OK, tests for millions of signatures were mostly positive for you (you
all in the list up to now) and also for us (things always break in
production, don't you know?).
The main difference is that both my production environment and test
environment work with 14 cards, with 2 USB hubs, 7 cards per hub (not
one card) and I never re-login/reconnect, just go on signing exploiting
the existing PKCS#11 session.
The only difference between my test and production environment were the
cards (the customer's cards are a bit more recent).
I think that we're going nowhere at the moment (my fault, given that I
cannot provide much debug data), anyway I'll keep listening if anyone
can help... I suppose that if we broaden the suspects pool to include a
USB glitch (excessive power drain that hampers USB communication) we are
going too far...
On 09/08/2014 11:00 AM, Umberto Rustichelli wrote:
First of all, thanks everybody for the prompt help.
Maybe I should first notice that we ran a test with >2 million
signatures befre going into production but with different cards: we
could not test the customer's cards because we don't have them. The
family is InCard but cards families are so... crowded...
On 09/08/2014 10:02 AM, helpcrypto helpcrypto wrote:
On Mon, Sep 8, 2014 at 9:30 AM, Umberto Rustichelli <
[email protected]> wrote:
...a few millions consecutive signatures for each card
To make it short, does anybody know of any predictable limit that can
cause failures (after "many" signatures the *cards disconnect*, one
by one)
among the following:
- cards cannot reliably work for more than N signatures
If it's a chip-writing limit issue, the card shouldnt be able to write
after reconnect. Have you tried that?
- some counters in the PCSC / CCID code
You can try stopping pcscd service and powering off devices each
x-million
operations to discard this.
- any known issue with smart card drivers,
I dont know how you doing, but I suggest doing independent operations
(ie:
use establishContext/releaseContext)
Mmmm... this I cannot do because I'm relying on the proprietary driver
for PKCS#11 operations, and I think that there is no reliable
open-source driver for those smart cards, sorry!
_______________________________________________
Pcsclite-muscle mailing list
[email protected]
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pcsclite-muscle
