Active protocol: unknown -2 (Re: [Muscle] cryptoflex pin padding)

Daniel Breest eljay at gmx.de
Sun Aug 29 10:12:04 PDT 2004 

Ludovic Rousseau wrote:
> Le Saturday 28 August 2004 à 23:34:15, Daniel Breest a écrit:
> 
>>hi list,
> 
> 
> Hello,
> 
> 
>>After having some problems with libpcsclite1/pcscd (1.2.9-beta6-1), i.e. 
>>the pcscd debug output always says "Active protocol: unknown -2" after a 
>>call to SCardConnect,
> 
> 
> Can you tell us/me a bit more about this error?
> How do you use SCardConnect? Can you send me a sample source code
> exhibiting this error?
> 
> What is your card ATR?
> Can you send me the complete debug output of pcscd (1.2.9-beta6-1)?
> 
> Thanks,
> 

Hi,
i will try to give you a more detailed description. I used the debian 
packages libpcsclite1 and pcscd both version 1.2.9-beta6-1. Also the 
package libpcsclite0 version 1.2.0-stable-2 is installed. After having 
problems with almost every tool i tried out, i.e. cryptoflex-tool for 
example, which brings error messages like "unresponsive card" or 
"protocol mismatch", i decide to write my own little test program using 
pc/sc api. By the way i have an omnikey cardman 4000 and when i put the 
card, a cryptoflex 32k e-gate, into the reader the cards atr is 
recognized. The cards ATR is 3B 95 18 40 FF 62 01 02 01 04.
I will provide you a short code snippet to show how i used the 
SCardConnect function.

-->code begin

	/* Verify CHV command APDU with example PIN not the real ;) */
	unsigned char APDU[] = {0xC0, 0x20, 0x00, 0x01, 0x08, 0x31, 0x32, 0x33, 
0x34, 0x35, 0x36, 0x00, 0x00};

         result = SCardEstablishContext(SCARD_SCOPE_USER, NULL, NULL, 
&context);

         if (result == SCARD_S_SUCCESS){
                 printf("connection to ressource manager established...\n");

                 SCardListReaders(context, NULL, NULL, &dwReaders);
                 mszReaders = (LPSTR)malloc(sizeof(char)*dwReaders);
                 SCardListReaders(context, NULL, mszReaders, &dwReaders);

	        readerState[0].szReader = &mszReaders[0];
                 readerState[0].dwCurrentState = SCARD_STATE_EMPTY;

                 printf("please provide chipcard ... \n");
                 SCardGetStatusChange(context, INFINITE, readerState, 1);

		/*try to connect to card here */
                 result = SCardConnect(context,
                                 &mszReaders[0], SCARD_SHARE_SHARED,
                                 SCARD_PROTOCOL_T0 | SCARD_PROTOCOL_T1,
                                 &CardHandle, &Protocol);

                 printf("active protocol: %i\n", Protocol);

                 if (result == SCARD_S_SUCCESS){
                         printf("card connection successful...\n");

                         responseLength = sizeof(response);
                         result = SCardTransmit(CardHandle, 
SCARD_PCI_T0, APDU, sizeof(APDU), NULL, response, &responseLength);

                         if (result == SCARD_S_SUCCESS){
                                 printf("response trailer SW1=%.2xh 
SW2=%.2xh\n", response[0], response[1]);
                         }else if (result == SCARD_E_PROTO_MISMATCH)
                                 printf("protocol mismatch...\n");
                         else
                                 printf("transmit failed %x...\n", result);
                 }else
                         printf("card connection failed %x...\n", result);

                 SCardReleaseContext(context);
         }else
                 printf("unable to connect to ressource manager...\n");
<-- code end

The following is the pcscd output to syslog when my program is executed. 
Note that the first time the programs runs the protocol negotiation 
fails. The second time everything seems to be fine but not APDU is 
exchanged and the transmission generally fails.

