[Pcsclite-muscle] Problem reading certificate from SCM Microsystems SCR3500 (and others)

Ludovic Rousseau ludovic.rousseau at gmail.com
Fri Apr 10 12:05:01 UTC 2015


Hello,

2015-04-09 13:22 GMT+02:00 Aalderd Bouwman <info at boac.nl>:
> I have 2 cardreaders:
> 1. Omnikey AG CardMAn 3121 SC
> 2. SCM Microsystems SCR3500
>
> And I have 2 smartcards with different certificates.
> 1. Old certificate
> 2. New certificate

What is your card?
I do not have it in my list
https://smartcard-atr.appspot.com/parse?ATR=3BFA1800008131FE4506082A841001876E0807BE

> Reading the first card with both readers is successful.
> Reading the other card fails gives an error with the first cardreader but is
> successful in the end:
>
> Device info:
> 00000025 hotplug_libudev.c:435:HPAddDevice() Adding USB device: OMNIKEY AG
> CardMan 3121
> 00000058 readerfactory.c:1011:RFInitializeReader() Attempting startup of
> OMNIKEY AG CardMan 3121 00 00 using
> [path]/pcsc/drivers/ifd-ccid.bundle/Contents/Linux/libccid.so
> 00000227 readerfactory.c:896:RFBindFunctions() Loading IFD Handler 3.0
> 00000051 ifdhandler.c:1927:init_driver() Driver version: 1.4.18
>
> Inserting the card:
> 00000013 eventhandler.c:418:EHStatusHandlerThread() Card inserted into
> OMNIKEY AG CardMan 3121 00 00
> 00000015 Card ATR: 3B FA 18 00 00 81 31 FE 45 06 08 2A 84 10 01 87 6E 08 07
> BE
> 05000729 ifdhandler.c:1139:IFDHPowerICC() action: PowerDown,
> usb:076b/3021:libudev:0:/dev/bus/usb/003/002 (lun: 0)
>
> Reading card data gives only this error (5 times):
> 00000009 ifdhandler.c:1283:IFDHTransmitToICC()
> usb:076b/3021:libudev:0:/dev/bus/usb/003/002 (lun: 0)
> 00000010 commands.c:1740:CmdXfrBlockTPDU_T0() T=0: 7 bytes
> 00000011 -> 000000 6F 07 00 00 00 00 15 00 00 00 00 A4 00 0C 02 3F 00
> 00036373 <- 000000 80 4F 00 00 00 00 15 00 00 00 49 20 61 6D 20 74 68 65 20
> 53 61 66 65 53 69 67 6E 20 41 70 70 6C 65 74 20 6F 66 20 41 2E 45 2E 54 2E
> 20 45 75 72 6F 70 65 20 42 2E 56 2E 20 70 6C 65 61 73 65 20 61 75 74 68 65
> 6E 74 69 63 61 74 65 20 79 6F 75 72 73 65 6C 66 2E 0A 90 00
> 00000029 commands.c:1560:CCID_Receive() overrun by 77 bytes

The driver received 79 (0x4F) byes but was expecting only 2 bytes. So
the buffer is too small by 77 bytes.
I guess your application is bogus and gives a 2 bytes buffer expecting
a SW1-SW2 for 0x61xx when the card send the full answer.

