NEOHAPSIS - Peace of Mind Through Integrity and Insight

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > MUSCLE Smartcard Development> 2004-q2

Re: [Muscle] mozilla can't add PKCS11 module

From: Christian Schneider (c.schneiderscram.de)
Date: Mon Apr 12 2004 - 03:24:07 CDT

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

John McBride wrote:

>
>
> Christian Schneider wrote:
>
>> John McBride wrote:
>>
>>> Christian Schneider wrote:
>>>
>>>
>>> Oops, I have made a mistake. This card is actually the oberthur
>>> cosmopolic V4.
>>>
>>
>> Hmm ... I don´t know if this card works. If it isn´t mentioned on the
>> Muscle site it is probably not supported. You should better get a
>> supported card.
>>
>
> I might get some cards to play with, not sure. I just wanted to get
> this to the point where I could sign emails to my employer, using the
> card they gave me and mozilla under linux.
>
> I tried a few things from your howto--in fact, I now have the
> "Muscle,/usr/local/lib/libmusclepkcs11.so" pair added to mozilla, no
> error when adding it.
>
> But whether the card is in or not, I get a "status" of "Not Present".
> When I click on the scm scr331 line in the device manager, I see stuff
> scrolling in the pcscd window like:
>
> eventhandler.c:467 EHSpawnEventHandler: Card inserted into SCM SCR 331
> CCID 0
> 0
> EHSpawnEventHandler: Card ATR: blah blah
> winscard_msg.c:290 SHMProcessEvents: correctly processed client: 0
> winscard.c:149 SCardConnect: Attempting Connect to SCM SCR 331 CCID 0 0
> winscard.c:245 SCardConnect: Active Protocol: 1
> winscard.c:252 SCardConnect: hCard Identity: 133ec
> winscard_msg.c:290 SHMProcessEvents: correctly processed client: 0
> winscard_msg.c:290 SHMProcessEvents: correctly processed client: 0
> winscard.c:1293 SCardTransmit: Send Protocol: 0
> winscard_msg.c:290 SHMProcessEvents: correctly processed client: 0
> winscard.c:642 SCardDisconnect: Active Contexts: 1
> winscard_msg.c:290 SHMProcessEvents: correctly processed client: 0
> winscard.c:149 SCardConnect: Attempting Connect to SCM SCR 331 CCID 0 0
> winscard.c:245 SCardConnect: Active Protocol: 1
> winscard.c:252 SCardConnect: hCard Identity: 14997
> winscard_msg.c:290 SHMProcessEvents: correctly processed client: 0
> winscard_msg.c:290 SHMProcessEvents: correctly processed client: 0
> winscard.c:1293 SCardTransmit: Send Protocol: 0
> winscard_msg.c:290 SHMProcessEvents: correctly processed client: 0
> winscard.c:642 SCardDisconnect: Active Contexts: 1
> winscard_msg.c:290 SHMProcessEvents: correctly processed client: 0
> winscard.c:149 SCardConnect: Attempting Connect to SCM SCR 331 CCID 0 0
> winscard.c:245 SCardConnect: Active Protocol: 1
> winscard.c:252 SCardConnect: hCard Identity: 151cb
> winscard_msg.c:290 SHMProcessEvents: correctly processed client: 0
> winscard_msg.c:290 SHMProcessEvents: correctly processed client: 0
> winscard.c:1293 SCardTransmit: Send Protocol: 0
> winscard_msg.c:290 SHMProcessEvents: correctly processed client: 0
> winscard.c:642 SCardDisconnect: Active Contexts: 1
> winscard_msg.c:290 SHMProcessEvents: correctly processed client: 0
> winscard.c:149 SCardConnect: Attempting Connect to SCM SCR 331 CCID 0 0
> winscard.c:245 SCardConnect: Active Protocol: 1
> winscard.c:252 SCardConnect: hCard Identity: 19568
> winscard_msg.c:290 SHMProcessEvents: correctly processed client: 0
> winscard_msg.c:290 SHMProcessEvents: correctly processed client: 0
> winscard.c:1293 SCardTransmit: Send Protocol: 0
> winscard_msg.c:290 SHMProcessEvents: correctly processed client: 0
> winscard.c:642 SCardDisconnect: Active Contexts: 1
>
> ...but the "Log In" button never enables, and the "Status" is always
> "Not Present".
>
> My /usr/local/pcscd/services has two bundles now, both ATRs are updated:
> authentIC.bundle
> mscMuscleCard.bundle
>
> I have not used XCardII on it, tried to load an applet, or any of
> that. I figured since someone already made the card for me, with the
> certs and a PIN, I don't need to do all that. Not sure though.

Yes that´s correct. If there is already certificate information on the
card you don´t have to use the applet. The problem is only that you
normally need a special pkcs11 module for your specific card type. If
you can get a linux pkcs11 module from the one who uploaded the
certificate then it should even work without the muscle framework.

The problem is that if you can´t get a pkcs11 driver and the card type
is not supported by muscle then there is no way to make it work.

It´s quite sad that there is no universal pkcs11 module. But muscle is
a start ;-)

greets,

Christian

_______________________________________________
Muscle mailing list
Musclelists.musclecard.com
http://lists.drizzle.com/mailman/listinfo/muscle

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]