Re: Problems accessing ActivIdentity USB SIM under Gentoo Linux 64 bit on Intel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Robert,

I've never seen Coolkey work with PIV, but all the cards I've used are hybrid CAC/PIV, so Coolkey uses the CAC applet. OpenSC handles PIV just fine and works with the same cards.

- David


-----Original Message-----
From: Robert Relyea <rrelyea@xxxxxxxxxx>
To: Lyall Pearce <lyall.pearce@xxxxxxxxx>
Cc: coolkey-devel@xxxxxxxxxx
Sent: Thu, Jan 20, 2011 5:27 pm
Subject: Re: Problems accessing ActivIdentity USB SIM under Gentoo Linux 64 bit on Intel

On 01/20/2011 04:47 PM, Lyall Pearce wrote:
I have been attempting to get an ActivIdentity USB Token working on my Gentoo Linux 64 bit Intel system.

What firmware are you running on your ActivIdentity USB Token?
Coolkey only supports CAC and coolkey applets. Possibly PIV, but I've not gotten my hands on any PIV cards to test.

I have it working just fine on a Gentoo Linux 32 bit Intel system, however, I am unable to pkcs11_inspect the device on the 64 bit system.

I have seen it work just once.
I thought pkcs11_inspect goes directly to pcscd, so that would be before coolkey comes into play, but if that was the case ludovic would not have told you that the problem is likely in libcoolkey.

Basically, I am looking for guidance on what I need to supply, in order to assist with diagnosing this problem.

I have already been through the Muscle Mailing list and have been told, after supplying all sorts of output, that there is no problem with the PC/.SC level and to push back to the libcoolkey maintainers (by Dr Ludovic Rousseau).


Symptoms include
  • Hanging for what appears to be a minute before stating there is no token available
  • Simply stating there is no token available with virtually no delay
What are you running that returns this? pkcs11_instapec.
Curiously, I am unsure if it's coolkey or PC/SC but on the working 32 bit system, reads fail every third time, and I am not the only one to see this.

Hmm I'm running RHEL-6 and Fedora on both 32 bit and 64 bit systems. My guess is that you may be running into some timing issue with the ActivIdentity Token. Do you have access to some other version of linux with the same drivers installed to see if you have the same issues?

I am currently using Gentoo ebuild of coolkey 1.1.0-r3 where the gentoo patches include 9 separate patches, which include
  • cache-dir-move.patch
  • gcc43.patch
  • latest.patch
  • simple-bugs.patch
  • thread-fix.patch
  • cac.patch
  • cac-1.patch
  • pcsc-lite-fix.patch
The individual patches can be found at a  Gentoo distfiles mirror
Those appear to be the latest patches.

I am using kernel 2.6.35-gentoo-r15 and can supply any version info, if required. I am also able to build libraries with -g or any other build flags that may provide additional info, if required.

Any assistance would be greatly appreciated.
--
...Lyall


_______________________________________________
Coolkey-devel mailing list
Coolkey-devel@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/coolkey-devel
_______________________________________________
Coolkey-devel mailing list
Coolkey-devel@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/coolkey-devel

[Index of Archives]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Women]

  Powered by Linux