I would to propose two sets of changes to the ./etc/opensc.conf.in file.
The first cleans up some PIV issues: adding # piv to the list of supported internal driver names, removing the # pkcs15emu = "PIV-II"; comment line, adding the PIV-II to to the list of the builtin pkcs15 emulators to test. The second deals with the use of the max_send_size and max_recv_size parameters, especially important if you are trying to to use more then one type of card on the same system. opensc.conf sets these to 252 for the pcsc reader_driver, but not any of the other reader_drivers. The default is set in ctx.c from SC_APDU_CHOP_SIZE as 248. (Is this some old holder over from some earlier readers?) The values set for the reader then applies to *all* cards that might be used on the system. card.c copies it to card->max_send_size = reader->driver->max_send_size; Many card card drivers will set their own limits and change card->max_*_size if the max_*_size is greater then the card can handle: card-staros.c 128 card-atrust-acos.c 128 pkcs15-gemsafe.c 248 card-minicos 244 card-gpk.c multiple of 8 card-piv.c needs 256 before doing i/o but 0xffff during emulation. card-muscle 1024*64 but also has a MSC_MAX_SEND = 255 and MSC_MAX_APDU = 256. The consistent thing to do would be to have the default set to 256, and comment out the max_*_sizes in opensc.conf as all newer readers can handle this, as far as I know. Then let each card driver reset it if it is larger then the card can handle as most today today. A user with an older reader could still set it lower in opensc.conf. -- Douglas E. Engert <[EMAIL PROTECTED]> Argonne National Laboratory 9700 South Cass Avenue Argonne, Illinois 60439 (630) 252-5444
Index: opensc.conf.in =================================================================== --- opensc.conf.in (revision 3121) +++ opensc.conf.in (working copy) @@ -68,8 +68,8 @@ # Some IFD handlers do not properly handle APDUs with # large lc or le bytes. # - max_send_size = 252; - max_recv_size = 252; + max_send_size = 256; + max_recv_size = 256; # # Connect to reader in exclusive mode. # Default: false @@ -92,6 +92,8 @@ reader_driver openct { # virtual readers to allocate. default:5 readers = 5; + max_send_size = 256; + max_recv_size = 256; }; # What card drivers to load at start-up @@ -144,6 +146,7 @@ # oberthur Oberthur AuthentIC.v2/CosmopolIC.v4 # belpic Belpic cards # emv EMV compatible cards + # piv U.S. NIST 800-73-1 PIV # Generic format: card_atr <hex encoded ATR (case-sensitive!)> @@ -219,7 +222,6 @@ # card_atr 3B:7D:96:00:00:80:31:80:65:B0:83:11:00:AC:83:00:90:00 { # name = "PIV-II"; # driver = "piv"; - # pkcs15emu = "PIV-II"; # } # Estonian ID card and Micardo driver currently play together with T=0 @@ -270,7 +272,7 @@ # Default: yes # enable_builtin_emulation = yes; # list of the builtin pkcs15 emulators to test - builtin_emulators = esteid, openpgp, tcos, starcert, infocamere, postecert, actalis, atrust-acos, gemsafe, tccardos; + builtin_emulators = esteid, openpgp, tcos, starcert, infocamere, postecert, actalis, atrust-acos, gemsafe, tccardos, PIV-II; # additional settings per driver #
_______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel