Hi,
thanx a lot for your informative mini tutorial :)
I see more clearer now, but ... my problem persists.
Here is my muscleTool output:
--snip--
[EMAIL PROTECTED]:~$ muscleTool
MuscleCard Shell - type help for help
muscle > tokens
1. MuscleCard Applet
muscle > connect 1
muscle [MuscleCard Applet] > listkeys
Key Type Key Num SIZE READ WRITE USE
----------------- ----------- ----- ------ ------ ------
RSA PRIVATE CRT 1 1024 NEVER PIN #1 PIN #1
RSA PUBLIC 2 1024 ALWAYS PIN #1 PIN #1
muscle [MuscleCard Applet] >
--snip--
everything looks ok for me.
Should I reformat the card and start the process from the beginning or
are there any checks I could do prove if this is a libpam issue or
a something happened to my card ??
Ciao
Matthias
Karsten Ohme schrieb:
>Matthias Barmeier wrote:
>
>
>>Hi,
>>
>>PIN 1 I tried this but ... it does not work.
>>I use libpam-muscle package from debian sarge. Any problems known about
>>this ??
>>
>>following my apdu enabled pcscd output.
>>
>>It would be great if you could give me a short lesson in how to read this.
>>
>>
>
>Actually only the lines with SCardTransmit are interesting.
>unfortunately the MCardPlugin has no debug output, this would be much
>easier to read. The next line after a SCardTransmit is the APDU send to
>the card. To understand this you must know the APDU format defined in
>the Card Edge specification. This can be done by looking at the first 4
>or 5 bytes and the following byte. This is specified in the ISO 7816-4
>standard. Everything a piece of cake.
>
>CLA (class)
>INS (instruction)
>P1 (parameter 1)
>P2 (parameter 2)
>
>P3 (Le [length expected ] or Lc [length count] byte)) - only there if
>something is sent, received or both
>
>Data of length Lc - only there if something is sent
>
>Le (Length expected - only there if some data is expected to received,
>if only something is received this is equal to P3)
>
>E.g.:
>
>
>
>>winscard.c:1460:SCardTransmit() Send Protocol: T=0
>>APDU: 00 A4 04 00 06 A0 00 00 00 01 01
>>SW: 90 00
>>
>>
>
>Well, what should I say, you see it clearly, the applet with the AID A0
>00 00 00 01 01 is selected. The AID has length 6 (the 06), which is the
>Lc byte and Le is missing, because nothing is expected. The AID is
>something like the executable file name in this case and is selected for
>execution. 00 is the CLA, A4 the INS, 04 = P1 00 = P2, the parameters
>have a special meaning.
>
>90 00 are two status words. Status word are always returned. Always two
>end the end of the returned data. 90 00 means the world is alright. No
>error.
>
>
>
>>winscard_msg_srv.c:274:SHMProcessEventsContext() correctly processed
>>client: 7
>>winscard.c:1460:SCardTransmit() Send Protocol: T=0
>>APDU: B0 42 01 00 08 30 30 30 30 30 30 30 30
>>SW: 90 00
>>
>>
>
>Your PIN is 0 0 0 0 0 0 0 0 (the 8 30s). 08 is the length. B0 42 01 00
>is the command header for the verify PIN command.
>
>
>
>>winscard_msg_srv.c:274:SHMProcessEventsContext() correctly processed
>>client: 7
>>winscard.c:1460:SCardTransmit() Send Protocol: T=0
>>APDU: B0 36 00 01 05 00 03 01 00 00
>>SW: 9C 10
>>
>>
>
>A ComputeCrypt command. The nonce must be signed by your card, returned
>to the PC and verified. If OK, you can proceed and are logged in.
>
>Bad luck. The return code means: SW_INCORRECT_P1. The P1 parameter is
>the key number which is used for the signing operation. There is a
>problem with the key on the card. Now it is your turn to think about,
>what's the problem with the key. You have followed the README and the
>key number one should be a private RSA key.
