kamal krishna wrote:
> I also tried with our proprietry card for which i am
> developing the card driver. Error is occuring with it
> also.
>
> I think following is the reason for the error. In XP,
> I think the system is not cleanly closing all the CSP
> context it acquired. This result in CSP not closing
> the all the P11 session it created during first
> certificate logon. Since not all the P11 session is
> not closed, opensc-pkcs11 module maintains the pc/sc
> sesssion it created during the first logon. During
> second logon attempt, opensc-pkcs11 module tries to
> use the same pc/sc session.
Yes that is what I think I am seeing too. Not sure if
this is a Windows or IdAlly problem. And in addition
it does not close the opensc-debug.txt file after login
indicating it still has open sessions or at least did not
call C_Finalize which should close the debug file.
> But since we have removed
> and inserted the card in the middle for getting PIN
> prompt in winlogon, we are getting the error.
Yes, and in the normal case the card would be removed
after login, and especially after a logout or screen lock
as the user may leave the area.
I was able to do some testing of 0.11.3-pre2 on XP and
it has the same problem. I did find one bug, see ticket
#149.
>
> I may like to work on this issue provided time permit.
> But i like some others also to confirm this behaviour
> before starting my work.
>
> Regards,
> Kamal.
> --- "Douglas E. Engert" <deengert anl.gov> wrote:
>
>> I see you have two theards active on the mailing
>> list.
>> You have a PIV card, and some other card you are
>> trying to
>> initialize. What is the other card?
>>
>> kamal krishna wrote:
>>> Hi,
>>> Today i tried certificate logon in XP with PIV
>> card.
>>> As i told you before, first certificate logon
>> after
>>> reboot succeeded. But the second logon failed.
>>>
>>> I have attached the opensc log files with
this.
>> This
>>> log file contain entries for first successful
>> logon
>>> and second failed logon.
>>>
>>> Please give your opinion.
>>>
>>> Regards,
>>> Kamal.
>>>
>>> --- "Douglas E. Engert"
<deengertanl.gov> wrote:
>>>
>>>> kamal krishna wrote:
>>>>> Hi all,
>>>>> I tried certificate logon with
"Identity
>> Alliance
>>>> CSP"
>>>>> and opensc-pkcs11 module in XP machine.
The
>>>>> certificate logon works fine for the
first time.
>>>> But
>>>>> if we logoff and again tries to do
certificate
>>>> logon,
>>>>> the logon fails second time.
>>>>>
>>>>> I want to confirm whether it is a
issue.
>>>> Works OK for me.
>>>>
>>>>> I analysed the opensc log files. I
think
>> following
>>>> is
>>>>> the reason for the error. In XP,
opensc-pkcs11
>>>> module
>>>>> maintains the pc/sc smartcard
connection during
>>>> the
>>>>> first certificate logon. And it uses
the same
>>>> pc/sc
>>>>> connection for the second certificate
logon
>> also.
>>>> But
>>>>> since we removed and inserted the card
in the
>>>> middle
>>>>> for getting PIN prompt in winlogon, we
are
>> getting
>>>> the
>>>>> error.
>>>> Sounds like the card failed to do an
unlock() at
>>>> some time
>>>> and so the pcsc connection might still be
active.
>>>> What type/version of IdAlly, OpenSC, card
and
>> reader
>>>> are
>>>> you using?
>>>>
>>>> I am using IdAlly-1.0, SCB-0.8 (
>>>> PIV card and pcmcia GemPC card.
>>>>
>>>> Note scb-0.8 is based on OpenSC-0.11.2 but
the
>>>> version numbers in the opensc-pkcs11.dll
says
>>>> 0.11.1.
>>>>
>>>>
>>>>> Can any one please tell me whether it
is a issue
>>>> and
>>>>> Is there any way to solve this.
>>>>>
>>>>> Regards,
>>>>> Kamal.
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>
____________________________________________________________
________________________
>>>>> Sick sense of humor? Visit Yahoo! TV's
>>>>> Comedy with an Edge to see what's on,
when.
>>>>> http://tv.yahoo.c
om/collections/222
>>>>>
_______________________________________________
>>>>> opensc-devel mailing list
>>>>> opensc-devellists.opensc-project.org
>>>>>
> http://www.opensc-project.org/mailman/listinfo/opensc
-devel
>>>> --
>>>>
>>>> Douglas E. Engert <DEEngertanl.gov>
>>>> Argonne National Laboratory
>>>> 9700 South Cass Avenue
>>>> Argonne, Illinois 60439
>>>> (630) 252-5444
>>>>
>>>
>>>
>>>
>>>
>
____________________________________________________________
________________________
>>> Be a better Heartthrob. Get better
relationship
>> answers from someone who knows. Yahoo! Answers -
>> Check it out.
> http://answers.yahoo.com/dir/?link=list&sid=3965454
33
>>>
>>>
>
------------------------------------------------------------
------------
>>>
_______________________________________________
>>> opensc-devel mailing list
>>> opensc-devellists.opensc-project.org
>>>
> http://www.opensc-project.org/mailman/listinfo/opensc
-devel
>> --
>>
>> Douglas E. Engert <DEEngertanl.gov>
>> Argonne National Laboratory
>> 9700 South Cass Avenue
>> Argonne, Illinois 60439
>> (630) 252-5444
>>
>
>
>
>
____________________________________________________________
________________________
> Park yourself in front of a world of choices in
alternative vehicles. Visit the Yahoo! Auto Green Center.
> http://autos.yah
oo.com/green_center/
>
>
--
Douglas E. Engert <DEEngertanl.gov>
Argonne National Laboratory
9700 South Cass Avenue
Argonne, Illinois 60439
(630) 252-5444
_______________________________________________
opensc-devel mailing list
opensc-devellists.opensc-project.org
http://www.opensc-project.org/mailman/listinfo/opensc
-devel
|
