Difference between revisions of "Smartcard drivers manual installation"
(PCSC as a service)
 
(3 intermediate revisions by the same user not shown)
Line 7: Line 7:
 
* Register a specific smart-card driver, if any is available
 
* Register a specific smart-card driver, if any is available
 
* Manage the start/stop script of PCSC as a service
 
* Manage the start/stop script of PCSC as a service
 +
* Create the missing symlinks like the ''apt-get'' official package does
  
  
Line 12: Line 13:
 
=Requirements=
 
=Requirements=
  
Required packages
+
==Packages==
  
 
<syntaxhighlight lang="bash">
 
<syntaxhighlight lang="bash">
Line 18: Line 19:
 
sudo apt-get install libudev-dev
 
sudo apt-get install libudev-dev
 
sudo apt-get install libusb-1.0.0 libusb-dev
 
sudo apt-get install libusb-1.0.0 libusb-dev
 +
sudo apt-get install usbutils
 
</syntaxhighlight>
 
</syntaxhighlight>
  
  
Required user/group
+
==user/group==
 +
 
 +
Create new user & group
  
 
<syntaxhighlight lang="bash">
 
<syntaxhighlight lang="bash">
Line 29: Line 33:
  
  
>> Adding local user, PCSC, root + our target application user to the PCSCD group (through /etc/group)
+
Register existing users to the new group
  
 +
<syntaxhighlight lang="bash">
 +
vim /etc/group
 +
</syntaxhighlight>
  
 +
Add PCSC user to the group
  
 +
<syntaxhighlight lang="bash">
 +
pcscd:x:999:pcsc
 +
</syntaxhighlight>
  
  
# Try to install HID driver
 
-----------------------------
 
* Downloading latest stable version from HID http://www.hidglobal.com/drivers
 
  v4.0.5.5, 2014-12-10 - direct link: http://www.hidglobal.com/drivers/21278
 
  
 +
=HID Driver (step 1)=
 +
 +
This step is specific to HID hardware.
 +
 +
* Download latest stable version from HID http://www.hidglobal.com/drivers
 +
 +
 +
Try to install HID driver
 +
 +
<syntaxhighlight lang="bash">
 
tar xzvf ifdokccid_linux_x86_64-v4.0.5.5.tar.gz
 
tar xzvf ifdokccid_linux_x86_64-v4.0.5.5.tar.gz
 
cd ifdokccid_linux_x86_64-v4.0.5.5/
 
cd ifdokccid_linux_x86_64-v4.0.5.5/
 
sudo ./install
 
sudo ./install
 +
</syntaxhighlight>
  
>> FAILURE !
+
This step should be a '''failure'''... But specifics PCSC libs are now in <code>/usr/lib/pcsc/drivers/ifdokccid_linux_x86_64-v4.0.5.5.bundle</code>
But PCSC libraries are now in /usr/lib/pcsc/drivers/ifdokccid_linux_x86_64-v4.0.5.5.bundle
 
  
  
  
 +
=PCSC-lite (Linux driver)=
  
# Install PCSC-lite
+
PCSC lite is the reference Open Source driver on all *nux platforms.
-----------------------
 
* Downloading "pcsclite-latest.zip" from https://alioth.debian.org/projects/pcsclite/
 
  
 +
 +
* Download "pcsclite-latest.zip" from https://alioth.debian.org/projects/pcsclite/
 +
 +
 +
==Install==
 +
 +
Unzip and prepare compilation
 +
 +
<syntaxhighlight lang="bash">
 
unzip pcsclite-latest.zip
 
unzip pcsclite-latest.zip
 
tar xjvf pcsc-lite-1.8.13.tar.bz2
 
tar xjvf pcsc-lite-1.8.13.tar.bz2
 
cd pcsc-lite-1.8.13/
 
cd pcsc-lite-1.8.13/
 
chmod +x configure
 
chmod +x configure
 +
</syntaxhighlight>
 +
  
# NETBOOT trick! You need to export the UDEV library
+
NETBOOT trick You need to perform the following extra-operations in your ''chroot'' environment
 +
<syntaxhighlight lang="bash">
 
apt-get install -f
 
apt-get install -f
 
apt-get install pkg-config libusb-dev
 
apt-get install pkg-config libusb-dev
Line 65: Line 93:
 
apt-get install -f
 
apt-get install -f
 
export LD_LIBRARY_PATH=/usr/local/lib
 
export LD_LIBRARY_PATH=/usr/local/lib
 +
</syntaxhighlight>
 +
  
 +
Configure, compile and install the driver:
  
 +
<syntaxhighlight lang="bash">
 
./configure --enable-usbdropdir=/usr/lib/pcsc/drivers
 
./configure --enable-usbdropdir=/usr/lib/pcsc/drivers
 
make
 
make
 
sudo make install
 
sudo make install
 
sudo make fix-rights
 
sudo make fix-rights
 +
</syntaxhighlight>
  
  
 +
==Create symlinks==
  
# Install CCID
+
The manual installation does not create the same symlinks as the Debian official package.
--------------------
 
* Downloading "ccid-latest.zip" from https://alioth.debian.org/projects/pcsclite/
 
  
unzip ccid-latest.zip
+
You must create the missing links if you'd like to use PCSC_SCAN and the JAVA smartcard I/O.
tar xjvf ccid-1.4.18.tar.bz2
 
cd ccid-1.4.18/
 
chmod +x configure
 
./configure
 
make
 
sudo make install
 
  
 +
<syntaxhighlight lang="bash">
 +
# Find the library (binary)
 +
find / -name libpcsclite.so.1.0.0
 +
 +
# Create symlinks
 +
ln -s /usr/local/lib/libpcsclite.so.1.0.0 /lib/x86_64-linux-gnu/libpcsclite.so.1
 +
ln -s /usr/local/lib/libpcsclite.so.1.0.0 /lib/x86_64-linux-gnu/libpcsclite.so.1.0.0
 +
</syntaxhighlight>
  
  
 +
==Start/Stop script==
  
# Install HID driver
+
Create a new daemon manager, the file must be name ''<code>pcscd</code>''!
-------------------------
 
cd ifdokccid_linux_x86_64-v4.0.5.5/
 
sudo ./install
 
  
>> OK ! :)
+
<syntaxhighlight lang="bash">
 +
vim /etc/init.d/pcscd
 +
</syntaxhighlight>
  
  
 
+
Put the following content:
 
 
# PCSC_SCAN
 
-------------------------
 
* Download latest version of PCSC_SCAN on http://ludovic.rousseau.free.fr/softwares/pcsc-tools/index.html
 
 
 
 
 
tar xzvf pcsc-tools-1.4.23.tar.gz
 
make
 
sudo make install
 
 
 
 
 
# PCSCD boot file
 
------------------------
 
 
 
put the following file in <code>/etc/init.d/pcscd</code>
 
  
 
<syntaxhighlight lang="bash">
 
<syntaxhighlight lang="bash">
Line 264: Line 283:
  
  
 +
==PCSC as a service==
  
 +
Now you can register PCSC as a service.
  
 +
<syntaxhighlight lang="bash">
 +
cd /etc/init.d
 +
chmod 755 pcscd
 +
update-rc.d pcscd defaults
 +
</syntaxhighlight>
 +
 +
=CCID=
 +
 +
CCID is a mandatory dependency of PCSC.
  
 +
* Download "ccid-latest.zip" from https://alioth.debian.org/projects/pcsclite/
  
---- REBOOT ----
 
  
 +
==Install==
  
# Driver check
+
<syntaxhighlight lang="bash">
------------------------
+
unzip ccid-latest.zip
 +
tar xjvf ccid-1.4.18.tar.bz2
 +
cd ccid-1.4.18/
 +
chmod +x configure
 +
./configure
 +
make
 +
sudo make install
 +
</syntaxhighlight>
 +
 
 +
 
 +
==Setup verification==
 +
 
 +
Now you can try to start the PCSC daemon manually:
 +
 
 +
<syntaxhighlight lang="bash">
 
sudo pcscd -v  
 
sudo pcscd -v  
 +
</syntaxhighlight>
  
 
* pcsc-lite version 1.8.13
 
* pcsc-lite version 1.8.13
Line 279: Line 325:
  
  
# Manual test
+
 
------------------------------------------
+
=HID driver (step 2)=
 +
 
 +
<syntaxhighlight lang="bash">
 +
cd ifdokccid_linux_x86_64-v4.0.5.5/
 +
sudo ./install
 +
</syntaxhighlight>
 +
 
 +
This time everything should be OK! :)
 +
 
 +
 
 +
 
 +
=PCSC_SCAN=
 +
 
 +
PCSC_SCAN is small scan utility, very useful to check your configuration / reader status / cards properties...
 +
 
 +
* Download latest version of PCSC_SCAN on http://ludovic.rousseau.free.fr/softwares/pcsc-tools/index.html
 +
 
 +
<syntaxhighlight lang="bash">
 +
tar xzvf pcsc-tools-1.4.23.tar.gz
 +
make
 +
sudo make install
 +
</syntaxhighlight>
 +
 
