On Wed, May 04, 2005 at 08:55:25AM -0500, Todd Denniston wrote:
> I agree the documentation is a bit confusing, and mostly geared to using
> just the muscle applet. I do not see you mention getting a token
> driver/interpreter/bundle/plugin (not sure what the folks around here realy
> call it) for the CAC card.
Right, the bundle/plugin part is what I was missing. It seems to be
left out of most of the documentation I've found, and so I didn't really
understand its role. However, now that I know that's what I need, I've
found the past discussion and made a little progress.
I downloaded SmartCardServices-31 from the opendarwin site. I went into
the src/CACPlugin and since I didn't see any build instructions, I
compiled it (after installing libpcsclite-dev, libmusclepkcs11-dev, and
zlib1g-dev from Debian) with
gcc -c -shared -I/usr/include/PCSC commonAccessCard.c
ld -shared -o commonAccessCard.so commonAccessCard.o
Then, I built the bundle directory structure under
/usr/lib/pcsc/services. I copied commonAccessCard.so to
commonAccessCard.bundle/Contents/Linux/commonAccessCard. I couldn't
find an appropriate Info.plist in SmartCardServices-31, so I copied
Info.plist.commonAccessCard from SmartCardServices-15 to
commonAccessCard.bundle/Contents/Info.plist. And
commonAccessCard.bundle/Contents/PkgInfo contains the contens
"BNDL????", which is surely critical for successful operation.
Now, when I run bundleTool, I get
% sudo bundleTool
Select the appropriate token driver:
------------------------------------
1. commonAccessCard.bundle
2. slbCryptoflex.bundle
------------------------------------
Enter the number: 1
Insert your token in: ActivCard 00 00
Token support updated successfully !
Now, when I run "tokens" in muscleTool, I get
muscle > tokens
1. Common Access Card
But
muscle > connect 1
ERR: EstablishConnection Failed !
Is your card already formated?
And the messages from pcscd at the time are
prothandler.c:126:PHSetProtocol() Attempting PTS to T=0
ifdhandler.c:373:IFDHSetProtocolParameters lun: 0, protocol T=0
On the other hand, when I run xcard, Common Access Card shows up under
Tokens, and three keys are available (as well as a bunch of objects and
a PIN). So I was optimistic. Alas, when I loaded
/usr/lib/libmusclepkcs11.so.0 in firefox, an entry shows up for
"ActivCard 00 00", but the status is still always "Not Present". Any
ideas from here?
By the way, I have just gotten this atrocious program called ActivCard
Gold installed, and using its Card Explorer I can see the certificates
as well. However, when I try to add its libpkcs11.so to firefox, I
always get "unable to add module".
Also, I'm curious as to why I have to go to the Darwin site to get the
commonAccessCard code. Will it be integrated into the MUSCLE project in
the future?
Thank you for your help.
Andrew
_______________________________________________
Muscle mailing list
Muscle@lists.musclecard.com
http://lists.drizzle.com/mailman/listinfo/muscle
