VMware Communities
ArthurMagner
Contributor
Contributor

virtual CCID Bug: Smartcard Reset

There is an error in thre implementation of the usbccid of Workstation, and Fusion.  Look at the bold quote below.

https://pcsclite.alioth.debian.org/ccid/unsupported.html#0x0E0F0x0004

USB descriptor: readers/VMware_Virtual_USB_CCID2.txt

Features: PIN Verification, PIN Modification

Limitations: No extended APDU

The dwFeatures looks to be incorrect. IFSD negoctiation by the driver is rejected. After a change to add CCID_CLASS_AUTO_IFSD then PC_to_RDR_GetSlotStatus fails with LIBUSB_ERROR_TIMEOUT. This reader is found in VMware workstation player 12 64 bit on Windows 7.

In CCID release: 1.4.23

VMWare virtual CCID reader bugs

MickFlemm

10 Replies
ElinorFrank
Contributor
Contributor

Hi Arthur,

did you get any response yet?

I'm currently working on an application where we'd have to make use of signatures a lot.

Before I found your bug report we made tons of tests with different smart cards and SC readers, thinking that this was the origin of our problem.

I hope there will be some solution soon!

Cheers

Elinor

Reply
0 Kudos
ArthurMagner
Contributor
Contributor

No, no response yet.  Left alone in the rain.

Reply
0 Kudos
lancechou
Enthusiast
Enthusiast

Thanks for reporting the issue.

Please could you elaborate the steps to reproduce and what smart card and reader you were using.

Thanks,

Lance

Reply
0 Kudos
ArthurMagner
Contributor
Contributor

My test setup is an Ubuntu 16.04 host with Workstation Player 12, pcsclite 1.8.20 ccid-1.4.22

the guest are various windows machines, they use the readers in shared mode (to the guest the reader is presented as the virtual card reader by vmWare).

The errors occur about every 250 to 1000 signatures...

symptom: signature creation sometimes not possible, next try works after a short time-out

error codes:  "The smart card has been reset, so any shared state information is invalid." or "Protocol not supported" (the second occurs seldom)

it is important to note that the next signature attempt works, although nothing else changes (same routines, same APDU, same protocol...)

readers:Gemalto CT40,CHERRY TC 1100

cards:CARDOS 5.3

there is an discussion on github https://github.com/LudovicRousseau/CCID/pull/24

and a description of the virtual card reader problems is here:

https://pcsclite.alioth.debian.org/ccid/unsupported.html#0x0E0F0x0004

USB descriptor: readers/VMware_Virtual_USB_CCID2.txt

Features: PIN Verification, PIN Modification

Limitations: No extended APDU

The dwFeatures looks to be incorrect. IFSD negoctiation by the driver is rejected. After a change to add CCID_CLASS_AUTO_IFSD then PC_to_RDR_GetSlotStatus fails with LIBUSB_ERROR_TIMEOUT. This reader is found in VMware workstation player 12 64 bit on Windows 7.

In CCID release: 1.4.23

Reply
0 Kudos
lancechou
Enthusiast
Enthusiast

Thanks for the help. I will take a look and get back to you

--Lance

Reply
0 Kudos
lancechou
Enthusiast
Enthusiast

Hi Arthur,

  I just took a look at the patch you tried to submit to usb-ccid. I think the PC_to_RDR_GetSlotStatus failure with LIBUSB_ERROR_TIMEOUT issue has been resolved as of WS 12.5.

  I'm looking at the incorrect dwFeatures issue and have ordered a gemalto readers for testing. Will update you as soon as I fix it.

Thanks again for reporting the issue.

Lance

ArthurMagner
Contributor
Contributor

Hi Lance,

did you find out anything new?

Arthur

Reply
0 Kudos
lancechou
Enthusiast
Enthusiast

Hi Arthur,

  I tested Gemalto  card reader two weeks ago and it worked without changing any code.

  I guess the issue was caused by the bug I fixed last December and it should work after you upgrade WS to 12.5.5 or later versions.

  But since my reader is CT30 which is different from the one you're using, I just followed the suit and changed bPINSupport as well as deFeatures to the ones you use. I tested the code with all my card readers and all worked fine. You should see it take effect as of 12.5.7.

Thanks,

Lance

Reply
0 Kudos
AKnap
Contributor
Contributor

Problem persisted also on later versions of 12 up to to 12.5.9

on vmware 14 and 15 I can't use it at all... the error states:

"cannot communicate with the card, due to ATR String configuration conflicts"

Reply
0 Kudos
AKnap
Contributor
Contributor

"cannot communicate with the card, due to ATR String configuration conflicts"

One needs to update the vmWareTools!

Arno

Reply
0 Kudos