Bug#488209: libopensc2: Access of FINEID card fails

Paavo Hartikainen Thu, 26 Jun 2008 18:57:48 -0700

Package: libopensc2
Version: 0.11.4-3
Severity: important


Authentication on OpenSSH and various other applications fail to access FINEID 
card.  Downgrading library to "stable" version works as temporary solution.

For example of how "libopensc2 0.11.4-3" fails:

---
[EMAIL PROTECTED]:~$ pkcs15-tool --verbose --verbose --list-certificates 
[pkcs15-tool] sc.c:196:sc_detect_card_presence: called
[pkcs15-tool] reader-openct.c:204:openct_reader_detect_card_presence: called
[pkcs15-tool] sc.c:201:sc_detect_card_presence: returning with: 1
Connecting to card in reader CCID Compatible...
[pkcs15-tool] card.c:110:sc_connect_card: called
[pkcs15-tool] reader-openct.c:228:openct_reader_connect: called
[pkcs15-tool] card.c:532:sc_select_file: called; type=1, 
path=a000000063504b43532d3135
[pkcs15-tool] reader-openct.c:420:openct_reader_lock: called
[pkcs15-tool] reader-openct.c:445:openct_reader_unlock: called
[pkcs15-tool] card.c:554:sc_select_file: returning with: 0
[pkcs15-tool] card.c:221:sc_connect_card: card info: SetCOS, 6004, 0x0
[pkcs15-tool] card.c:222:sc_connect_card: returning with: 0
Using card driver Setec cards.
[pkcs15-tool] reader-openct.c:420:openct_reader_lock: called
Trying to find a PKCS#15 compatible card...
[pkcs15-tool] pkcs15.c:706:sc_pkcs15_bind: called
[pkcs15-tool] card.c:532:sc_select_file: called; type=2, path=3f002f00
[pkcs15-tool] iso7816.c:99:iso7816_check_sw: File not found
[pkcs15-tool] card.c:554:sc_select_file: returning with: -1201
[pkcs15-tool] card.c:532:sc_select_file: called; type=2, path=3f005015
[pkcs15-tool] iso7816.c:99:iso7816_check_sw: File not found
[pkcs15-tool] card.c:554:sc_select_file: returning with: -1201
[pkcs15-tool] card.c:532:sc_select_file: called; type=2, path=3f005031
[pkcs15-tool] card.c:554:sc_select_file: returning with: 0
[pkcs15-tool] pkcs15.c:623:sc_pkcs15_bind_internal: The following DFs were 
found:
[pkcs15-tool] pkcs15.c:633:sc_pkcs15_bind_internal:   DF type 8, path 3f004401, 
index 0, count -1
[pkcs15-tool] pkcs15.c:633:sc_pkcs15_bind_internal:   DF type 0, path 3f004402, 
index 0, count -1
[pkcs15-tool] pkcs15.c:633:sc_pkcs15_bind_internal:   DF type 4, path 3f004403, 
index 0, count -1
[pkcs15-tool] pkcs15.c:633:sc_pkcs15_bind_internal:   DF type 4, path 3f004404, 
index 0, count -1
[pkcs15-tool] pkcs15.c:633:sc_pkcs15_bind_internal:   DF type 5, path 3f004405, 
index 0, count -1
[pkcs15-tool] pkcs15.c:633:sc_pkcs15_bind_internal:   DF type 7, path 3f004406, 
index 0, count -1
[pkcs15-tool] pkcs15.c:633:sc_pkcs15_bind_internal:   DF type 6, path 3f004407, 
index 0, count -1
[pkcs15-tool] card.c:532:sc_select_file: called; type=2, path=3f005032
[pkcs15-tool] card.c:554:sc_select_file: returning with: 0
Found HENKILOKORTTI!
[pkcs15-tool] pkcs15.c:1599:sc_pkcs15_read_file: called, path=3f004403, 
index=0, count=-1
[pkcs15-tool] card.c:532:sc_select_file: called; type=2, path=3f004403
[pkcs15-tool] card.c:554:sc_select_file: returning with: 0
[pkcs15-tool] pkcs15.c:1599:sc_pkcs15_read_file: called, path=3f004404, 
index=0, count=-1
[pkcs15-tool] card.c:532:sc_select_file: called; type=2, path=3f004404
[pkcs15-tool] card.c:554:sc_select_file: returning with: 0
[pkcs15-tool] reader-openct.c:334:openct_reader_transmit: unable to transmit
[pkcs15-tool] apdu.c:394:do_single_transmit: unable to transmit APDU
[pkcs15-tool] iso7816.c:127:iso7816_read_binary: APDU transmit failed: Generic 
reader error
[pkcs15-tool] card.c:430:sc_read_binary: returning with: Generic reader error
[pkcs15-tool] card.c:415:sc_read_binary: sc_read_binary() failed: Generic 
reader error
[pkcs15-tool] pkcs15.c:838:__sc_pkcs15_search_objects: DF parsing failed: 
Generic reader error
Certificate enumeration failed: Generic reader error
[pkcs15-tool] pkcs15.c:781:sc_pkcs15_unbind: called
[pkcs15-tool] reader-openct.c:445:openct_reader_unlock: called
[pkcs15-tool] card.c:236:sc_disconnect_card: called
[pkcs15-tool] reader-openct.c:275:openct_reader_disconnect: called
[pkcs15-tool] card.c:251:sc_disconnect_card: returning with: 0
[pkcs15-tool] ctx.c:738:sc_release_context: called
[pkcs15-tool] reader-openct.c:178:openct_reader_release: called
[pkcs15-tool] reader-openct.c:178:openct_reader_release: called
[pkcs15-tool] reader-openct.c:178:openct_reader_release: called
[pkcs15-tool] reader-openct.c:178:openct_reader_release: called
[pkcs15-tool] reader-openct.c:178:openct_reader_release: called
[pkcs15-tool] reader-openct.c:164:openct_reader_finish: called
---