-->pcscd syslog first run
pcscd: winscard_msg.c:191:SHMProcessEventsServer Common channel packet 
arrival
pcscd: winscard_msg.c:198:SHMProcessEventsServer 
SHMProcessCommonChannelRequest detects: 7
pcscd: pcscdaemon.c:136:SVCServiceRunLoop A new context thread creation 
is requested: 7
pcscd: winscard_svc.c:102:ContextThread Thread is started: 7
pcscd: winscard_msg.c:252:SHMProcessEventsContext correctly processed 
client: 7
pcscd: winscard.c:68:SCardEstablishContext Establishing Context: 17021595
pcscd: eventhandler.c:407:EHStatusHandlerThread Card inserted into 
OMNIKEY Cardman 4000 Socket 0 00 00
pcscd: Card ATR: 3B 95 18 40 FF 62 01 02 01 04
pcscd: winscard_msg.c:252:SHMProcessEventsContext correctly processed 
client: 7
pcscd: winscard.c:121:SCardConnect Attempting Connect to OMNIKEY Cardman 
4000 Socket 0 00 00
pcscd: prothandler.c:126:PHSetProtocol Attempting PTS to T=0
pcscd: prothandler.c:138:PHSetProtocol PTS failed, using T=0
pcscd: winscard_msg.c:252:SHMProcessEventsContext correctly processed 
client: 7
pcscd: winscard.c:79:SCardReleaseContext Releasing Context: 17021595
pcscd: winscard_msg.c:241:SHMProcessEventsContext Client has disappeared: 7
pcscd: winscard_svc.c:114:ContextThread Client die: 7
<--pcscd syslog first run end

-->pcscd syslog second run start
pcscd: winscard_msg.c:191:SHMProcessEventsServer Common channel packet 
arrival
pcscd: winscard_msg.c:198:SHMProcessEventsServer 
SHMProcessCommonChannelRequest detects: 7
pcscd: pcscdaemon.c:136:SVCServiceRunLoop A new context thread creation 
is requested: 7
pcscd: winscard_svc.c:102:ContextThread Thread is started: 7
pcscd: winscard_msg.c:252:SHMProcessEventsContext correctly processed 
client: 7
pcscd: winscard.c:68:SCardEstablishContext Establishing Context: 16996639
pcscd: winscard_msg.c:252:SHMProcessEventsContext correctly processed 
client: 7
pcscd: winscard.c:121:SCardConnect Attempting Connect to OMNIKEY Cardman 
4000 Socket 0 00 00
pcscd: winscard.c:221:SCardConnect Active Protocol: unknown -2
pcscd: winscard.c:231:SCardConnect hCard Identity: 1eeea
pcscd: winscard_msg.c:252:SHMProcessEventsContext correctly processed 
client: 7
pcscd: winscard_msg.c:252:SHMProcessEventsContext correctly processed 
client: 7
pcscd: winscard.c:79:SCardReleaseContext Releasing Context: 16996639
pcscd: winscard.c:607:SCardDisconnect Active Contexts: 1
pcscd: winscard.c:666:SCardDisconnect Reset complete.
pcscd: winscard_msg.c:241:SHMProcessEventsContext Client has disappeared: 7
pcscd: winscard_svc.c:114:ContextThread Client die: 7
<--pcscd syslog second run end

It should be mentioned, that the cryptoflex card only understands the T0 
protocol. But when i select SCARD_PROTOCOL_T0 in the call to 
SCardConnect it is the same, i.e. it doesn`t work.

As i wrote in my first mail, after switching to pcsclite version 1.2.0 
everything works fine. Now i have the problem, that i don`t know how to 
issue the "Verify CHV" command correctly, as it requires a pin of 8 byte 
length, but the pre-personalized pin is only of 6 byte length. I cannot 
use tools like cryptoflex-tool or muscleTool as they are based on 
libpcsclite1.

Well, i hope i was able to provide some usefull information.

--
El

More information about the Muscle mailing list