Re: Cool-Key on Solaris

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 02/13/2010 11:07 PM, Kevin Reinholz wrote:
Replying to myself on this one...

On 06/14/09 10:24 AM, Kevin Reinholz wrote:
I'm running OpenSolaris 2009.06 (snv_111b) and trying to build coolkey.

I built pcsc-lite-1.5.3 using the Sun Studio tools (Sun Ceres Studio IDE 9.0 SunOS_i386 2009/03/06)) and the following commands:

./configure CCC=/opt/SunStudioExpress/bin/CC CC=/opt/SunStudioExpress/bin/cc
make
pfexec make install

I've since "improved" my method of building pcsc-lite-1.5.5 with the following options under Sun Studio 12.1 (and to reflect the availability of libusb packages through OpenSolaris' Image Packaging System (IPS) which install in the standard /usr directory):

env LIBUSB_CLFAGS="-I/usr/include" LIBUSB_LIBS="-L/usr/lib -lusb" ./configure CCC=/opt/sunstudio12.1/bin/CC CC=/opt/sunstudio12.1/bin/cc --sysconfdir=/etc --prefix=/usr/local --disable-libhal --enable-libusb --enable-debugatr --enable-scf

make
pfexec make install

I then built ccid-1.3.10 (again, using the Sun Studio tools) using the following commands:

env PCSC_CFLAGS=-I/usr/local/include/PCSC PCSC_LIBS="-L/usr/local/lib -lpcsclite" LIBUSB_CFLAGS=-I/usr/sfw/include LIBUSB_LIBS="-L/usr/sfw/lib -lusb" ./configure CCC=/opt/SunStudioExpress/bin/CC CC=/opt/SunStudioExpress/bin/cc --enable-usbdropdir=/usr/sfw/lib/libusb_plugins/
make
pfexec make install

"Better" way to compile ccid-1.3.11 using Sun Studio 12.1:

env PCSC_CFLAGS=-I/usr/local/include/PCSC PCSC_LIBS="-L/usr/local/lib -lpcsclite" LIBUSB_CFLAGS=-I/usr/include LIBUSB_LIBS="-L/usr/lib -lusb" ./configure CCC=/opt/sunstudio12.1/bin/CC CC=/opt/sunstudio12.1/bin/cc --sysconfdir=/etc --prefix=/usr/local --enable-usbdropdir=/usr/local/pcsc/drivers

make
pfexec make install

This gets me a working pcscd.

<snip>

I don't think it's (at least not without a lot of work) possible to compile coolkey-1.1.0 with the Sun Studio compiler. I can compile it with gcc-3.4.3 (default version on OpenSolaris snv_132) using the following options:

>From the coolkey-1.1.0 top source directory:

vi src/coolkey/machdep.cpp

Add the following lines:

#ifndef MAP_FILE
#define MAP_FILE 0
#endif

Between:

#endif

#ifdef _WIN32

vi src/coolkey/coolkeypk11.def

And delete line 19, which is empty.

env LIBUSB_CFLAGS="-I/usr/include" LIBUSB_LIBS="-L/usr/lib -lusb" PCSC_CFLAGS=-I/usr/local/include/PCSC PCSC_LIBS="-L/usr/local/lib -lpcsclite" ./configure --sysconfdir=/etc --prefix=/usr/local

make

pfexec make install

This causes coolkey to compile cleanly, but results in numerous linker errors at runtime. I suspect that's because pcsc-lite was compiled with the Sun Studio compiler while coolkey was compiled with gcc. (This issue has been resolved. See below).

As of the current pcsc-lite and ccid "betas" provided on Ludovic Rouseau's website (http://ludovic.rousseau.free.fr/softwares/pcsc-lite/), it is now possible to compile both pcsc-lite and ccid on OpenSolaris:

Here are the compiler flags I used to compile pcsc-lite-1.5.6-svn-4744 with gcc-3.4.3:

env CFLAGS="-g" CPPFLAGS="-DDEBUG" LDFLAGS="-g" PTHREAD_CFLAGS="-pthreads" LIBUSB_CFLAGS="-I/usr/include" LIBUSB_LDFLAGS="-L/usr/lib -lusb" CPPFLAGS="-D_TS_ERRNO" LDFLAGS="-R/usr/local/lib:/usr/lib" PKG_CONFIG_PATH=/usr/local/lib/pkgconfig ./configure --disable-libhal --enable-libusb

make
pfexec make install

And ccid-1.3.11-svn-4750 also using gcc-3.4.3:

env PCSC_CFLAGS=-I/usr/local/include/PCSC PCSC_LIBS="-L/usr/local/lib -lpcsclite" LIBUSB_CFLAGS=-I/usr/include LIBUSB_LIBS="-L/usr/lib -lusb" ./configure --sysconfdir=/etc --prefix=/usr/local --enable-usbdropdir=/usr/local/pcsc/drivers

make
pfexec make install

And coolkey-1.1.0 is compiled as noted above, once again with gcc-3.4.3.

There are no more readily apparent linker errors at runtime, and the gcc-compiled pcsc-lite and ccid appear to function normally.

Unfortunately, attempting to add /usr/local/lib/pkcs11/libcoolkeypk11.so as a Security Module in Firefox-3.5.7 fails with an "unable to add module" error. This error occurs whether pcscd is running or not, whether a card reader is plugged in or not, and whether a Common Access Card is inserted into the card reader and recognized by pcsc or not. Firefox refuses to add the module every time.

I don't suppose I'm missing anything obvious here?
Nothing I can see.

I would expect libcoolkeypk11 to load even if there are no readers.

The most obvious issue would be missing library dependencies. On linux we have an ldd command that will dump what libraries are used, I suspsect solaris has something similar.

The next think might be grab a copy of NSS and build it (https://developer.mozilla.org/NSS_3.12.5_release_notes). In the mozilla/security/nss/cmd there is a tool called pk11util, and some sample scripts. It will let you try to initialize pkcs 11 modules without all the rest of NSS and firefox.
You can at least see what stage the failure is coming from (dlopen, C_Initialize, etc).

bob
_______________________________________________ Coolkey-devel mailing list Coolkey-devel@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/coolkey-devel

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

_______________________________________________
Coolkey-devel mailing list
Coolkey-devel@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/coolkey-devel

[Index of Archives]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Women]

  Powered by Linux