> 00000012 ifdwrapper.c:550:IFDTransmit() Card not transacted: 618
> 00000009 winscard.c:1633:SCardTransmit() Card not transacted: 0x80100016
> 00000010 winscard.c:1653:SCardTransmit() UnrefReader() count was: 2
>
> The card is usable by other clients through the pcsc-lite library.
>
> ---------------------------------------------------------------------------------------
> Reading the other card fails at an other position and fails totaly:
>
> Device info:
> 00000022 hotplug_libudev.c:435:HPAddDevice() Adding USB device: SCM
> Microsystems Inc. SCR 355
> 00000076 ifdhandler.c:375:IFDHGetCapabilities() tag: 0xFAF,
> usb:076b/3021:libudev:0:/dev/bus/usb/003/002 (lun: 0)
> 00000022 readerfactory.c:679:RFSetReaderName() Support 16 simultaneous
> readers
> 00000018 ifdhandler.c:375:IFDHGetCapabilities() tag: 0xFAD,
> usb:076b/3021:libudev:0:/dev/bus/usb/003/002 (lun: 0)
> 00000016 readerfactory.c:296:RFAddReader() Driver is thread safe
> 00000016 readerfactory.c:1011:RFInitializeReader() Attempting startup of SCM
> Microsystems Inc. SCR 355 [CCID Interface] 01 00 using
> [path]/pcsc/drivers/ifd-ccid.bundle/Contents/Linux/libccid.so
>
> Inserting the card:
> 00000013 eventhandler.c:418:EHStatusHandlerThread() Card inserted into
> OMNIKEY AG CardMan 3121 00 00
> 00000015 Card ATR: 3B FA 18 00 00 81 31 FE 45 06 08 2A 84 10 01 87 6E 08 07
> BE
> 05000729 ifdhandler.c:1139:IFDHPowerICC() action: PowerDown,
> usb:076b/3021:libudev:0:/dev/bus/usb/003/002 (lun: 0)
>
> Reading card data gives first this error:
> 00000011 sending: 00 00 07 00 A4 00 0C 02 3F 00 92
> 00000013 -> 000001 6F 0B 00 00 00 00 11 00 00 00 00 00 07 00 A4 00 0C 02 3F
> 00 92
> 00023571 <- 000001 80 53 00 00 00 00 11 00 00 00 00 00 4F 49 20 61 6D 20 74
> 68 65 20 53 61 66 65 53 69 67 6E 20 41 70 70 6C 65 74 20 6F 66 20 41 2E 45
> 2E 54 2E 20 45 75 72 6F 70 65 20 42 2E 56 2E 20 70 6C 65 61 73 65 20 61 75
> 74 68 65 6E 74 69 63 61 74 65 20 79 6F 75 72 73 65 6C 66 2E 0A 90 00 8C
> 00000055 received: 00 00 4F 49 20 61 6D 20 74 68 65 20 53 61 66 65 53 69 67
> 6E 20 41 70 70 6C 65 74 20 6F 66 20 41 2E 45 2E 54 2E 20 45 75 72 6F 70 65
> 20 42 2E 56 2E 20 70 6C 65 61 73 65 20 61 75 74 68 65 6E 74 69 63 61 74 65
> 20 79 6F 75 72 73 65 6C 66 2E 0A 90 00 8C
> 00000014 openct/proto-t1.c:356:t1_transceive()
> 00000009 openct/proto-t1.c:384:t1_transceive() buffer overrun by 77 bytes

Same problem here but the reader is in TPDU and not APDU so the trace
is different.

> 00000012 ifdwrapper.c:550:IFDTransmit() Card not transacted: 612
> 00000009 winscard.c:1633:SCardTransmit() Card not transacted: 0x80100016
> 00000009 winscard.c:1653:SCardTransmit() UnrefReader() count was: 2
>
> After that I see the following errors:
> 00000016 winscard.c:1608:SCardTransmit() Send Protocol: T=1
> 00000011 ifdhandler.c:1283:IFDHTransmitToICC()
> usb:04e6/5410:libudev:0:/dev/bus/usb/002/008 (lun: 10000)
> 00000011 commands.c:2212:CmdXfrBlockTPDU_T1() T=1: 7 and 2 bytes
> 00000010 openct/proto-t1.c:171:t1_transceive() T=1 state machine is DEAD.
> Reset the card first.
> 00000010 ifdwrapper.c:550:IFDTransmit() Card not transacted: 612
> 00000009 winscard.c:1633:SCardTransmit() Card not transacted: 0x80100016
> 00000010 winscard.c:1653:SCardTransmit() UnrefReader() count was: 2
>
> It seems the new certificate is larger than the previous certificate.
>
> This error we also get with other cardreaders: for example: O2 Micro Oz776
>
> How can we fix this problem?

Fix your application.

You can try to generate PC/SC traces using
http://ludovicrousseau.blogspot.fr/2011/11/pcsc-api-spy-third-try.html

Bye

-- 
 Dr. Ludovic Rousseau



More information about the Pcsclite-muscle mailing list