I get Card Not Present in Security Devices of FireFox browser?!

classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

I get Card Not Present in Security Devices of FireFox browser?!

Rns Course
Hi all;

I have a Smart Card (SmartCafe Expert 3.2 72k with JavaCard 2.2.1 and GP 2.1.1).
I could compile Muscle Applet 0.9.11 source code with JavaCard kit 2.2.1 and jdk 1.4.1, the CardEdge.cap file was generated and then, load and install it on the card using GPShell 1.4.4 successfuly!

Now, I want to use (or integrate) this card in OpenSC to be used as a Cryptographic Token (Smart Card!)
First, I've initialized the applet by the command given on the OpenSC site:
(HERE) http://www.opensc-project.org/opensc/wiki/MuscleApplet
And everything was OK!
Then, I've downloaded and installed opensc-0.12.2.msi package (32 & 64 bit) on windows 7 (64 bit).
I've modified "opensc.conf" file by the card ATR and "muscle" as the card driver. 
Test with the command "opensc-tool -n" was OK and I saw "MuscleApplet" as the card driver in response!

Now, I want to test it with Mozilla FireFox and a CA server (in here, EJBCA) to generate a keypair in smart card (using muscle applet) and issue a certificate to be loaded on the card (by opensc pkcs11 library);

I do the following in FireFox :
Options> Advanced> Encryption> Security Devices> Load> (opensc-pkcs11.dll in system32 or syswow64 folders).
After that, the driver of reader (in here, Omnikey CardMan3x21) is displayed in the list of Device Manager window.

BUT, when I click on it, the status is "Not Present" ! while the card is in the reader and detected by opensc-tool (-n option)!!!

How can I fix this problem?
Is there some settings that may be ignored in the procedure to have this java card ready to do Cryptographic and Authentication tasks?

Help me please, I've searched so much to solve this problem with NO RESULT!!!!

Thanks In Advance. 
 




_______________________________________________
opensc-devel mailing list
[hidden email]
http://www.opensc-project.org/mailman/listinfo/opensc-devel
Reply | Threaded
Open this post in threaded view
|

Re: I get Card Not Present in Security Devices of FireFox browser?!

Douglas E. Engert


On 11/14/2012 9:48 AM, Rns Course wrote:

> Hi all;
>
> I have a Smart Card (SmartCafe Expert 3.2 72k with JavaCard 2.2.1 and GP 2.1.1).
> I could compile Muscle Applet 0.9.11 source code with JavaCard kit 2.2.1 and jdk 1.4.1, the CardEdge.cap file was generated and then, load and install it on the card using GPShell 1.4.4 successfuly!
>
> Now, I want to use (or integrate) this card in OpenSC to be used as a Cryptographic Token (Smart Card!)
> First, I've initialized the applet by the command given on the OpenSC site:
> (HERE) http://www.opensc-project.org/opensc/wiki/MuscleApplet
> And everything was OK!
> Then, I've downloaded and installed opensc-0.12.2.msi package (32 & 64 bit) on windows 7 (64 bit).
> I've modified "opensc.conf" file by the card ATR and "muscle" as the card driver.
> Test with the command "opensc-tool -n" was OK and I saw "MuscleApplet" as the card driver in response!
>
> Now, I want to test it with Mozilla FireFox and a CA server (in here, EJBCA) to generate a keypair in smart card (using muscle applet) and issue a certificate to be loaded on the card (by opensc
> pkcs11 library);
>
> I do the following in FireFox :
> Options> Advanced> Encryption> Security Devices> Load> (opensc-pkcs11.dll in system32 or syswow64 folders).
> After that, the driver of reader (in here, Omnikey CardMan3x21) is displayed in the list of Device Manager window.
>
> BUT, when I click on it, the status is "Not Present" ! while the card is in the reader and detected by opensc-tool (-n option)!!!
>
> How can I fix this problem?
> Is there some settings that may be ignored in the procedure to have this java card ready to do Cryptographic and Authentication tasks?
>
> Help me please, I've searched so much to solve this problem with NO RESULT!!!!

In the opensc.conf set the debug = 8; and define a debug_file.

This might give a clue as to how far OpenSC has got with the card.

It could also be that if there is no certificate or key on the card,
Mozilla is not interested in using it.


>
> Thanks In Advance.
>
>
>
>
>
> _______________________________________________
> opensc-devel mailing list
> [hidden email]
> http://www.opensc-project.org/mailman/listinfo/opensc-devel
>

--

  Douglas E. Engert  <[hidden email]>
  Argonne National Laboratory
  9700 South Cass Avenue
  Argonne, Illinois  60439
  (630) 252-5444


_______________________________________________
opensc-devel mailing list
[hidden email]
http://www.opensc-project.org/mailman/listinfo/opensc-devel
Reply | Threaded
Open this post in threaded view
|

Re: I get Card Not Present in Security Devices of FireFox browser?!