 +
 
 +
 
 +
--
 +
At this point you must REBOOT your computer for the changes to apply on the whole system.
 +
--
 +
 
 +
 
 +
 
 +
=Test your setup=
 +
 
 +
Proceed to the following tests to ensure your environment is OK.
 +
 
 +
<syntaxhighlight lang="bash">
 
# Start the PCSC daemon manually
 
# Start the PCSC daemon manually
 
sudo pcscd -fd
 
sudo pcscd -fd
 +
 
# Run the test
 
# Run the test
 
pcsc_scan  
 
pcsc_scan  
 +
</syntaxhighlight>
  
  
  
 +
=Sources=
  
 
Sources:
 
 
* HID drivers README file
 
* HID drivers README file
 
* Debian project PCSC: https://alioth.debian.org/projects/pcsclite/
 
* Debian project PCSC: https://alioth.debian.org/projects/pcsclite/

Latest revision as of 16:26, 13 April 2015


The PCSC library shipped with most distributions is a bit old. Sometimes you might need something more recent.

... In such cases you need to:

  • Compile and install PCSC + its dependencies manually
  • Register a specific smart-card driver, if any is available
  • Manage the start/stop script of PCSC as a service
  • Create the missing symlinks like the apt-get official package does


Requirements

Packages

sudo apt-get install build-essential
sudo apt-get install libudev-dev
sudo apt-get install libusb-1.0.0 libusb-dev
sudo apt-get install usbutils


user/group

Create new user & group 

sudo adduser --system --no-create-home pcsc
sudo groupadd --system pcscd


Register existing users to the new group 

vim /etc/group

Add PCSC user to the group 

pcscd:x:999:pcsc


HID Driver (step 1)

This step is specific to HID hardware.


Try to install HID driver 

tar xzvf ifdokccid_linux_x86_64-v4.0.5.5.tar.gz
cd ifdokccid_linux_x86_64-v4.0.5.5/
sudo ./install

This step should be a failure... But specifics PCSC libs are now in /usr/lib/pcsc/drivers/ifdokccid_linux_x86_64-v4.0.5.5.bundle


PCSC-lite (Linux driver)

PCSC lite is the reference Open Source driver on all *nux platforms.



Install

Unzip and prepare compilation 

unzip pcsclite-latest.zip
tar xjvf pcsc-lite-1.8.13.tar.bz2
cd pcsc-lite-1.8.13/
chmod +x configure


♦ NETBOOT trick ♦ You need to perform the following extra-operations in your chroot environment 

apt-get install -f
apt-get install pkg-config libusb-dev
dpkg --configure -a
apt-get install -f
export LD_LIBRARY_PATH=/usr/local/lib


Configure, compile and install the driver: 

./configure --enable-usbdropdir=/usr/lib/pcsc/drivers
make
sudo make install
sudo make fix-rights


Create symlinks

The manual installation does not create the same symlinks as the Debian official package.

You must create the missing links if you'd like to use PCSC_SCAN and the JAVA smartcard I/O. 

# Find the library (binary)
find / -name libpcsclite.so.1.0.0
 
# Create symlinks
ln -s /usr/local/lib/libpcsclite.so.1.0.0 /lib/x86_64-linux-gnu/libpcsclite.so.1
ln -s /usr/local/lib/libpcsclite.so.1.0.0 /lib/x86_64-linux-gnu/libpcsclite.so.1.0.0


Start/Stop script

Create a new daemon manager, the file must be name pcscd! 

vim /etc/init.d/pcscd


Put the following content: 

#! /bin/sh
### BEGIN INIT INFO
# Provides: pcscd
# Required-Start:    $local_fs $remote_fs $syslog
# Required-Stop:     $local_fs $remote_fs $syslog
# Should-Start:      udev
# Should-Stop:       udev
# Default-Start:     2 3 4 5
# Default-Stop:      0 1 6
# Short-Description: Daemon to access a smart card using PC/SC
# Description:       The PC/SC daemon is used to dynamically
#                    allocate/deallocate reader drivers at runtime and manage
#                    connections to the readers.
### END INIT INFO

# Authors: 
#   Carlos Prados Bocos <cprados@debian.org>
#   Ludovic Rousseau <rousseau@debian.org>

# Do NOT "set -e"

# PATH should only include /usr/* if it runs after the mountnfs.sh script
PATH=/sbin:/usr/sbin:/bin:/usr/bin:/usr/lib/pcsc/
DESC="PCSC Lite resource manager"
NAME=pcscd
DAEMON=/usr/local/sbin/$NAME
IPCDIR=/var/run/pcscd
PIDFILE=$IPCDIR/$NAME.pid
SCRIPTNAME=/etc/init.d/$NAME

# if you need to pass arguments to pcscd you should edit the file
# /etc/default/pcscd and add a line 
# DAEMON_ARGS="--your-option"

# Exit if the package is not installed
[ -x "$DAEMON" ] || exit 0

# Read configuration variable file if it is present
[ -r /etc/default/$NAME ] && . /etc/default/$NAME

# Load the VERBOSE setting and other rcS variables
. /lib/init/vars.sh

# Define LSB log_* functions.
# Depend on lsb-base (>= 3.0-6) to ensure that this file is present.
. /lib/lsb/init-functions

# get LANG variable (code from /etc/init.d/keymap.sh)
ENV_FILE="none"
[ -r /etc/environment ] && ENV_FILE="/etc/environment"
[ -r /etc/default/locale ] && ENV_FILE="/etc/default/locale"

value=$(egrep "^[^#]*LANG=" $ENV_FILE | tail -n1 | cut -d= -f2)
eval LANG=$value

#
# Function that starts the daemon/service
#
do_start()
{
	# create $IPCDIR with correct access rights
	if [ ! -d $IPCDIR ]
	then
		rm -rf $IPCDIR
		mkdir $IPCDIR
	fi
	chmod 0755 $IPCDIR

	# Return
	#   0 if daemon has been started
	#   1 if daemon was already running
	#   2 if daemon could not be started
	start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON --test > /dev/null \
		|| return 1
	start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON -- \
		$DAEMON_ARGS \
		|| return 2
	# Add code here, if necessary, that waits for the process to be ready
	# to handle requests from services started subsequently which depend
	# on this one.  As a last resort, sleep for some time.
}

#
# Function that stops the daemon/service
#
do_stop()
{
	# Return
	#   0 if daemon has been stopped
	#   1 if daemon was already stopped
	#   2 if daemon could not be stopped
	#   other if a failure occurred
	start-stop-daemon --stop --quiet --retry=3 --pidfile $PIDFILE --name $NAME
	RETVAL="$?"
	[ "$RETVAL" = 2 ] && return 2
}

case "$1" in
  start)
	[ "$VERBOSE" != no ] && log_daemon_msg "Starting $DESC" "$NAME"
	do_start
	case "$?" in
		0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
		2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
	esac
	;;
  stop)
	[ "$VERBOSE" != no ] && log_daemon_msg "Stopping $DESC" "$NAME"
	do_stop
	case "$?" in
		0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
		2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
	esac
	;;
  status)
	  status_of_proc -p "$PIDFILE" "$DAEMON" "$NAME" && exit 0 || exit $?
	  ;;
  restart|force-reload)
	#
	# If the "reload" option is implemented then remove the
	# 'force-reload' alias
	#
	log_daemon_msg "Restarting $DESC" "$NAME"
	do_stop
	case "$?" in
	  0|1)
		do_start
		case "$?" in
			0) log_end_msg 0 ;;
			1) log_end_msg 1 ;; # Old process is still running
			*) log_end_msg 1 ;; # Failed to start
		esac
		;;
	  *)
	  	# Failed to stop
		log_end_msg 1
		;;
	esac
	;;
  *)
	echo "Usage: $SCRIPTNAME {start|stop|status|restart|force-reload}" >&2
	exit 3
	;;
esac

:


PCSC as a service

Now you can register PCSC as a service. 

cd /etc/init.d
chmod 755 pcscd
update-rc.d pcscd defaults

CCID

CCID is a mandatory dependency of PCSC.


Install

unzip ccid-latest.zip
tar xjvf ccid-1.4.18.tar.bz2 
cd ccid-1.4.18/
chmod +x configure
./configure
make
sudo make install


Setup verification

Now you can try to start the PCSC daemon manually: 

sudo pcscd -v
  • pcsc-lite version 1.8.13
  • usbdropdir=/usr/lib/pcsc/drivers


HID driver (step 2)

cd ifdokccid_linux_x86_64-v4.0.5.5/
sudo ./install

This time everything should be OK! :)


PCSC_SCAN

PCSC_SCAN is small scan utility, very useful to check your configuration / reader status / cards properties... 

tar xzvf pcsc-tools-1.4.23.tar.gz
make
sudo make install


-- At this point you must REBOOT your computer for the changes to apply on the whole system. --


Test your setup

Proceed to the following tests to ensure your environment is OK. 

# Start the PCSC daemon manually
sudo pcscd -fd

# Run the test
pcsc_scan


Sources

Retrieved from "http://www.daxiongmao.eu/wiki/index.php?title=Smartcard_drivers_manual_installation&oldid=2281"