-
Notifications
You must be signed in to change notification settings - Fork 711
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
OpenSC 0.24.0 broken on Windows 10 and 11 both at 22H2 for some devices #2964
Comments
They simply don't support the CCID extension for PIN entry (and never did). Regarding SCardControl, I think it returns |
It is not clear when this started. I only have Windows 10 22H2 and 11 22H2. What we really need is for someone with older Windows 10 to try 0.24.0 msi packages with a sc-hsm or other card that needs extended APDUs, i.e. larger then the default 255/256 to work. CygWin uses the Windows, winscard.dll so would have the same problem. In my testing with CygWin I do not get the Have also installed VS 2022, with C:\Program Files (x86)\Windows Kits\10\Include\10.0.22621.0 to see the header files. Best I can tell we are doing what is expected, which is slightly different then pcsc-lite on linux. I also do testing using VirtualBox with an Ubuntu 22.4 guest, which has no problems accessing the CygWin is using gcc (GCC) 11.4.0 as is Ubuntu gcc (Ubuntu 11.4.0-1ubuntu1~22.04) 11.4.0 If windows can not give us Right now I have been testing with the sc-hsm, there maybe other drivers that could have the same problem. |
@frankmorgner
this looks correct, as on Windows dwControlCode is 0x0031<<16 | 3600<<2 but it looks like it is not returning anything. |
I think we can close this issue, because
If you want to, you may add data sizes of your reader with a PR extending reader-pcsc.c |
Problem Description
Using
OpenSC-0.24.0_win64.msi
on Windows 11 Pro 22H2 or Windows 10 Pro 22H2 with SC-HSM device fails when usingcertutil -v -scinfo
orpkcs11-tool -O
This appears to be the same problem as #2944 when building with CygWin. And may apply to any device which uses extended APDUs.
May have been introduced in aadd82b or a06abbf where
rv = gpriv->SCardControl(card_handle, CM_IOCTL_GET_FEATURE_REQUEST, NULL, 0, buf, sizeof(buf), &rcount);
does not return any features. With #2944 CygWin the above fails with rv = 0x00000001, in my tests rv = 0 and rcount = 0.@frankmorgner I recall you saying Microsoft has dropped PIN PAD readers. Could they have dropped more then that?
Proposed Resolution
Circumvention: edit C:\Program Files\OpenSC Project\OpenSC\opensc.conf to contain a "reader_driver pcsc" section something like:
Steps to reproduce
certutil -v -scinfo
andpkcs11-tool -O
both fail.Logs
P:6768; T:16636 2023-12-18 08:48:08.977 [opensc-pkcs11] ===================================
P:6768; T:16636 2023-12-18 08:48:08.977 [opensc-pkcs11] OpenSC version: 0.24.0
P:6768; T:16636 2023-12-18 08:48:08.977 [opensc-pkcs11] Configured for opensc-pkcs11 (C:\Program Files\OpenSC Project\OpenSC\tools\pkcs11-tool.exe)
P:6768; T:16636 2023-12-18 08:48:08.977 [opensc-pkcs11] PC/SC options: connect_exclusive=0 disconnect_action=0 transaction_end_action=0 reconnect_action=0 enable_pinpad=1 enable_pace=1
P:6768; T:16636 2023-12-18 08:48:08.978 [opensc-pkcs11] reader-pcsc.c:1399:pcsc_detect_readers: called
P:6768; T:16636 2023-12-18 08:48:08.978 [opensc-pkcs11] Probing PC/SC readers
P:6768; T:16636 2023-12-18 08:48:08.979 [opensc-pkcs11] Establish PC/SC context
P:6768; T:16636 2023-12-18 08:48:08.982 [opensc-pkcs11] Adding new PC/SC reader 'SCM Microsystems SCx35xx v2.0 USB SC Reader 0'
P:6768; T:16636 2023-12-18 08:48:08.982 [opensc-pkcs11] SCM Microsystems SCx35xx v2.0 USB SC Reader 0 check
P:6768; T:16636 2023-12-18 08:48:08.982 [opensc-pkcs11] current state: 0x00010422
P:6768; T:16636 2023-12-18 08:48:08.983 [opensc-pkcs11] previous state: 0x00000000
P:6768; T:16636 2023-12-18 08:48:08.983 [opensc-pkcs11] card present, changed
P:6768; T:16636 2023-12-18 08:48:09.133 [opensc-pkcs11] SCM Microsystems SCx35xx v2.0 USB SC Reader 0:SCardConnect(SHARED): 0x00000000
P:6768; T:16636 2023-12-18 08:48:09.133 [opensc-pkcs11] reader-pcsc.c:1146:detect_reader_features: called
P:6768; T:16636 2023-12-18 08:48:09.133 [opensc-pkcs11] Requesting reader features ...
P:6768; T:16636 2023-12-18 08:48:09.135 [opensc-pkcs11] Assuming that the reader supports sending short length APDUs only
P:6768; T:16636 2023-12-18 08:48:09.135 [opensc-pkcs11] Assuming that the reader supports receiving short length APDUs only
The text was updated successfully, but these errors were encountered: