I think what OpenSC is trying to define as max_send_size is the max
value Le that can be be used in a APDU. This may be limited
by the card itself or by the reader/IFSD/CCID.
It would be nice if the max_send_size could be set by testing
the reader/IFSD/CCID at run time and converting these to
the max Le value.
Some of the cards already impose a max_send_size.If its
bigger then it can handle it it will lower it. The GemSAPFE
driver sets it to 248 max.
What OpenSC currently does is to ask the user to set this
in the opensc.conf and the limit applies to all readers.
Looks like the [1]PC/SC SCardGetAttrib SCARD_ATTR_MAXINPUT
would work with max_send_size <= SCARD_ATTR_MAXINPUT - 5;
Ludovic Rousseau wrote:
On 16/03/07, Douglas E. Engert <[EMAIL PROTECTED]> wrote:
Can you run the command that is listed in the new opensc.conf:
# This sets the maximum send and receive sizes.
# Some reader drivers have limitations, so you need
# to set these values. For usb devices check the
# properties with lsusb -vv for dwMaxIFSD
(Although I tried this on my GemPC Twin, and it says 254
but works with the 256.)
I have 4 types of readers on Linux, (and a GemPC Card PCMCIA
card on Windows).
GemPCTwin:
dwMaxIFSD 254
dwMaxCCIDMsgLen 271
Active Card V2.0 with one firmware upgrade to get it to 2.02
This doesnotwork with PC/SC
09c3:0008
dwMaxIFSD 252
dwMaxCCIDMsgLen 263
Active Card V2.0 with two sets of firmware upgrades to get
it to 5.22 SCR331 with firmware 5.22 whihc des work.
0496:e001
dwMaxIFSD 252
dwMaxCCIDMsgLen 263
Cherry xx44
dMaxIFSD 254
dwMacCCIDMsgLen 271
All of these work with the PIV card.
You are confusing dwMaxIFSD: and dwMaxCCIDMessageLength:
dwMaxIFSD is for T=1 cards only. It is the maximum size of a block
accepted by the reader.
dwMaxCCIDMessageLength is for both T=0 and T=1 cards and should not
be smaller than dwMaxIFSD+10. It is the maximum size of a CCID frame
(APDU plus CCID header of 10 bytes)
For a T=0 card the application shall not send APDU longer than
dwMaxCCIDMessageLength-10. The application can get the maximum length
using SCARD_ATTR_MAXINPUT request [1].
Developers:
I think it is a good idea to have the default set large and let
the card or reader drivers lower it.
Using PC/SC the driver can't lower it. It can just let the application
request the maximum size. Maybe we should add a new PC/SC error code
like SCARD_E_APDU_SIZE_EXCEEDED.
Correct, what I mean was the OPenSC reader code would query the
PC/SC driver to find the max size of the specifix reader then set the
max_send_size based on this.
Another possible answer is: do not use limited/bogus/non-ISO smart card
readers.
If people have them and they work for them today...
Bye
[1]
http://svn.debian.org/wsvn/pcsclite/trunk/Drivers/ccid/SCARDGETATTRIB.txt?op=file&rev=0&sc=0
--
Douglas E. Engert <[EMAIL PROTECTED]>
Argonne National Laboratory
9700 South Cass Avenue
Argonne, Illinois 60439
(630) 252-5444
_______________________________________________
opensc-devel mailing list
opensc-devel@lists.opensc-project.org
http://www.opensc-project.org/mailman/listinfo/opensc-devel
