new mailing
> list. All [EMAIL PROTECTED] traffic will be forwarded to the new list
> so you should have no disruption in mailing list traffic.
>
> You can continue to use that address if you would like.
>
> List members can also chose to get digests of messages and view the
> history of messages. At this time majordomo has been shut down due to the
> problems we were getting queued messages and the majordomo project is no
> longer supported. Mailman is now used and is set to keep traffic small as
> to not fill up your inbox : )
>
> Best Regards,
> Dave
>
>
> --__--__--
>
> Message: 2
> Date: Mon, 19 Aug 2002 18:24:16 -0700 (PDT)
> From: David Corcoran <[EMAIL PROTECTED]>
> To: [EMAIL PROTECTED]
> Subject: [Muscle] last test
> Reply-To: [EMAIL PROTECTED]
>
> Hello,
>
> This will be the last test (I hope)
>
> Dave
>
>
> --__--__--
>
> Message: 3
> To: [EMAIL PROTECTED]
> From: [EMAIL PROTECTED]
> Date: Wed, 7 Aug 2002 18:36:44 +0300
> Subject: [Muscle] Re: MUSCLE Stupid Newbie Tricks (Aladdin Etoken Pro & linux
>smartcard login
> or xcardII)
> Reply-To: [EMAIL PROTECTED]
>
>
> Hi, John
>
> I am working for Aladdin (eToken department). I must say you that neither
> me nor other guys here have NO IDEA what is the source of code placed on
> www.linuxnet.com. It looks like something very preliminary written by
> someone mostly as prove of concept.
>
> eToken Pro is normal smartcard (yes, compliant ISO7816-3/4).
>
> In MS-Windows world - that's right, you may do many fun things with eToken,
> but yes - you should buy software for this. As a minimum, you need RTE
> (which includes drivers, PKCS#11 DLL and CAPI-provider). Different
> applications (like W2K logon) are also available - for fee, of course.
>
> Regarding to Linux: we are working on first version right now. It should
> support OS4 token (also known as eToken Pro) and probably older R2.
> You work with it via SCard-commands (there is library with some helper C++
> classes, but it is just helper - and may be changed in the future).
> No applications are included in 1st version. No other APIs (although
> porting of PKCS#11 is in plans). I don't know smartcard login application
> you speak about so I cannot say whether it is enough or not.
>
> Currently it is in QA. Unfortunately I cannot answer any other questions,
> such as: exact release date, whether it will be for free/for fee etc. - I
> am technical person, not sales. If you are really interesting in it you may
> enter our website and contact support.
>
> Regards
> Vladimir Beker
>
> P.S. If you have more questions, I may try to answer in next hour. Then I
> go to vacation and will be unavailable until end of next week.
>
> Aladdin. Securing the Global Village.
> P.O. Box 11141, Tel Aviv 61110 Israel
> Tel: +972 3 636-2222; Fax: +972 3 537-5796
> Visit us at our Web site! http://www.eAladdin.com
>
> Aladdin supports Idealist. Visit http://www.idealist.org
>
>
>
> On 08/07/2002 09:22:54 AM EST John McCash wrote:
> >
> >Hi,
> > Last year I acquired a free Aladdin Etoken Pro for an eval. Yes it
> >was one of the real ones rather than the duds they give away at tradeshows
> >to show what they look like. I quickly determined that without some
> >proprietary infrastructure software that I wasn't prepared to purchase,
> all
> >I had was a cool keychain, so I relegated it to the drawer where I keep
> >cool, but useless stuff. Recently, I changed employers, and perceiving a
> >possible need, checked back with the musclecard project. My eyes lit up
> when
> >I noticed that someone had posted drivers for the Etoken Pro there. I
> began
> >to consider the (probably over ambitious) possibility that we could use
> >these for the following applications: Linux & Win2K login, Email signing &
> >encryption (Mozilla or Outlook), ssh or IPV6 authentication (to linux),
> and
> >SSL authentication to an Apache web server.
> >
> > I immediately downloaded the driver and PCSC Lite 1.1.1, and
> >installed them. The PCSC Lite test application seems to show that it's
> >functioning correctly, and even communicating properly with the Etoken.
> When
> >I run pcscd with debugging turned on, I do note some sort of problem
> >resetting the smartcard, but it's not clear whether this is significant or
> >not. The real issue that I have comes when I try to run one of the other
> >applications I've downloaded from the musclecard site. First I tried
> >xcardII. It compiles and installs properly, or appears to, but can't see a
> >supported smartcard. Pcscd debug output seems to confirm that it's sending
> >some sort of communication to the Etoken.
> >
> > I get the same sort of problem when I try to install and run the
> >smartcard login application from
> http://home.zhwin.ch/~sri/smartcard_login/.