Rns Course
Hello and Thanks for your help!
I set the debug level and found the problem, that was because of absence of "muscle.profile" file in the profiles folder of opensc (0.12.2).
And now, firefox shows ready state for the smart card;
But, it's not initialized yet. I mean, pkcs15 initialization phase is not done.
I've tried "pkcs15-init.exe" tool (in opensc.0.12.2 package) with this command:
pkcs15-init --create-pkcs15
And saw this result:

Failed to read PIN: Not supported
Failed to create PKCS #15 meta structure: Generic PKCS#15 initialization error
I've searched about this error and seems that it's a bug in opensc 0.12.2, Am I right?
Is there a patch for it in opensc 0.12.3 ?
Here's the content of debug file:
---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
[pkcs15-init] reader-pcsc.c:293:refresh_attributes: returning with: 0 (Success)
              Initial protocol: T=1
     ATR     : 3b:f7:18:00:00:80:31:fe:45:73:66:74:65:2d:6e:66:c4
              ATR try : 3b:f7:18:00:00:80:31:fe:45:73:66:74:65:2d:6e:66:c4
              matching configured ATRs
              trying driver: muscle
     ATR     : 3b:f7:18:00:00:80:31:fe:45:73:66:74:65:2d:6e:66:c4
              ATR try : 3b:f7:18:00:00:80:31:fe:45:73:66:74:65:2d:6e:66:c4
              matched: MuscleApplet
              ATR     : 3b:f7:18:00:00:80:31:fe:45:73:66:74:65:2d:6e:66:c4
             
 ATR
 try : 3b:d5:18:00:81:31:3a:7d:80:73:c8:21:10:30
         ignored - wrong length
              ATR try : 3b:f8:13:00:00:81:31:fe:45:4a:43:4f:50:76:32:34:31:b7
              ignored - wrong length
              ATR try : 3b:88:80:01:4a:43:4f:50:76:32:34:31:5e
              ignored - wrong length
              card info name:'MuscleApplet', type:-1, flags:0x2,
 max_send/recv_size:0/0
[pkcs15-init] card.c:225:sc_connect_card: returning with: 0 (Success)
[pkcs15-init] card.c:292:sc_lock: called
[pkcs15-init] reader-pcsc.c:511:pcsc_lock: called
[pkcs15-init] pkcs15-lib.c:296:sc_pkcs15init_bind: called
[pkcs15-init] card.c:720:sc_card_ctl: called
              card_ctl(4) not supported
              called; type=2, path=3f0050154946
[pkcs15-init] apdu.c:525:sc_transmit_apdu: called
[pkcs15-init] card.c:292:sc_lock: called
              reader 'OMNIKEY
 CardMan 3x21 0'
              Outgoing APDU data [    5 bytes] =====================================
              B0 58 00 00 0E .X...
              ======================================================================
[pkcs15-init] reader-pcsc.c:176:pcsc_internal_transmit: called
              Incoming APDU data [    2 bytes] =====================================
              9C 12 ..
              ======================================================================
[pkcs15-init] card.c:330:sc_unlock: called
[pkcs15-init] apdu.c:525:sc_transmit_apdu: called
[pkcs15-init] card.c:292:sc_lock: called
              reader 'OMNIKEY CardMan 3x21 0'
              Outgoing APDU data [    5 bytes] =====================================
              B0 58 00 00 0E .X...
              ======================================================================
[pkcs15-init] reader-pcsc.c:176:pcsc_internal_transmit: called
              Incoming APDU data [    2 bytes] =====================================
              9C 12 ..
              ======================================================================
[pkcs15-init] card.c:330:sc_unlock: called
[pkcs15-init] card-muscle.c:371:select_item: returning with: -1201 (File not found)
[pkcs15-init] card-muscle.c:440:muscle_select_file: returning with: -1201 (File not found)
[pkcs15-init]
 card.c:597:sc_select_file: returning with: -1201 (File not found)
[pkcs15-init] profile.c:327:sc_profile_load: called
              Using profile directory 'C:\Program Files
 (x86)\OpenSC Project\OpenSC\profiles'.
              Trying profile file C:\Program Files (x86)\OpenSC Project\OpenSC\profiles\pkcs15.profile
              profile C:\Program Files (x86)\OpenSC Project\OpenSC\profiles\pkcs15.profile loaded ok
[pkcs15-init] profile.c:380:sc_profile_load: returning with: 0 (Success)
[pkcs15-init] profile.c:327:sc_profile_load:
 called
              Using profile
 directory 'C:\Program Files (x86)\OpenSC Project\OpenSC\profiles'.
              Trying profile file C:\Program Files (x86)\OpenSC Project\OpenSC\profiles\muscle.profile
              profile C:\Program Files (x86)\OpenSC Project\OpenSC\profiles\muscle.profile loaded ok
[pkcs15-init] profile.c:380:sc_profile_load: returning with: 0 (Success)
[pkcs15-init]
 profile.c:392:sc_profile_finish: called
[pkcs15-init]
 profile.c:435:sc_profile_finish: returning with: 0 (Success)
[pkcs15-init] pkcs15-lib.c:378:sc_pkcs15init_bind: returning with: 0 (Success)
[pkcs15-init] card.c:330:sc_unlock: called
[pkcs15-init] reader-pcsc.c:548:pcsc_unlock: called
[pkcs15-init] card.c:242:sc_disconnect_card: called
[pkcs15-init]
 reader-pcsc.c:498:pcsc_disconnect: called
[pkcs15-init] card.c:258:sc_disconnect_card: returning with: 0
 (Success)
[pkcs15-init] ctx.c:737:sc_release_context: called
[pkcs15-init] reader-pcsc.c:736:pcsc_finish: called
----------------------------------------------------------------------------------------------------------------------------
Here's the content of debug file My card ATR is: 
3b:f7:18:00:00:80:31:fe:45:73:66:74:65:2d:6e:66:c4
The main problem is due to the following lines:
[pkcs15-init] card-muscle.c:371:select_item: returning with: -1201 (File not found)
[pkcs15-init] card-muscle.c:440:muscle_select_file: returning with: -1201 (File not found)
[pkcs15-init] card.c:597:sc_select_file: returning with: -1201 (File not found)

How should I fix this problem?
I also tried opensc 0.12.1 and 0.12.0 with no success in the initialization task!
I prefer to use the newest version
 (0.12.2 or higher), could you help me again with that?
Thank you very much.


From: Douglas E. Engert <[hidden email]>
To: [hidden email]
Sent: Wednesday, 14 November 2012, 20:28:44
Subject: Re: [opensc-devel] I get Card Not Present in Security Devices of FireFox browser?!

On 11/14/2012 9:48 AM, Rns Course wrote:
> Hi all;
>
> I have a Smart Card (SmartCafe Expert 3.2 72k with JavaCard 2.2.1 and GP 2.1.1).
> I could compile Muscle Applet 0.9.11 source code with JavaCard kit 2.2.1 and jdk 1.4.1, the CardEdge.cap file was generated and then, load and install it on the card using GPShell 1.4.4 successfuly!
>
> Now, I want to use (or integrate) this card in OpenSC to be used as a Cryptographic Token (Smart Card!)
> First, I've initialized the applet by the command given on the OpenSC site:
> And everything was OK!
> Then, I've downloaded and installed opensc-0.12.2.msi package (32 & 64 bit) on windows 7 (64 bit).
> I've modified "opensc.conf" file by the card ATR and "muscle" as the card driver.
> Test with the command "opensc-tool -n" was OK and I saw "MuscleApplet" as the card driver in response!
>
> Now, I want to test it with Mozilla FireFox and a CA server (in here, EJBCA) to generate a keypair in smart card (using muscle applet) and issue a certificate to be loaded on the card (by opensc
> pkcs11 library);
>
> I do the following in FireFox :
> Options> Advanced> Encryption> Security Devices> Load> (opensc-pkcs11.dll in system32 or syswow64 folders).
> After that, the driver of reader (in here, Omnikey CardMan3x21) is displayed in the list of Device Manager window.
>
> BUT, when I click on it, the status is "Not Present" ! while the card is in the reader and detected by opensc-tool (-n option)!!!
>
> How can I fix this problem?
> Is there some settings that may be ignored in the procedure to have this java card ready to do Cryptographic and Authentication tasks?
>
> Help me please, I've searched so much to solve this problem with NO RESULT!!!!

In the opensc.conf set the debug = 8; and define a debug_file.

This might give a clue as to how far OpenSC has got with the card.

It could also be that if there is no certificate or key on the card,
Mozilla is not interested in using it.


>
> Thanks In Advance.
>
>
>
>
>
> _______________________________________________
> opensc-devel mailing list
>

--

  Douglas E. Engert  <[hidden email]>
  Argonne National Laboratory
  9700 South Cass Avenue
  Argonne, Illinois  60439
  (630) 252-5444


_______________________________________________
opensc-devel mailing list





_______________________________________________
opensc-devel mailing list
[hidden email]
http://www.opensc-project.org/mailman/listinfo/opensc-devel