[opensc-devel] sign error with CardOS on Mac OS X
Hello, using Firefox on Mac OS X with CardOS cards I get a connection error. Ludovic Rousseau kindly showed me how to track it down to the sign function of opensc 0.12.2: The command pkcs15-crypt --sign --pkcs1 --sha-1 --in sig.in --out sig.out --key 46 produces Compute signature failed: Transmit failed There is no problem on Linux and Windows. There is no problem on Mac OS X with TCOS cards. The verbose output of the pkcs15-crypt command above can be found on http://www.uni-giessen.de/~g013/opensc/pkcs15-crypt.log Regards Johannes ___ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
Re: [opensc-devel] sign error with CardOS on Mac OS X
Hello, On Tue, Dec 13, 2011 at 12:51, Johannes Becker johannes.bec...@hrz.uni-giessen.de wrote: using Firefox on Mac OS X with CardOS cards I get a connection error. Ludovic Rousseau kindly showed me how to track it down to the sign function of opensc 0.12.2: I believe this has already been on the list but I don't have the reference at hand. Outgoing APDU data [ 266 bytes] = ... 0x7fff70f32cc0 11:19:18.788 [pkcs15-crypt] reader-pcsc.c:202:pcsc_internal_transmit: 0x0037 00 00:SCardTransmit/Control failed: 0x80100016 You are trying to use extended APDU support (266 bytes) with a reader that does not support it (see the link below). You can try setting max_send_size in opensc.conf to a value that suits you (uncommentig it should work), get a reader that supports extended APDU or help to fix OpenSC so that it would work intelligently in such situations. http://pcsclite.alioth.debian.org/ccid_extended_apdu.html There is no problem on Linux and Windows. Do you use the CCID driver on Linux as well? It should behave the same way. Proprietary Windows driver might do some tricks to implement the extended APDU support. There is no problem on Mac OS X with TCOS cards. They have a different driver and probably don't use extended APDU-s, so this can't be compared directly. Martin ___ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
Re: [opensc-devel] sign error with CardOS on Mac OS X
2011/12/13 Martin Paljak mar...@martinpaljak.net: Hello, On Tue, Dec 13, 2011 at 12:51, Johannes Becker johannes.bec...@hrz.uni-giessen.de wrote: using Firefox on Mac OS X with CardOS cards I get a connection error. Ludovic Rousseau kindly showed me how to track it down to the sign function of opensc 0.12.2: I believe this has already been on the list but I don't have the reference at hand. Outgoing APDU data [ 266 bytes] = ... 0x7fff70f32cc0 11:19:18.788 [pkcs15-crypt] reader-pcsc.c:202:pcsc_internal_transmit: 0x0037 00 00:SCardTransmit/Control failed: 0x80100016 You are trying to use extended APDU support (266 bytes) with a reader that does not support it (see the link below). You can try setting max_send_size in opensc.conf to a value that suits you (uncommentig it should work), get a reader that supports extended APDU or help to fix OpenSC so that it would work intelligently in such situations. http://pcsclite.alioth.debian.org/ccid_extended_apdu.html There is no problem on Linux and Windows. Do you use the CCID driver on Linux as well? It should behave the same way. Proprietary Windows driver might do some tricks to implement the extended APDU support. Johannes said it was working fine on Linux. So I did not expect an extended APDU issue. Johannes can you attach a pkcs15-crypt --sign log with the same card and same reader on Linux? I am surprised I works. Thanks -- Dr. Ludovic Rousseau ___ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
