GET_FEATURE_REQUEST not implemented, causing errors with OpenPGP on Windows
SteffanDonal opened this issue · 3 comments
Expected behaviour
BixVReader handles and responds to IOCTL_SMARTCARD_GET_FEATURE_REQUEST
messages.
Actual behaviour
The message is not handled, and an error is logged, marking the message as "Not supported":
[BixVReader]End section:CMyDevice::ProcessIoControl elapsed:0
[BixVReader]Start section:CMyDevice::ProcessIoControl
[BixVReader][IOCT]IOCTL 00313520 - In 0 Out 264
[BixVReader][IOCT]ERROR_NOT_SUPPORTED:00313520
[BixVReader]End section:CMyDevice::ProcessIoControl elapsed:0
The event viewer shows:
Smart Card Reader 'Virtual Smart Card Architecture Virtual PCD 0' rejected IOCTL 0x313520: The request is not supported. If this error persists, your smart card or reader may not be functioning correctly.
IOCTL: 0x313520
CommandHeader: XX XX XX XX
Steps to reproduce
- Set up vpcd as usual.
- Set up OpenSC as usual. (For OpenPGP Minidriver on Windows)
- Set up Remote Smart Card Reader (Smart Card Reader on FDroid) as normal.
- Try to use one of "MySmartLogon"'s services that support smart cards with an OpenPGP Smart Card. EIDAuthenticate is a good candidate. It will fail with an error "Internal consistency check failed", which directly correlates with the logs above.
What I'm trying to do to solve this
Digging around, I may need to implement handling of the message in BixVReader to progress further. I found this specification document that shows the expected handling of the message, and as far as I can tell, it simply needs to be responded to. I think it might be acceptable not to populate any TLV structures as that's only required of "Class 2" drivers.
Edit: Looking at OpenSC's source here I can see that it shouldn't care if no TLV structures are provided. Just a surface-level observation, however.
Do you think that assumption is correct? I will likely come back to this in a few weeks to investigate myself if I don't hear back; setting up a test environment for driver dev on Windows seems like a pain
I'm so close to having everything I need!
Why do you think that the non-functioning EIDAuthenticate is related to the log message that GET_FEATURE_REQUEST is not supported?
- EIDAuthenticate's source code (community) doesn't use any SCardControl command let alone one with a GET_FEATURE_REQUEST
- SCardControl is typically a command that doesn't need to be completed successfully for every possible request.
- In the Linux code, we've recently implemented some of the TLV commands, feel free to port this to the Windows implementation 258ebe2
This issue reports a similar error message OpenSC/OpenSC#2155
It turns out, that you need to activate the OpenSC minidriver by registering the ATR in the regestry so that OpenSC actually gets loaded for your card.
Hey @frankmorgner
Thanks for the response; I've done some more digging on my end and tried a physical reader plugged directly into the PC, and I'm still getting this issue (and others) from all software I'm attempting to use.
When I posted the issue, I had already created an entry in the registry with the ATR of my particular card. I verified with certutil
that it was being loaded correctly.
I'm closing this as it's not a problem with BixVReader or the Smart Card Reader companion app!
Cheers.