Hello, On Jan 28, 2011, at 12:36 AM, Douglas E. Engert wrote: > The changes are large, and still not ready. The 3 changes I discussed on 1/19 > are > still in this patch. Martin is working on a different version of the "don't > run sc_ctx_detect_reader" part of this patch. > > Martin, any idea when that will be ready? The parts that remove sc_ctx_detect_reader calling when creating a context should be OK with the patch I sent before. There was no feedback from Brian but I assume it would work for him too. Feel free to apply it if you need this or point out any deficiencies with this approach.
Fixing/improving PC/SC driver and adding a different initialization method for minidriver use (with an existing card handle and context handle) requires more work for what I hope to find time sometime next week, but I'm not 100% certain in it. > The microsoft documentation says the intent of the CardDeauthenticate > function is to reset the card.... But this is not being done. Compare to C_Logout() in OpenSC PKCS#11? > The Windows login will load opensc-cardmod.dll and keep it active > for the session. It will call CardAcquireContext multiple times > passing in a new handle. The current code can not recognized that > a card has been withdrawn and a new one inserted during login. > > A side effect is the debug_file from opensc.conf stays open! > > I think this is caused by the sc_context_create, connect, bind > and reading of the certs are only done when CardAcquireContext is called. > I could see CardAcquireContext, do what it does now, then call > sc_pkcs15_unbind, sc_disconnect_card, sc_release_context. This would > reset the card and also close the debug_file and allow for the card to > be removed. > > Then when CardAuthenticatePin or CardAuthenticateEx are called, a new > sc_context_create, sc_connect_card and sc_pkcs15_bind would be done > and the cache would be refreshed with the any new info from > a new card. > > When CardDeauthenticate or CardDeauthenticateEx are called the > sc_pkcs15_unbind, sc_disconnect_card, sc_release_context would be done. > > Since winlogin is not run from a user environment, I copied the 12 OpenSC > dlls to Windows\system32 and changed the registry entry for 80000001 from: > c:\Program Files\opensc\bin\opensc-cardmod32.dll > to > opensc-cardmod32.dll > > There may be a better way, maybe using side by side assemblies, as if > OpenSSL is included, it may want to load other dlls too. A static dll is the recommended way by Microsoft and easiest to manage (polluting system32 with random .dll-s is not nice, as noted by several people) > One ATR and ATRMask in the registry could be used with many opensc > cards. How? With a very relaxed mask? Shouldn't the ATR length still match? You also lose the card name feature (one ATR/mask pair matching several cards)? Cheers, Martin -- @MartinPaljak.net +3725156495 _______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