For example of how "libopensc2 0.11.1-2" succceeds:

---
[EMAIL PROTECTED]:~$ pkcs15-tool --verbose --verbose --list-certificates
sc.c:168:sc_detect_card_presence: called
reader-openct.c:207:openct_reader_detect_card_presence: called
sc.c:173:sc_detect_card_presence: returning with: 1
Connecting to card in reader CCID Compatible...
card.c:110:sc_connect_card: called
reader-openct.c:231:openct_reader_connect: called
card.c:541:sc_select_file: called; type=1, path=a000000063504b43532d3135
reader-openct.c:435:openct_reader_lock: called
card.c:327:sc_unlock: Calling card logout function
card.c:541:sc_select_file: called; type=2, path=3f00
card.c:563:sc_select_file: returning with: 0
reader-openct.c:462:openct_reader_unlock: called
card.c:563:sc_select_file: returning with: 0
card.c:219:sc_connect_card: card info: SetCOS, 6004, 0x0
card.c:220:sc_connect_card: returning with: 0
Using card driver Setec cards.
reader-openct.c:435:openct_reader_lock: called
Trying to find a PKCS#15 compatible card...
pkcs15.c:656:sc_pkcs15_bind: called
card.c:541:sc_select_file: called; type=2, path=3f002f00
iso7816.c:99:iso7816_check_sw: File not found
card.c:563:sc_select_file: returning with: -1201
card.c:541:sc_select_file: called; type=2, path=3f005015
iso7816.c:99:iso7816_check_sw: File not found
card.c:563:sc_select_file: returning with: -1201
card.c:541:sc_select_file: called; type=2, path=3f005031
card.c:563:sc_select_file: returning with: 0
pkcs15.c:588:sc_pkcs15_bind_internal: The following DFs were found:
pkcs15.c:598:sc_pkcs15_bind_internal:   DF type 8, path 3f004401, index 0, 
count -1
pkcs15.c:598:sc_pkcs15_bind_internal:   DF type 0, path 3f004402, index 0, 
count -1
pkcs15.c:598:sc_pkcs15_bind_internal:   DF type 4, path 3f004403, index 0, 
count -1
pkcs15.c:598:sc_pkcs15_bind_internal:   DF type 4, path 3f004404, index 0, 
count -1
pkcs15.c:598:sc_pkcs15_bind_internal:   DF type 5, path 3f004405, index 0, 
count -1
pkcs15.c:598:sc_pkcs15_bind_internal:   DF type 7, path 3f004406, index 0, 
count -1
pkcs15.c:598:sc_pkcs15_bind_internal:   DF type 6, path 3f004407, index 0, 
count -1
card.c:541:sc_select_file: called; type=2, path=3f005032
card.c:563:sc_select_file: returning with: 0
Found HENKILOKORTTI!
pkcs15.c:1547:sc_pkcs15_read_file: called, path=3f004403, index=0, count=-1
card.c:541:sc_select_file: called; type=2, path=3f004403
card.c:563:sc_select_file: returning with: 0
pkcs15.c:1547:sc_pkcs15_read_file: called, path=3f004404, index=0, count=-1
card.c:541:sc_select_file: called; type=2, path=3f004404
card.c:563:sc_select_file: returning with: 0
pkcs15.c:1547:sc_pkcs15_read_file: called, path=3f004405, index=0, count=-1
card.c:541:sc_select_file: called; type=2, path=3f004405
card.c:563:sc_select_file: returning with: 0
pkcs15.c:1547:sc_pkcs15_read_file: called, path=3f004407, index=0, count=-1
card.c:541:sc_select_file: called; type=2, path=3f004407
card.c:563:sc_select_file: returning with: 0
Card has 4 certificate(s).

