I've never seen Coolkey work with PIV, but all the cards I've used are hybrid CAC/PIV, so Coolkey uses the CAC applet. OpenSC handles PIV just fine and works with the same cards.
- David
-----Original Message-----
From: Robert Relyea <rrelyea@xxxxxxxxxx>
To: Lyall Pearce <lyall.pearce@xxxxxxxxx>
Cc: coolkey-devel@xxxxxxxxxx
Sent: Thu, Jan 20, 2011 5:27 pm
Subject: Re: Problems accessing ActivIdentity USB SIM under Gentoo Linux 64 bit on Intel
From: Robert Relyea <rrelyea@xxxxxxxxxx>
To: Lyall Pearce <lyall.pearce@xxxxxxxxx>
Cc: coolkey-devel@xxxxxxxxxx
Sent: Thu, Jan 20, 2011 5:27 pm
Subject: Re: Problems accessing ActivIdentity USB SIM under Gentoo Linux 64 bit on Intel
On 01/20/2011 04:47 PM, Lyall Pearce wrote:
What firmware are you running on your ActivIdentity USB Token?
Coolkey only supports CAC and coolkey applets. Possibly PIV, but I've not gotten my hands on any PIV cards to test.
Hmm I'm running RHEL-6 and Fedora on both 32 bit and 64 bit systems. My guess is that you may be running into some timing issue with the ActivIdentity Token. Do you have access to some other version of linux with the same drivers installed to see if you have the same issues?
I have been attempting to get an ActivIdentity USB Token working on my Gentoo Linux 64 bit Intel system.
What firmware are you running on your ActivIdentity USB Token?
Coolkey only supports CAC and coolkey applets. Possibly PIV, but I've not gotten my hands on any PIV cards to test.
I thought pkcs11_inspect goes directly to pcscd, so that would be before coolkey comes into play, but if that was the case ludovic would not have told you that the problem is likely in libcoolkey.
I have it working just fine on a Gentoo Linux 32 bit Intel system, however, I am unable to pkcs11_inspect the device on the 64 bit system.
I have seen it work just once.
Basically, I am looking for guidance on what I need to supply, in order to assist with diagnosing this problem.
I have already been through the Muscle Mailing list and have been told, after supplying all sorts of output, that there is no problem with the PC/.SC level and to push back to the libcoolkey maintainers (by Dr Ludovic Rousseau).
What are you running that returns this? pkcs11_instapec.
Symptoms include
- Hanging for what appears to be a minute before stating there is no token available
- Simply stating there is no token available with virtually no delay
Curiously, I am unsure if it's coolkey or PC/SC but on the working 32 bit system, reads fail every third time, and I am not the only one to see this.
Hmm I'm running RHEL-6 and Fedora on both 32 bit and 64 bit systems. My guess is that you may be running into some timing issue with the ActivIdentity Token. Do you have access to some other version of linux with the same drivers installed to see if you have the same issues?
Those appear to be the latest patches.
I am currently using Gentoo ebuild of coolkey 1.1.0-r3 where the gentoo patches include 9 separate patches, which include
The individual patches can be found at a Gentoo distfiles mirror
- cache-dir-move.patch
- gcc43.patch
- latest.patch
- simple-bugs.patch
- thread-fix.patch
- cac.patch
- cac-1.patch
- pcsc-lite-fix.patch
I am using kernel 2.6.35-gentoo-r15 and can supply any version info, if required. I am also able to build libraries with -g or any other build flags that may provide additional info, if required.
Any assistance would be greatly appreciated.
--
...Lyall
_______________________________________________ Coolkey-devel mailing list Coolkey-devel@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/coolkey-devel
_______________________________________________ Coolkey-devel mailing list Coolkey-devel@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/coolkey-devel