> >
> >
> > Is there a layer of middleware that I'm still missing, that sits on
> >top of pcsc, and provides additional APIs? Is the functionality I'm trying
> >to use not supported by the Etoken driver on the musclecard site? I've
> been
> >assuming that an ISO-7816 smartcard, is a smartcard, is a smartcard. Is
> this
> >a bad assumption where the Etoken Pro is concerned? I note on their
> website
> >that they only warrant that it's compliant with parts 1-4 of the spec. Is
> >that my problem? Or have I just dome something abysmally stupid and not
> >noticed?
> > Thanks very much in advance for any help
> > John McCash
> >***************************************************************
> >Unix Smart Card Developers - M.U.S.C.L.E.
> >(Movement for the Use of Smart Cards in a Linux Environment)
> >http://www.linuxnet.com/
> >To unsubscribe send an email to [EMAIL PROTECTED] with
> >unsubscribe sclinux
> >***************************************************************
>
> ******************************* IMPORTANT ! **********************************
> The content of this email and any attachments are confidential and intended
> for the named recipient(s) only.
>
> If you have received this email in error please notify the sender immediately.
> Do not disclose the content of this message or make copies.
>
> This email was scanned by eSafe Mail for viruses, vandals and other
> malicious content.
> ******************************************************************************
>
> ***************************************************************
> Unix Smart Card Developers - M.U.S.C.L.E.
> (Movement for the Use of Smart Cards in a Linux Environment)
> http://www.linuxnet.com/
> To unsubscribe send an email to [EMAIL PROTECTED] with
> unsubscribe sclinux
> ***************************************************************
> ***************************************************************
> Unix Smart Card Developers - M.U.S.C.L.E.
> (Movement for the Use of Smart Cards in a Linux Environment)
> http://www.linuxnet.com/
> To unsubscribe send an email to [EMAIL PROTECTED] with
> unsubscribe sclinux
> ***************************************************************
>
> --__--__--
>
> Message: 4
> From: [EMAIL PROTECTED]
> To: [EMAIL PROTECTED]
> Date: Thu, 15 Aug 2002 10:23:35 +0100
> Subject: [Muscle] MUSCLE Auto reply: Vacation
> Reply-To: [EMAIL PROTECTED]
>
> Thank you for your mail, I am on vacation from Friday 9th August returning 19th
>August.
>
> If you have an urgent enquiry please contact:
>
> Russell McCullagh at [EMAIL PROTECTED]
> or Steve Naylor at [EMAIL PROTECTED]
>
> Alternatively please call +44 (0) 13552 72911
>
> Cheers
> Barry
>
> ***************************************************************
> Unix Smart Card Developers - M.U.S.C.L.E.
> (Movement for the Use of Smart Cards in a Linux Environment)
> http://www.linuxnet.com/
> To unsubscribe send an email to [EMAIL PROTECTED] with
> unsubscribe sclinux
> ***************************************************************
>
> --__--__--
>
> Message: 5
> Date: Thu, 15 Aug 2002 16:52:10 +0800
> From: "Muhd. Dawud" <[EMAIL PROTECTED]>
> To: [EMAIL PROTECTED]
> Subject: [Muscle] Re: Getting Started with MUSCLE
> Reply-To: [EMAIL PROTECTED]
>
> Thanks for the reply, I've experimented a little bit further with the
> drivers and applications....
>
> I've tried running the ./tester executable CT_API tester that comes with
> the towitoko 2.0.6 drivers in the /usr/local/towitoko/bin directory. I
> can't seem to
> get it to work no matter what com port i attach the smartcard reader to.
>
> After initializing .. i get the following error message
>
> "Error on port allocation -10"
>
> Any clue as what can cause this error....
>
> ---
>
> I've also tried experimenting with the pcsc lite package... during the
> ./configure stage i get the message saying
>
> "you must link pthread libraries with your app"
>
> what does this actually mean ? But the application proceeds to install.
>
> However after the installation i can't seem to run pcscd in
> /usr/local/pcsc/bin/. It displays the following message
>
> "error while loading shared libraries: libpcsclite-core.so: cannot open
> shared object file: No such file or directory"
>
> I've checked my /etc/reader.conf file and the LIBPATH points to the
> correct directory, which is /usr/local/pcsc/lib and the file is there. I
> can't seem to figure out what the problem is ..
>
> Thanks again for any help... i know that my questions are quite trivial
> compared to other problems u guys seem to have but i have to start
> somewhere....
>
> Best wishes,
> ..dawud
>
> ---
>
>
>
>
> >
> > You could test wether the cards are recogniced by the reader/driver. Have
> > a look in /var/log/messages when pcscd is running. I think that
> > there are some test-tools shipping with the towitoko driver or
> musclecard
> > framework. You could try them out and have a look at the sources by
> stepping
> > through them with a debugger ( use insight or ddd or
> >
> > kgdb ). When you get a feeling how the stuff works you could start
> changing
> > the sources and then write your own small programm.
> >
> > That's the way I try to get into something new, maybe it works also
> > for you.
> >
> >
> > Arno
> >
> >
> >
> >
>
>
>
> ***************************************************************
> Unix Smart Card Developers - M.U.S.C.L.E.
> (Movement for the Use of Smart Cards in a Linux Environment)
> http://www.linuxnet.com/
> To unsubscribe send an email to [EMAIL PROTECTED] with
> unsubscribe sclinux
> ***************************************************************
>
> --__--__--
>
> Message: 6
> Date: Mon, 19 Aug 2002 20:12:49 -0700 (PDT)
> From: David Corcoran <[EMAIL PROTECTED]>
> To: [EMAIL PROTECTED]
> Subject: [Muscle] mailing list
> Reply-To: [EMAIL PROTECTED]
>
> Hello,
>
> It seems some messages are stuck in a queue that have already been sent.
> Also, the new mailman does not seem to be currently configured to handle
> auto-responders. For the meantime I will turn on approve messages which
> means that I have to approve messages before they are posted. I will do
> this until the mail queue is cleared and we fix the auto responder stuff.
> It should only last 2-3 days. For the meantime expect up to 6 hour delays
> on posted messages.
>
> Best Regards,
> Dave
>
>
> --__--__--
>
> Message: 7
> From: anis khai <[EMAIL PROTECTED]>
> To: [EMAIL PROTECTED]
> Date: Thu, 08 Aug 2002 03:36:09 GMT+1
> Subject: [Muscle] MUSCLE is there any way to load applet on cyberflex access
>developper 32k
> Reply-To: [EMAIL PROTECTED]
>
> This message is in MIME format. Since your mail reader does not understand
> this format, some or all of this message may not be legible.
>
> --=_NextPart_Caramail_0229501028770569_ID
> Content-Type: text/plain; charset="us-ascii"
> Content-Transfer-Encoding: 7bit
>
> Hi all,
> did you have any way to load applet on
> cyberflex access developper 32k
> regards ,
> Anis.
> _________________________________________________________
> Envoyez des messages musicaux sur le portable de vos amis
> http://mobile.lycos.fr/mobile/local/sms_musicaux/
>
>
> --=_NextPart_Caramail_0229501028770569_ID--
>
> ***************************************************************
> Unix Smart Card Developers - M.U.S.C.L.E.
> (Movement for the Use of Smart Cards in a Linux Environment)
> http://www.linuxnet.com/
> To unsubscribe send an email to [EMAIL PROTECTED] with
> unsubscribe sclinux
> ***************************************************************
> ***************************************************************
> Unix Smart Card Developers - M.U.S.C.L.E.
> (Movement for the Use of Smart Cards in a Linux Environment)
> http://www.linuxnet.com/
> To unsubscribe send an email to [EMAIL PROTECTED] with
> unsubscribe sclinux
> ***************************************************************
>
> --__--__--
>
> Message: 8
> From: "Sean Atkinson" <[EMAIL PROTECTED]>
> To: [EMAIL PROTECTED]
> Date: Wed, 07 Aug 2002 10:26:45 -0500
> Subject: [Muscle] Re: MUSCLE PAM authentication with Cryptoflex trouble
> Reply-To: [EMAIL PROTECTED]
>
> Hello again,
>
> I've fixed one of my problems with smartcard_netlogin, in case it helps anyone:
>
> > # openssl ca -config SCA.cnf -name Root_CA -in ServerReq.pem -out ServerCert.pem
> > Using configuration from SCA.cnf
> > Enter PEM pass phrase:
> > Check that the request matches the signature
> > Signature ok
> > The Subjects Distinguished Name is as follows
> > domainComponent :PRINTABLE:'netproject'
> > commonName :PRINTABLE:'127.0.0.1'
> > The countryName field needed to be supplied and was missing
> > Error: Can't create Server-Certificate
>
> You need to follow the example LDAP configurations closer than I realised - my
>domainComponent base dn was the problem, it needs to be of the form "o=zhw, c=ch" so
>the countryName is supplied. I'll look into relaxing this constraint some day.
>
>
> David suggested that the GPR400 driver might be causing some trouble with Cryptoflex
>cards. Indeed it was - thanks for the tip! Setting pc_debug=1 for gpr400_cs.o
>reports "invalid procedure byte recvd<7>gpr400_ioctl(0, 0x800b6707)" in
>/var/log/messages (and dmesg) when I try tools from smartcard_login-0.1.1. However
>I've used both my GPC410 and ACF30 to format and use Cryptoflex cards for PAM
>authentication, which is an encouraging step forward allowing me to press on without
>the PCMCIA reader.
