Difference between revisions of "Smartcard drivers manual installation"

Line 12: Line 12:
 
=Requirements=
 
=Requirements=
  
Required packages
+
==Packages==
  
 
<syntaxhighlight lang="bash">
 
<syntaxhighlight lang="bash">
Line 21: Line 21:
  
  
Required user/group
+
==user/group==
 +
 
 +
Create new user & group
  
 
<syntaxhighlight lang="bash">
 
<syntaxhighlight lang="bash">
Line 29: Line 31:
  
  
>> Adding local user, PCSC, root + our target application user to the PCSCD group (through /etc/group)
+
Register existing users to the new group
 +
 
 +
<syntaxhighlight lang="bash">
 +
vim /etc/group
 +
</syntaxhighlight>
  
 +
Add PCSC, the local user and target application user to the group
 +
 +
<syntaxhighlight lang="bash">
 +
pcscd:x:999:pcsc,myUser,myApplicationUser
 +
</syntaxhighlight>
  
  
  
 +
=HID Driver (step 1)=
  
 
# Try to install HID driver  
 
# Try to install HID driver  

Revision as of 16:07, 11 April 2015


The PCSC library shipped with most distributions is a bit old. Sometimes you might need something more recent.

... In such cases you need to:

  • Compile and install PCSC + its dependencies manually
  • Register a specific smart-card driver, if any is available
  • Manage the start/stop script of PCSC as a service


Requirements

Packages

sudo apt-get install build-essential
sudo apt-get install libudev-dev
sudo apt-get install libusb-1.0.0 libusb-dev


user/group

Create new user & group

sudo adduser --system --no-create-home pcsc
sudo groupadd --system pcscd


Register existing users to the new group

vim /etc/group

Add PCSC, the local user and target application user to the group

pcscd:x:999:pcsc,myUser,myApplicationUser


HID Driver (step 1)

  1. Try to install HID driver

 v4.0.5.5, 2014-12-10 - direct link: http://www.hidglobal.com/drivers/21278

tar xzvf ifdokccid_linux_x86_64-v4.0.5.5.tar.gz cd ifdokccid_linux_x86_64-v4.0.5.5/ sudo ./install

>> FAILURE ! But PCSC libraries are now in /usr/lib/pcsc/drivers/ifdokccid_linux_x86_64-v4.0.5.5.bundle



  1. Install PCSC-lite

unzip pcsclite-latest.zip tar xjvf pcsc-lite-1.8.13.tar.bz2 cd pcsc-lite-1.8.13/ chmod +x configure

  1. NETBOOT trick! You need to export the UDEV library

apt-get install -f apt-get install pkg-config libusb-dev dpkg --configure -a apt-get install -f export LD_LIBRARY_PATH=/usr/local/lib


./configure --enable-usbdropdir=/usr/lib/pcsc/drivers make sudo make install sudo make fix-rights


  1. Install CCID

unzip ccid-latest.zip tar xjvf ccid-1.4.18.tar.bz2 cd ccid-1.4.18/ chmod +x configure ./configure make sudo make install



  1. Install HID driver

cd ifdokccid_linux_x86_64-v4.0.5.5/ sudo ./install

>> OK ! :)



  1. PCSC_SCAN


tar xzvf pcsc-tools-1.4.23.tar.gz make sudo make install


  1. PCSCD boot file

put the following file in /etc/init.d/pcscd

#! /bin/sh
### BEGIN INIT INFO
# Provides: pcscd
# Required-Start:    $local_fs $remote_fs $syslog
# Required-Stop:     $local_fs $remote_fs $syslog
# Should-Start:      udev
# Should-Stop:       udev
# Default-Start:     2 3 4 5
# Default-Stop:      0 1 6
# Short-Description: Daemon to access a smart card using PC/SC
# Description:       The PC/SC daemon is used to dynamically
#                    allocate/deallocate reader drivers at runtime and manage
#                    connections to the readers.
### END INIT INFO

