Menu
▾
▴
Re: [Opensc-devel] Question about multiple applications
|
From: Douglas E E. <dee...@gm...> - 2018-12-29 12:59:07
|
I went back and read your other emails, and have some questions below. On 12/18/2018 9:06 PM, Bob Backlund wrote: > Hi, > > Just some question about how the OpenSC PKCS# 11 (DLL) handles the multiple applications using it. > > The scenario is I have two applications, application A and application B loading the same DLL. > > Application B loops continuously, calling C_WaitForSlotEvent and C_GetTokenInfo, basically it just checks for the insert and remove events from the smart card. > > Application A can call C_InitPIN and C_InitToken. You say you have logs, so I assume you have a driver. You also said you where trying to write your own driver and you were simulation a token. Are you trying tying to simulate the token within OpenSC, without using PCSC? If you are NOT using PCSC to coordinate access from 2 applications you are one your own. OpenSC is expecting PCSC or one of the older reader drivers to do the coordination between applications. > > The conflict happens when, while the application B is checking for smart card events, application A then calls C_InitToken, which deletes the smart card contents, and formats it to be a new card, (and > possibly deleting the PKCS# 15 objects) and the next call to C_OpenSession fails returning CKR_TOKEN_NOT_PRESENT error. Is the failing "next call to C_OpenSession" done by A or B? Or by both? OpenSC will assume the card has not changed much from one session to another and may have cached some info about objects and files on the token in memory. But if it receives a PCSC event that says the card was reset or other error from SCardBeginTransaction (which is done when the sc_lock goes from 0 to > 0) OpenSC will discard any cached data and try to reconnect to the card and reread what is needed from the card, and set not logged_in. These are possible return codes for SCard* routines: https://docs.microsoft.com/en-us/windows/desktop/SecAuthN/authentication-return-values > > When I try to check the logs, the state of the smart card become ABSENT , I can see this during the C_InitToken, when sc_detect_card_presence is called. Lower level logs would show where sc_detect_card_presence got the error. > > When I try to run application A, and call C_InitToken without the application B running, I do not encounter this issue, and the smart card does not become ABSENT but instead I can see from the logs > that its state become CHANGED. What are "ABSENT" and "CHANGED" Are they at the PKCS\#11 level or something internal to to your driver, PCSC or OpenSC? > > I am not sure if this is the expected behavior or where or how I should handle it. I am not sure if this is also an issue on the OpenSC PKCS# 11 DLL or the smart card. I tried to look at the available > documentation but couldn't find an answer to this, Very little OpenSC internal documentation, mostly the code. Have you get your driver to run on Linux? It would eliminate possible issues with DLL "Critical Section" If you think you have found bugs in OpenSC, (and not just your driver) you can open a issue on https://github.com/OpenSC/OpenSC/issues Are you willing to share any logs? Doing this via an open issue would be preferred. If you think the DLL "Critical Section" is incorrect, open an issue. > > Your expert opinion is greatly appreciated. > > > Thanks, > > fightingsibuyas > > > _______________________________________________ > Opensc-devel mailing list > Ope...@li... > https://lists.sourceforge.net/lists/listinfo/opensc-devel > -- Douglas E. Engert <DEE...@gm...> |