>
>Listed in muscleTool with something like this:
>
>RSA PRIVATE CRT 1 1024 NEVER PIN #1 PIN #1
>
>The above error is actually only returned if the key is not there. I
>cannot understand, how this can happen.
>
>Karsten
>
>
>
>>Thanx.
>>
>>--snip--
>>pcscdaemon.c:258:main() pcscd set to foreground with debug send to stderr
>>debuglog.c:236:DebugLogSetCategory() Debug options: APDU
>>readerfactory.c:1096:RFInitializeReader() Attempting startup of Towitoko
>>Chipdrive Reader 00 00.
>>readerfactory.c:938:RFBindFunctions() Loading IFD Handler 2.0
>>pcscdaemon.c:463:main() pcsc-lite 1.2.9-beta8 daemon ready.
>>Card ATR: 3B 75 94 00 00 62 02 02 03 01
>>winscard_msg_srv.c:203:SHMProcessEventsServer() Common channel packet
>>arrival
>>winscard_msg_srv.c:212:SHMProcessEventsServer()
>>SHMProcessCommonChannelRequest detects: 7
>>pcscdaemon.c:150:SVCServiceRunLoop() A new context thread creation is
>>requested: 7
>>winscard_svc.c:136:ContextThread() Thread is started: 7
>>winscard_msg_srv.c:274:SHMProcessEventsContext() correctly processed
>>client: 7
>>winscard_svc.c:178:ContextThread() Client is protocol version 2:0
>>winscard_msg_srv.c:274:SHMProcessEventsContext() correctly processed
>>client: 7
>>winscard.c:160:SCardEstablishContext() Establishing Context: 16977230
>>winscard_msg_srv.c:274:SHMProcessEventsContext() correctly processed
>>client: 7
>>winscard.c:214:SCardConnect() Attempting Connect to Towitoko Chipdrive
>>Reader 00 00 using protocol: 3
>>prothandler.c:129:PHSetProtocol() Attempting PTS to T=0
>>winscard.c:322:SCardConnect() Active Protocol: T=0
>>winscard.c:329:SCardConnect() hCard Identity: 152b2
>>winscard_msg_srv.c:274:SHMProcessEventsContext() correctly processed
>>client: 7
>>winscard_msg_srv.c:274:SHMProcessEventsContext() correctly processed
>>client: 7
>>winscard.c:1460:SCardTransmit() Send Protocol: T=0
>>APDU: 00 A4 04 00 06 A0 00 00 00 01 01
>>SW: 90 00
>>winscard_msg_srv.c:274:SHMProcessEventsContext() correctly processed
>>client: 7
>>winscard.c:1460:SCardTransmit() Send Protocol: T=0
>>APDU: B0 42 01 00 08 30 30 30 30 30 30 30 30
>>SW: 90 00
>>winscard_msg_srv.c:274:SHMProcessEventsContext() correctly processed
>>client: 7
>>winscard.c:1460:SCardTransmit() Send Protocol: T=0
>>APDU: B0 36 00 01 05 00 03 01 00 00
>>SW: 9C 10
>>winscard_msg_srv.c:274:SHMProcessEventsContext() correctly processed
>>client: 7
>>winscard.c:706:SCardDisconnect() Active Contexts: 1
>>winscard.c:765:SCardDisconnect() Reset complete.
