Simon Eisenmann wrote: > Am Montag, den 03.12.2007, 10:20 -0600 schrieb Douglas E. Engert: >>> max_send_size = 252; >>> max_recv_size = 252; >>> >>> it does not work (this is the default on ubuntu). When i remove this, i >>> can use schlumberger e-gate 32K with 2048bit key without any problem >>> with my CCID readers. I was not able to get this running with openct as >>> the reader fails when using no APDU size limit. >> What version of OpenSC, and ubuntu opensc? There have been some changes in >> 0.10.3 and 0.10.4 dealing with max_send_size and max_recv_size, and >> commenting out the lines in the opensc.conf. These allow each card driver >> to reduce the sizes if its card can not support the defaults of 255 and 256. >> Thus multiple cards could be used with the same copensc.conf. >> The admin can still set the sizes in opensc.conf, but should not have to do >> it. >> > > I am now using OpenCT 0.6.14 (self compiled) and OpenSC 0.11.4 (also > self compiled) on Ubuntu 7.10. Works all fine with schlumberger 1024bit > keys and a openct max size of 248 (cause i am using ccid readers like > SCR 335 and SPR 532). But generates invalid signatures with 2048 bit > cards when using the limit and gives an error when without limit. > >
If you set the debug flag in opensc.conf to >= 6, reader-openct.c:329 would show the adpu, and might show some more error messages. Can you try with pcsc and openct to what is different? If the card works with pcsc but not openct, there might be a problem with openct. The RSA operations with 2048 require more then one packet to/from the card. May also be pcsc can handle the SCR and SPR readers better. Adding some code in reader-openct.c in openct_error() to print the code might help. I don't have one of these card, or use openct. > [test] ctx.c:705:sc_context_create: =================================== > [test] ctx.c:706:sc_context_create: opensc version: 0.11.4 > winscard_clnt.c:3418:SCardCheckDaemonAvailability() PCSC Not Running > [test] reader-openct.c:89:openct_reader_init: called > [test] sc.c:196:sc_detect_card_presence: called > [test] reader-openct.c:204:openct_reader_detect_card_presence: called > [test] sc.c:201:sc_detect_card_presence: returning with: 1 > [test] card.c:110:sc_connect_card: called > [test] reader-openct.c:228:openct_reader_connect: called > [test] card.c:221:sc_connect_card: card info: Cryptoflex 32K e-gate, 2002, 0x1 > [test] card.c:222:sc_connect_card: returning with: 0 > [test] reader-openct.c:420:openct_reader_lock: called > [test] card.c:532:sc_select_file: called; type=2, path=3f000002 > [test] card.c:554:sc_select_file: returning with: 0 > [test] pkcs15.c:706:sc_pkcs15_bind: called > [test] card.c:532:sc_select_file: called; type=2, path=3f002f00 > [test] card.c:554:sc_select_file: returning with: 0 > [test] card.c:532:sc_select_file: called; type=2, path=3f005015 > [test] card.c:554:sc_select_file: returning with: 0 > [test] card.c:532:sc_select_file: called; type=2, path=3f0050155031 > [test] card.c:554:sc_select_file: returning with: 0 > [test] reader-openct.c:334:openct_reader_transmit: unable to transmit > [test] apdu.c:394:do_single_transmit: unable to transmit APDU > [test] iso7816.c:127:iso7816_read_binary: APDU transmit failed: Generic > reader error > [test] pkcs15-syn.c:98:sc_pkcs15_bind_synthetic: calle > > > >>> >>> Best regards, >>> Simon >>> >>> >>> >>> >>> >>> >>> ------------------------------------------------------------------------ >>> >>> _______________________________________________ >>> opensc-devel mailing list >>> opensc-devel@lists.opensc-project.org >>> http://www.opensc-project.org/mailman/listinfo/opensc-devel -- Douglas E. Engert <[EMAIL PROTECTED]> Argonne National Laboratory 9700 South Cass Avenue Argonne, Illinois 60439 (630) 252-5444 _______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
