12:46 p.m.
Hi Neill,
I'm not sure what could have gone wrong. And again, I'm really not an
expert in this area. Our smart card guy has been out sick.
And apparently I'm not doing a good job playing him ;-).
Could you provide your esc version?
Our latest f22 esc is here:
http://koji.fedoraproject.org/koji/buildinfo?buildID=672713
One thing you could try is to see if esc is even trying to read the card
(debugging I learned from our guy).
You can rerun the pcscd like the following:
export COOL_KEY_LOG_FILE=/tmp/coolkey.debug (this can be anything
value, I don't think it actually writes to it)
killall pcscd
/usr/sbin/pcscd -f -d -a
(this will produce a lot of debugging on terminal)
restart esc on another terminal (*make sure you put in the phone home
url; sometimes that pops up behind the ESC*) and observe if the debug
terminal indicates any recognition of card read.
For example, on my system, when I remove my card, i can see
EHStatusHandlerThread() Card Removed From OMNIKEY AG CardMan 3121 00 00
when I reinsert it, I see
EHStatusHandlerThread() Card inserted into OMNIKEY AG CardMan 3121 00 00
Let us know how it goes.
Christina
On 01/27/2016 09:55 AM, Thornton, Neill R. CIV wrote:
Christina,
Thanks... I went into Info.plist and changed the ifdDriverOptions to each of the
following:
- 0x0010
- 0x0020
- 0x0001
- 0x0002
Restarting escd and pcsc each time. After each change I verified that pcsc_scan was
still showing the card inserted, no issues there. Just won't show up in the ESC.
Thanks again,
Neill
-----Original Message-----
From: pki-users-bounces(a)redhat.com [mailto:pki-users-bounces@redhat.com] On Behalf Of
Christina Fu
Sent: Wednesday, January 27, 2016 9:45 AM
To: pki-users(a)redhat.com
Subject: [Non-DoD Source] Re: [Pki-users] Fedora 22 - ESC Error
oops, some correction...
On 01/27/2016 09:40 AM, Christina Fu wrote:
> Hi Neil,
I meant Neill...sorry
> I am no expert, but I do know for different cards you need to diddle
> with the ifdDriverOptions value in
> /usr/lib64/pcsc/drivers/ifd-ccid.bundle/Contents/Info.plist
>
> By default, I think it's
> <string>0x0000</string>
>
> My guess is that you could change it to <string>0x0010</string>
> restart the escd
actually, restart pcscd too.
> if that doesn't work,
> change it to
> <string>0x0020</string>
> etc.
>
> Hope this helps, and please let us know how it works out for you
> (which value it works for the card).
>
> Christina
>
> On 01/26/2016 05:49 PM, Thornton, Neill R. CIV wrote:
>> All,
>>
>> I am hoping someone can help me out with a green field Dogtag
>> install. We have installed all of the correct subsystems, and wanted
>> to try and provision a hardware smart card. We are using Axalto
>> Cyberflex 64k cards for testing. This is on Fedora 22, both the
>> Dogtag server and the enrollment workstation have been updated using
>> dnf to the latest packages.
>>
>> pcsc_scan on the enrollment station reports the following:
>>
>> PC/SC device scanner
>> V 1.4.23 (c) 2001-2011, Ludovic Rousseau <ludovic.rousseau(a)free.fr>
>> Compiled with PC/SC lite version: 1.8.13 Using reader plug'n play
>> mechanism Scanning present readers...
>> 0: SCM Microsystems Inc. SCR 355 [CCID Interface] 00 00
>>
>> Tue Jan 26 17:42:20 2016
>> Reader 0: SCM Microsystems Inc. SCR 355 [CCID Interface] 00 00
>> Card state: Card inserted, Shared Mode,
>> ATR: 3B 95 95 40 FF AE 01 03 00 00
>>
>> defined(@array) is deprecated at
>> /usr/lib64/perl5/vendor_perl/Chipcard/PCSC.pm
>> l ine 69.
>> (Maybe you should just omit the defined()?)
>> ATR: 3B 95 95 40 FF AE 01 03 00 00
>> + TS = 3B --> Direct Convention
>> + T0 = 95, Y(1): 1001, K: 5 (historical bytes)
>> TA(1) = 95 --> Fi=512, Di=16, 32 cycles/ETU
>> 125000 bits/s at 4 MHz, fMax for Fi = 5 MHz => 156250 bits/s
>> TD(1) = 40 --> Y(i+1) = 0100, Protocol T = 0
>> -----
>> TC(2) = FF --> Work waiting time: 960 x 255 x (Fi/F)
>> + Historical bytes: AE 01 03 00 00
>> Category indicator byte: AE (proprietary format)
>>
>> Possibly identified card (using /usr/share/pcsc/smartcard_list.txt):
>> 3B 95 95 40 FF AE 01 03 00 00
>> Axalto - Cyberflex 64K
>> Gemalto TOP IM FIPS CY2 (product code HWP115291A)
>>
>> --
>>
>>
>> However, when we start esc, either as root or as a user, the GUI will
>> start and display no smart cards. When the "Diagnostics" button is
>> pressed, an error dialog appears saying
>> "coolkey.GetAvailableCoolKeys() failed! Undefined(undefined)".
>>
>> After pressing OK, the diagnostic window displays, confirming 0 smart
>> cards are detected. System versions are listed as:
>> Smart Card Manager Version: null
>> System Versions: Mozilla/5.0 (x11; linux x86_64; rv:38.0)
>> gecko/20100101 esc/1.1.0-24
>>
>> Any insight to our problem would be greatly appreciated!
>>
>> Thanks,
>>
>> Neill
>>
>> --
>> Neill Thornton
>> Chief Information Officer - Medical Treatment Facility USNS Mercy
>> 619-235-3857 - Desk
>> 619-206-5426 - Cell
>> neill.thornton(a)mercy.navy.mil / neill.thornton(a)mercy.navy.smil.mil
>>
>>
>> _______________________________________________
>> Pki-users mailing list
>> Pki-users(a)redhat.com
>> https://www.redhat.com/mailman/listinfo/pki-users
> _______________________________________________
> Pki-users mailing list
> Pki-users(a)redhat.com
> https://www.redhat.com/mailman/listinfo/pki-users
_______________________________________________
Pki-users mailing list
Pki-users(a)redhat.com
https://www.redhat.com/mailman/listinfo/pki-users