>>winscard_msg_srv.c:274:SHMProcessEventsContext() correctly processed
>>client: 7
>>winscard.c:171:SCardReleaseContext() Releasing Context: 16977230
>>winscard_msg_srv.c:262:SHMProcessEventsContext() Client has disappeared: 7
>>winscard_svc.c:149:ContextThread() Client die: 7
>>winscard_msg_srv.c:203:SHMProcessEventsServer() Common channel packet
>>arrival
>>winscard_msg_srv.c:212:SHMProcessEventsServer()
>>SHMProcessCommonChannelRequest detects: 7
>>pcscdaemon.c:150:SVCServiceRunLoop() A new context thread creation is
>>requested: 7
>>winscard_svc.c:136:ContextThread() Thread is started: 7
>>winscard_msg_srv.c:274:SHMProcessEventsContext() correctly processed
>>client: 7
>>winscard_svc.c:178:ContextThread() Client is protocol version 2:0
>>winscard_msg_srv.c:274:SHMProcessEventsContext() correctly processed
>>client: 7
>>winscard.c:160:SCardEstablishContext() Establishing Context: 17005895
>>winscard_msg_srv.c:274:SHMProcessEventsContext() correctly processed
>>client: 7
>>winscard.c:214:SCardConnect() Attempting Connect to Towitoko Chipdrive
>>Reader 00 00 using protocol: 3
>>prothandler.c:129:PHSetProtocol() Attempting PTS to T=0
>>winscard.c:322:SCardConnect() Active Protocol: T=0
>>winscard.c:329:SCardConnect() hCard Identity: 10b47
>>winscard_msg_srv.c:274:SHMProcessEventsContext() correctly processed
>>client: 7
>>winscard_msg_srv.c:274:SHMProcessEventsContext() correctly processed
>>client: 7
>>winscard.c:1460:SCardTransmit() Send Protocol: T=0
>>APDU: 00 A4 04 00 06 A0 00 00 00 01 01
>>SW: 90 00
>>pcscdaemon.c:528:signal_trap() Preparing for suicide
>>hotplug_libusb.c:358:HPEstablishUSBNotifications() Hotplug stopped
>>readerfactory.c:1351:RFCleanupReaders() entering cleaning function
>>readerfactory.c:1360:RFCleanupReaders() Stopping reader: Towitoko
>>Chipdrive Reader 00 00
>>eventhandler.c:120:EHDestroyEventHandler() Stomping thread.
>>eventhandler.c:149:EHDestroyEventHandler() Thread stomped.
>>readerfactory.c:1143:RFUnInitializeReader() Attempting shutdown of
>>Towitoko Chipdrive Reader 00 00.
>>readerfactory.c:1013:RFUnloadReader() Unloading reader driver.
>>pcscdaemon.c:488:at_exit() cleaning /var/run
>>--snip--
>>
>>
>>Ciao
>> Matthias
>>
>>
>>Karsten Ohme schrieb:
>>
>>
>>
>>
>>>Matthias Barmeier wrote:
>>>
>>>
>>>
>>>
>>>
>>>>Hi,
>>>>
>>>>after setting up lib-pam successfully I encounter the
>>>>following problem:
>>>>
>>>>After entering unsername and PIN I always get something
>>>>like a Login failed window from GDM.
>>>>
>>>>My question is: How can I monitor what is happening ??
>>>>
>>>>
>>>>
>>>>
>>>run pcscd -a -d -f, to trace the APDU, the output below does not help.
>>>
>>>
>>>
>>>
>>>
>>>
>>>>When I try login I always get the message "Invalid PIN".
>>>>
>>>>Which PIN do I have to use ?
>>>>
>>>>
>>>>
>>>>
>>>Should be PIN number 1, if this is restricted. You are using MusclePAM
>>>
>>>
>>>from the Debian package or from svn or from ...?
>>
>>
>>
>>>
>>>
>>>
>>>>I tried all three PINs but they are all invalid.
>>>>
>>>>Any hints ?
>>>>
>>>>
>>>>
>>>>
>>>You can enable DEBUG in /etc/musclepam/pam-muscle.conf and then you can
>>>log in at the console and see the individual steps of MusclePAM.
>>>
>>>Karsten
>>>
>>>
>>>
>>>
>>_______________________________________________
>>Muscle mailing list
>>[email protected]
>>http://lists.drizzle.com/mailman/listinfo/muscle
>>
>>
>
>_______________________________________________
>Muscle mailing list
>[email protected]
>http://lists.drizzle.com/mailman/listinfo/muscle
>
>
>
>
_______________________________________________
Muscle mailing list
[email protected]
http://lists.drizzle.com/mailman/listinfo/muscle
