[Pki-users] [Non-DoD Source] Re: Fedora 22 - ESC Error

Thornton, Neill R. CIV neill.thornton at mercy.navy.mil
Wed Jan 27 17:55:04 UTC 2016 

Christina,

Thanks... I went into Info.plist and changed the ifdDriverOptions to each of the following:

- 0x0010
- 0x0020
- 0x0001
- 0x0002

Restarting escd and pcsc each time.  After each change I verified that pcsc_scan was still showing the card inserted, no issues there.  Just won't show up in the ESC.

Thanks again,

Neill

-----Original Message-----
From: pki-users-bounces at redhat.com [mailto:pki-users-bounces at redhat.com] On Behalf Of Christina Fu
Sent: Wednesday, January 27, 2016 9:45 AM
To: pki-users at redhat.com
Subject: [Non-DoD Source] Re: [Pki-users] Fedora 22 - ESC Error

oops, some correction...

On 01/27/2016 09:40 AM, Christina Fu wrote:
> Hi Neil,
I meant Neill...sorry
>
> I am no expert, but I do know for different cards you need to diddle 
> with the ifdDriverOptions value in 
> /usr/lib64/pcsc/drivers/ifd-ccid.bundle/Contents/Info.plist
>
> By default, I think it's
> <string>0x0000</string>
>
> My guess is that you could change it to <string>0x0010</string> 
> restart the escd
actually, restart pcscd too.
>
> if that doesn't work,
> change it to
> <string>0x0020</string>
> etc.
>
> Hope this helps, and please let us know how it works out for you 
> (which value it works for the card).
>
> Christina
>
> On 01/26/2016 05:49 PM, Thornton, Neill R. CIV wrote:
>> All,
>>
>> I am hoping someone can help me out with a green field Dogtag 
>> install.  We have installed all of the correct subsystems, and wanted 
>> to try and provision a hardware smart card.  We are using Axalto 
>> Cyberflex 64k cards for testing.  This is on Fedora 22, both the 
>> Dogtag server and the enrollment workstation have been updated using 
>> dnf to the latest packages.
>>
>> pcsc_scan on the enrollment station reports the following:
>>
>> PC/SC device scanner
>> V 1.4.23 (c) 2001-2011, Ludovic Rousseau <ludovic.rousseau at free.fr> 
>> Compiled with PC/SC lite version: 1.8.13 Using reader plug'n play 
>> mechanism Scanning present readers...
>> 0: SCM Microsystems Inc. SCR 355 [CCID Interface] 00 00
>>
>> Tue Jan 26 17:42:20 2016
>> Reader 0: SCM Microsystems Inc. SCR 355 [CCID Interface] 00 00
>>    Card state: Card inserted, Shared Mode,
>>    ATR: 3B 95 95 40 FF AE 01 03 00 00
>>
>> defined(@array) is deprecated at
>> /usr/lib64/perl5/vendor_perl/Chipcard/PCSC.pm 
>> l                                  ine 69.
>>          (Maybe you should just omit the defined()?)
>> ATR: 3B 95 95 40 FF AE 01 03 00 00
>> + TS = 3B --> Direct Convention
>> + T0 = 95, Y(1): 1001, K: 5 (historical bytes)
>>    TA(1) = 95 --> Fi=512, Di=16, 32 cycles/ETU
>>      125000 bits/s at 4 MHz, fMax for Fi = 5 MHz => 156250 bits/s
>>    TD(1) = 40 --> Y(i+1) = 0100, Protocol T = 0
>> -----
>>    TC(2) = FF --> Work waiting time: 960 x 255 x (Fi/F)
>> + Historical bytes: AE 01 03 00 00
>>    Category indicator byte: AE (proprietary format)
>>
>> Possibly identified card (using /usr/share/pcsc/smartcard_list.txt):
>> 3B 95 95 40 FF AE 01 03 00 00
>>          Axalto - Cyberflex 64K
>>          Gemalto TOP IM FIPS CY2 (product code HWP115291A)
>>
>> --
>>
>>
>> However, when we start esc, either as root or as a user, the GUI will 
>> start and display no smart cards.  When the "Diagnostics" button is 
>> pressed, an error dialog appears saying
>> "coolkey.GetAvailableCoolKeys() failed! Undefined(undefined)".
>>
>> After pressing OK, the diagnostic window displays, confirming 0 smart 
>> cards are detected.  System versions are listed as:
>> Smart Card Manager Version: null
>> System Versions: Mozilla/5.0 (x11; linux x86_64; rv:38.0)
>> gecko/20100101 esc/1.1.0-24
>>
>> Any insight to our problem would be greatly appreciated!
>>
>> Thanks,
>>
>> Neill
>>
>> --
>> Neill Thornton
>> Chief Information Officer - Medical Treatment Facility USNS Mercy
>> 619-235-3857 - Desk
>> 619-206-5426 - Cell
>> neill.thornton at mercy.navy.mil / neill.thornton at mercy.navy.smil.mil
>>
>>
>> _______________________________________________
>> Pki-users mailing list
>> Pki-users at redhat.com
>> https://www.redhat.com/mailman/listinfo/pki-users
>
> _______________________________________________
> Pki-users mailing list
> Pki-users at redhat.com
> https://www.redhat.com/mailman/listinfo/pki-users

_______________________________________________
Pki-users mailing list
Pki-users at redhat.com
https://www.redhat.com/mailman/listinfo/pki-users

More information about the Pki-users mailing list