# Authors: 
#   Carlos Prados Bocos <cprados@debian.org>
#   Ludovic Rousseau <rousseau@debian.org>

# Do NOT "set -e"

# PATH should only include /usr/* if it runs after the mountnfs.sh script
PATH=/sbin:/usr/sbin:/bin:/usr/bin:/usr/lib/pcsc/
DESC="PCSC Lite resource manager"
NAME=pcscd
DAEMON=/usr/local/sbin/$NAME
IPCDIR=/var/run/pcscd
PIDFILE=$IPCDIR/$NAME.pid
SCRIPTNAME=/etc/init.d/$NAME

# if you need to pass arguments to pcscd you should edit the file
# /etc/default/pcscd and add a line 
# DAEMON_ARGS="--your-option"

# Exit if the package is not installed
[ -x "$DAEMON" ] || exit 0

# Read configuration variable file if it is present
[ -r /etc/default/$NAME ] && . /etc/default/$NAME

# Load the VERBOSE setting and other rcS variables
. /lib/init/vars.sh

# Define LSB log_* functions.
# Depend on lsb-base (>= 3.0-6) to ensure that this file is present.
. /lib/lsb/init-functions

# get LANG variable (code from /etc/init.d/keymap.sh)
ENV_FILE="none"
[ -r /etc/environment ] && ENV_FILE="/etc/environment"
[ -r /etc/default/locale ] && ENV_FILE="/etc/default/locale"

value=$(egrep "^[^#]*LANG=" $ENV_FILE | tail -n1 | cut -d= -f2)
eval LANG=$value

#
# Function that starts the daemon/service
#
do_start()
{
	# create $IPCDIR with correct access rights
	if [ ! -d $IPCDIR ]
	then
		rm -rf $IPCDIR
		mkdir $IPCDIR
	fi
	chmod 0755 $IPCDIR

	# Return
	#   0 if daemon has been started
	#   1 if daemon was already running
	#   2 if daemon could not be started
	start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON --test > /dev/null \
		|| return 1
	start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON -- \
		$DAEMON_ARGS \
		|| return 2
	# Add code here, if necessary, that waits for the process to be ready
	# to handle requests from services started subsequently which depend
	# on this one.  As a last resort, sleep for some time.
}

#
# Function that stops the daemon/service
#
do_stop()
{
	# Return
	#   0 if daemon has been stopped
	#   1 if daemon was already stopped
	#   2 if daemon could not be stopped
	#   other if a failure occurred
	start-stop-daemon --stop --quiet --retry=3 --pidfile $PIDFILE --name $NAME
	RETVAL="$?"
	[ "$RETVAL" = 2 ] && return 2
}

case "$1" in
  start)
	[ "$VERBOSE" != no ] && log_daemon_msg "Starting $DESC" "$NAME"
	do_start
	case "$?" in
		0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
		2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
	esac
	;;
  stop)
	[ "$VERBOSE" != no ] && log_daemon_msg "Stopping $DESC" "$NAME"
	do_stop
	case "$?" in
		0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
		2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
	esac
	;;
  status)
	  status_of_proc -p "$PIDFILE" "$DAEMON" "$NAME" && exit 0 || exit $?
	  ;;
  restart|force-reload)
	#
	# If the "reload" option is implemented then remove the
	# 'force-reload' alias
	#
	log_daemon_msg "Restarting $DESC" "$NAME"
	do_stop
	case "$?" in
	  0|1)
		do_start
		case "$?" in
			0) log_end_msg 0 ;;
			1) log_end_msg 1 ;; # Old process is still running
			*) log_end_msg 1 ;; # Failed to start
		esac
		;;
	  *)
	  	# Failed to stop
		log_end_msg 1
		;;
	esac
	;;
  *)
	echo "Usage: $SCRIPTNAME {start|stop|status|restart|force-reload}" >&2
	exit 3
	;;
esac

:





REBOOT ----


  1. Driver check

sudo pcscd -v

  • pcsc-lite version 1.8.13
  • usbdropdir=/usr/lib/pcsc/drivers


  1. Manual test

  1. Start the PCSC daemon manually

sudo pcscd -fd

  1. Run the test

pcsc_scan



Sources: