-
-
Notifications
You must be signed in to change notification settings - Fork 79
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Problem with Alcor Micro AU9540 #84
Comments
In your test with the "Aktiv Rutoken SCR 3001" you can see in the logs:
The reader does not support the speed requested by the card.
I agree there is a problem with your card and the Alcor Micro AU9540. What I propose is to modify the CCID driver to replace the TA1 value by 0x96 in case a card with TA1=0x97 is inserted in the problematic reader. |
Thank you for highlighting this; that's the other problem, and I assume it can be fixed in the reader itself.
Do I get it right that you will accept such a patch to be merged into the upstream? |
It would be an ugly patch. I am not sure to want it upstream. |
@LudovicRousseau would you consider an XML file with blacklisted features for certain readers? This is not as ugly as proposed quick solution. Any big peace of software dealing with a big number of hardware devices sooner or later would have such a blacklist. Or... a blocklist if you better like the new ethic terms. Maybe even libccid_Info.plist could be extended in a backward compatible manner? |
I already have a mechanism to blacklist readers with bogus firmware. But that would completely disable your Alcor Micro AU9540 reader. Maybe not what you want. |
First of all this is hardcoded list. Second, it will indeed render the card reader completly unusable although it just needs some tweaking. I'm talking about external file which can be edited by system administrator without recompiling libccid. |
The problem is in the reader firmware. |
It looks like the same smart card reader with the same problem is also present in HP Zbook laptop. https://salsa.debian.org/rousseau/CCID/-/issues/13 |
I hope this will be still relevant to anyone looking but the only way I got my Alcor AU9540 SmartCard Reader to work on my Thinkpad T480 (running in Fedora 36) is through the following steps:
Right after that, the integrated smart card reader worked like a charm on Linux. |
Fedora 36 already provides the CCID driver in version 1.5.0 https://fedora.pkgs.org/36/fedora-x86_64/pcsc-lite-ccid-1.5.0-1.fc36.x86_64.rpm.html (with some patches) What version of pcsc-lite-ccid had you installed on your Fedora 36 (before the ccid upgrade)? |
|
@dlee100 it may be a different problem in your case. Can you generate 2 pcscd trace as described in https://ccid.apdu.fr/#support showing the problem in the two cases:
In the 2 case please do the same operations and explain what you do to check if the reader is working or not. |
Apologies if this isn't relevant to the current thread, but I wanted to chime in because myself and my colleagues have HP ZBook laptops with these On the HP ZBook laptops, the reader works fine most of the time. However, once or twice a day our card reader becomes unresponsive and doesn't respond until we restart the pcsc daemon. When I looked into this a year ago I concluded that this was likely occurring when the reader goes into power saving, but I'll admit I'm no expert when it comes to these sort of issues and I could be wrong. Here's what I pulled from the logs:
This screams reader firmware issues to me. In any case, I hope this is helpful. |
Thanks @brandon1024 for the information. In your case the problem may NOT be that the reader does not work fine at the speed requested by the card.
After that the USB communication fails again:
I get many issue reports about the Alcor Micro AU9540 and AU9560 smart card readers. Maybe you understand why these readers are in the "Unsupported or partly supported CCID readers" list :-) |
Thank you. I have a card reader with I have Kubuntu 22.04. I can't find |
You have to install CCID/.github/workflows/build.yml Lines 34 to 45 in 6ba85f0
|
Thanks. I managed to comply and install the new driver. It works OK for me. Me problem was that my government issue two version of ID cards. The old version is working fine with old driver (i.e. less than 1.5.1). But the new one failed to work with that driver. Now, with ccid-1.5.1-3ac3a1a, they both are working fine. |
Thanks for the feedback @zayedalsaidi |
Hello Ludovic, I did the test you mentioned on your blog with the following parameters:
Works for accessing eGoverment services and electronically signing documents. Thus the test was successful. |
Thanks @fsakalos for the feedback. |
I wasn't able to use it, when the card was inserted the eGov application started to behave extremely weird. Sometimes it didn't detect the card at all, sometimes it did detect it, but never loaded the certificates. But it never actually worked as expected before the patch, it was impossible to login to government services. The reader worked well with the old ID card I had until the beginning of December. But the state started to issue new one since 1st Dec 22. |
Hi, I got an old Lenovo T450s and a NASA issued "ID-One PIV 2.4 (P/N 1585242) from IDEMIA" on openSUSE Tumbleweed:
The card did not work. With a new rpmbuild using ccid-1.5.1-3ac3a1a.tar.bz2 the pcsc_scan from above stays the same, but I am able to use it now. Chromium now asks for my PIN and logs in to id.nasa.gov Note that even on Windows the default drivers from Windows Update do not work. You have to install dedicated Alcor drivers offered for various Thinkpads, e.g. https://support.lenovo.com/us/en/downloads/DS539874. A few weeks ago I helped a co-worker to setup his HP Firefly 14 G8 for Windows which did not have HP drivers for the card reader, but the driver above provided by Lenovo made it work. |
Thanks @bnavigator for the feedback. |
Not him, but me and others might use HPs on Linux in the future. Not sure which of those have the AU9540/AU9560. Thank you for your great work! |
Are you planning to make the 3ac3a1a version public and release a new version? |
Yes, the goal is to include the patches (or a modified version) in an official release. But before that, I would like to get more feedback from users. For example in https://salsa.debian.org/rousseau/CCID/-/issues/13 |
CCID 1.5.2 is now available. It will be included in the next Debian version (Debian 12) and in Ubuntu 23.04. I have no visibility for the other GNU/Linux distributions. |
Hello, Ludovic!
I have stumbled upon the problem with the Alcor Micro Corp. AU9540 reader built into Lenovo Thinkpad T14 laptop. I've got a card that provides TA1=97 and supports high frequencies. I am not able to use this card on Linux, because Alcor Micro AU9540 fails to communicate with the card on the baudrate agreed upon during PPS exchange, though the baudrate is reported as supported by the reader. As far as I know the same card works fine with the same reader on Windows (presumably because of some recovery mechanism implemented in Windows driver). The same card also works fine on Linux if TA1=96 is returned by the card. There is almost no doubt the card is alright; it works fine with another reader on the baudrate corresponding to TA1=97.
Could there be any recovery mechanism provided with either PCSC or CCID specification to be implemented in libccid so that the card could work fine with Alcor Micro Corp. AU9540?
I hope the logs attached to the report (see https://gist.github.com/Mironenko/4798626bcf5ea12ce684d89bfb8ec1d1) will help to better understand the problem described:
sudo LIBCCID_ifdLogLevel=0x000F pcscd -afd
with the card returning TA1=97sudo LIBCCID_ifdLogLevel=0x000F pcscd -afd
with the card returning TA1=96sudo LIBCCID_ifdLogLevel=0x000F pcscd -afd
with the card returning TA1=97 on another reader (to prove the higher baudrate is ok for the card).Libccid version used:
Thank you for the software you develop and support.
Best regards,
Eugene Mironenko
The text was updated successfully, but these errors were encountered: