frankmorgner / vsmartcard

umbrella project for emulation of smart card readers or smart cards
http://frankmorgner.github.io/vsmartcard/
712 stars 200 forks source link

GET_FEATURE_REQUEST not implemented, causing errors with OpenPGP on Windows #246

Closed SteffanDonal closed 1 year ago

SteffanDonal commented 1 year ago

Expected behaviour

BixVReader handles and responds to IOCTL_SMARTCARD_GET_FEATURE_REQUEST messages.

Actual behaviour

The message is not handled, and an error is logged, marking the message as "Not supported":

[BixVReader]End section:CMyDevice::ProcessIoControl elapsed:0   
[BixVReader]Start section:CMyDevice::ProcessIoControl   
[BixVReader][IOCT]IOCTL 00313520 - In 0 Out 264 
[BixVReader][IOCT]ERROR_NOT_SUPPORTED:00313520  
[BixVReader]End section:CMyDevice::ProcessIoControl elapsed:0   

The event viewer shows:

Smart Card Reader 'Virtual Smart Card Architecture Virtual PCD 0' rejected IOCTL 0x313520: The request is not supported.  If this error persists, your smart card or reader may not be functioning correctly.

IOCTL: 0x313520
CommandHeader: XX XX XX XX

Steps to reproduce

  1. Set up vpcd as usual.
  2. Set up OpenSC as usual. (For OpenPGP Minidriver on Windows)
  3. Set up Remote Smart Card Reader (Smart Card Reader on FDroid) as normal.
  4. Try to use one of "MySmartLogon"'s services that support smart cards with an OpenPGP Smart Card. EIDAuthenticate is a good candidate. It will fail with an error "Internal consistency check failed", which directly correlates with the logs above.

What I'm trying to do to solve this

Digging around, I may need to implement handling of the message in BixVReader to progress further. I found this specification document that shows the expected handling of the message, and as far as I can tell, it simply needs to be responded to. I think it might be acceptable not to populate any TLV structures as that's only required of "Class 2" drivers.

Edit: Looking at OpenSC's source here I can see that it shouldn't care if no TLV structures are provided. Just a surface-level observation, however.

Do you think that assumption is correct? I will likely come back to this in a few weeks to investigate myself if I don't hear back; setting up a test environment for driver dev on Windows seems like a pain 😉

I'm so close to having everything I need!

frankmorgner commented 1 year ago

Why do you think that the non-functioning EIDAuthenticate is related to the log message that GET_FEATURE_REQUEST is not supported?

frankmorgner commented 1 year ago

This issue reports a similar error message https://github.com/OpenSC/OpenSC/issues/2155

It turns out, that you need to activate the OpenSC minidriver by registering the ATR in the regestry so that OpenSC actually gets loaded for your card.

SteffanDonal commented 1 year ago

Hey @frankmorgner

Thanks for the response; I've done some more digging on my end and tried a physical reader plugged directly into the PC, and I'm still getting this issue (and others) from all software I'm attempting to use.

When I posted the issue, I had already created an entry in the registry with the ATR of my particular card. I verified with certutil that it was being loaded correctly.

I'm closing this as it's not a problem with BixVReader or the Smart Card Reader companion app! Cheers.