>
> Does anyone have any suggestions regarding this incompatibility between the GPR400
>driver and Cryptoflex cards? The pcscd debug output doesn't seem interesting, so
>presumably I need a driver patch. If it's not being actively developed I guess I'll
>have to go deeper into this code than I'd hoped, or else buy a better supported
>reader?
>
> Finally, smartcard_netlogin-0.1/scripts/create_net_login_ldap.pl seems to be having
>trouble starting TLS. Net::LDAP->start_tls reports an error code, but the function
>to lookup it's name is missing. I've used various versions of Net_SSLeay.pm,
>including the suggested 1.08, but none seem to work. Has anybody had any success
>with this?
>
> Thanks,
>
> Sean.
>
> --
> __________________________________________________________
> Sign-up for your own FREE Personalized E-mail at Mail.com
> http://www.mail.com/?sr=signup
>
> Get 4 DVDs for $.49 cents! plus shipping & processing. Click to join.
> http://adfarm.mediaplex.com/ad/ck/990-1736-3566-59
>
> ***************************************************************
> Unix Smart Card Developers - M.U.S.C.L.E.
> (Movement for the Use of Smart Cards in a Linux Environment)
> http://www.linuxnet.com/
> To unsubscribe send an email to [EMAIL PROTECTED] with
> unsubscribe sclinux
> ***************************************************************
> ***************************************************************
> Unix Smart Card Developers - M.U.S.C.L.E.
> (Movement for the Use of Smart Cards in a Linux Environment)
> http://www.linuxnet.com/
> To unsubscribe send an email to [EMAIL PROTECTED] with
> unsubscribe sclinux
> ***************************************************************
>
> --__--__--
>
> Message: 9
> Date: Tue, 20 Aug 2002 08:10:37 -0700 (PDT)
> From: David Corcoran <[EMAIL PROTECTED]>
> To: [EMAIL PROTECTED]
> Subject: [Muscle] MuscleCard applet
> Reply-To: [EMAIL PROTECTED]
>
> On the website is a single package with the MuscleCard class files, CAP
> file for the Schlumberger toolkit and also the GemXpresso RAD files for
> loading it with the Gemplus toolkit.
>
> Also, now is a beta applet loader which using OCF will allow you to load
> the MuscleCard applet to Cyberflex 32k cards using Linux .....
>
> Best Regards,
> Dave
>
>
> --__--__--
>
> Message: 10
> Date: Tue, 20 Aug 2002 17:00:48 +0100 (BST)
> From: Kieron J Messer <[EMAIL PROTECTED]>
> To: [EMAIL PROTECTED]
> Subject: [Muscle] GemPlus430 and T=1
> Reply-To: [EMAIL PROTECTED]
>
> Hi
>
> I have been using MUSCLE PC/SC and the drivers for the GemPlus430 reader
> with the T=1 protocol with little success.
>
> Has anyone successfully used this combination before? If so have you any
> advice.
>
> many thanks for your time
> Kieron
>
> ------------------------------------------------
> Kieron Messer PhD
>
> Centre for Vision, Speech and Signal Processing,
> School of Electronics, Computing and Maths,
> University of Surrey,
> Guildford,
> Surrey, UK.
> GU2 7XH
>
> Email: [EMAIL PROTECTED]
> -------------------------------------------------
>
>
>
>
> --__--__--
>
> Message: 11
> Date: Tue, 20 Aug 2002 22:02:37 +0200
> From: Ludovic Rousseau <[EMAIL PROTECTED]>
> To: [EMAIL PROTECTED]
> Subject: Re: [Muscle] GemPlus430 and T=1
> Reply-To: [EMAIL PROTECTED]
>
> Le mardi 20 ao�t 2002 � 17:00:48, Kieron J Messer a �crit:
> > Hi
>
> Hello,
>
> > I have been using MUSCLE PC/SC and the drivers for the GemPlus430 reader
> > with the T=1 protocol with little success.
>
> Can you be a bit more informative?
> What does work?
> What does NOT work?
>
> Do you get an ATR? (use pcsc_scan [1] for example)
>
> > Has anyone successfully used this combination before? If so have you any
> > advice.
>
> I have no T=1 card so can't make test. I will try to find one T=1 card.
>
> Regards,
>
> [1] http://ludovic.rousseau.free.fr/softwares/pcsc-tools/pcsc-tools.html
>
> --
> Dr. Ludovic Rousseau [EMAIL PROTECTED]
> -- Normaliser Unix c'est comme pasteuriser le Camembert, L.R. --
>
>
> --__--__--
>
> _______________________________________________
> Muscle mailing list
> [EMAIL PROTECTED]
> http://lists.musclecard.com/mailman/listinfo/muscle
>
>
> End of Muscle Digest
>
_______________________________________________
Muscle mailing list
[EMAIL PROTECTED]
http://lists.musclecard.com/mailman/listinfo/muscle