X.509 Certificate [todentamis- ja salausvarmenne]
        Flags    : 0
        Authority: no
        Path     : 3f004331
        ID       : 45

X.509 Certificate [allekirjoitusvarmenne]
        Flags    : 0
        Authority: no
        Path     : 3f0050164332
        ID       : 46

X.509 Certificate [VRK Gov. Root CA]
        Flags    : 0
        Authority: yes
        Path     : 3f004334
        ID       : 48

X.509 Certificate [VRK Gov. CA for Citizen Qualified Certificates]
        Flags    : 0
        Authority: yes
        Path     : 3f004333
        ID       : 47

pkcs15.c:731:sc_pkcs15_unbind: called
card.c:327:sc_unlock: Calling card logout function
card.c:541:sc_select_file: called; type=2, path=3f00
card.c:563:sc_select_file: returning with: 0
reader-openct.c:462:openct_reader_unlock: called
card.c:234:sc_disconnect_card: called
reader-openct.c:280:openct_reader_disconnect: called
card.c:249:sc_disconnect_card: returning with: 0
ctx.c:728:sc_release_context: called
reader-openct.c:180:openct_reader_release: called
reader-openct.c:180:openct_reader_release: called
reader-openct.c:180:openct_reader_release: called
reader-openct.c:180:openct_reader_release: called
reader-openct.c:180:openct_reader_release: called
reader-openct.c:165:openct_reader_finish: called
---

-- System Information:
Debian Release: lenny/sid
  APT prefers stable
  APT policy: (1001, 'stable'), (101, 'testing'), (99, 'unstable'), (9, 
'experimental')
Architecture: powerpc (ppc)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.22.9
Locale: [EMAIL PROTECTED], [EMAIL PROTECTED] (charmap=ISO-8859-15)

Versions of packages libopensc2 depends on:
ii  libc6                  2.7-10            GNU C Library: Shared libraries
ii  libltdl3               1.5.22-4          A system independent dlopen wrappe
ii  libopenct1             0.6.14-2          middleware framework for smart car
ii  libpcsclite1           1.4.101-2         Middleware to access a smart card 
ii  libssl0.9.8            0.9.8g-10.1       SSL shared libraries
ii  zlib1g                 1:1.2.3.3.dfsg-12 compression library - runtime

libopensc2 recommends no packages.

-- no debconf information



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#488209: libopensc2: Access of FINEID card fails

Reply via email to