Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Error response: '006282', protocol 2 in src/SmartCard.cpp #119

Open
davispuh opened this issue Mar 3, 2025 · 7 comments · May be fixed by #121
Open

Error response: '006282', protocol 2 in src/SmartCard.cpp #119

davispuh opened this issue Mar 3, 2025 · 7 comments · May be fixed by #121

Comments

@davispuh
Copy link

davispuh commented Mar 3, 2025

For some reason my Latvian eID fails with this software while it works with latvia-eid-middleware.
I submitted web-eid/web-eid-app#357
but now I tested that issue is here as I tried libelectronic-id-test-integration test and it fails very early.

[==========] Running 4 tests from 1 test suite.
[----------] Global test environment set-up.
[----------] 4 tests from electronic_id_test
[ RUN      ] electronic_id_test.authenticate
Selected card: LatEID IDEMIA v2
unknown file: Failure
C++ exception with description "Error response: '006282', protocol 2 in src/SmartCard.cpp:245:toResponse" thrown in the test body.

[  FAILED  ] electronic_id_test.authenticate (374 ms)
[ RUN      ] electronic_id_test.getCertificate
Selected card: LatEID IDEMIA v2
unknown file: Failure
C++ exception with description "Error response: '006282', protocol 2 in src/SmartCard.cpp:245:toResponse" thrown in the test body.

[  FAILED  ] electronic_id_test.getCertificate (127 ms)
[ RUN      ] electronic_id_test.signing_SHA256
Selected card: LatEID IDEMIA v2
unknown file: Failure
C++ exception with description "Error response: '006282', protocol 2 in src/SmartCard.cpp:245:toResponse" thrown in the test body.

[  FAILED  ] electronic_id_test.signing_SHA256 (264 ms)
[ RUN      ] electronic_id_test.signing_SHA3_256
Selected card: LatEID IDEMIA v2
unknown file: Failure
C++ exception with description "Error response: '006282', protocol 2 in src/SmartCard.cpp:245:toResponse" thrown in the test body.

[  FAILED  ] electronic_id_test.signing_SHA3_256 (260 ms)
[----------] 4 tests from electronic_id_test (1027 ms total)

[----------] Global test environment tear-down
[==========] 4 tests from 1 test suite ran. (1027 ms total)
[  PASSED  ] 0 tests.
[  FAILED  ] 4 tests, listed below:
[  FAILED  ] electronic_id_test.authenticate
[  FAILED  ] electronic_id_test.getCertificate
[  FAILED  ] electronic_id_test.signing_SHA256
[  FAILED  ] electronic_id_test.signing_SHA3_256
@metsma
Copy link
Contributor

metsma commented Mar 3, 2025

Can you capture the APDU trace? Note: If you enter a PIN, it may be logged.
Run: sudo pcscd --foreground --debug --apdu

@davispuh
Copy link
Author

davispuh commented Mar 3, 2025
edited
Loading

It fails before needing PIN.

    auto cardInfo = autoSelectSupportedCard();
    byte_vector cert = cardInfo->eid().getCertificate(CertificateType::AUTHENTICATION);
99999999 [140017112752960] ../PCSC/src/winscard_msg_srv.c:253:ProcessEventsServer() Common channel packet arrival
00000019 [140017112752960] ../PCSC/src/winscard_msg_srv.c:264:ProcessEventsServer() ProcessCommonChannelRequest detects: 12
00000004 [140017112752960] ../PCSC/src/pcscdaemon.c:130:SVCServiceRunLoop() A new context thread creation is requested: 12
00143267 [140017007589056] ../PCSC/src/winscard_svc.c:362:ContextThread() Authorized PC/SC client
00000011 [140017007589056] ../PCSC/src/winscard_svc.c:365:ContextThread() Thread is started: dwClientID=12, threadContext @0x6502dab7e150
00000011 [140017007589056] ../PCSC/src/winscard_svc.c:383:ContextThread() Received command: CMD_VERSION from client 12
00000007 [140017007589056] ../PCSC/src/winscard_svc.c:395:ContextThread() Client is protocol version 4:5
00000005 [140017007589056] ../PCSC/src/winscard_svc.c:418:ContextThread() CMD_VERSION for client 12, rv=SCARD_S_SUCCESS
00000058 [140017007589056] ../PCSC/src/winscard_svc.c:383:ContextThread() Received command: ESTABLISH_CONTEXT from client 12
00000011 [140017007589056] ../PCSC/src/winscard.c:210:SCardEstablishContext() Establishing Context: 0x78F3B9B6
00000003 [140017007589056] ../PCSC/src/winscard_svc.c:501:ContextThread() ESTABLISH_CONTEXT for client 12, rv=SCARD_S_SUCCESS
00000040 [140017007589056] ../PCSC/src/winscard_svc.c:383:ContextThread() Received command: CMD_GET_READERS_STATE from client 12
00000065 [140017007589056] ../PCSC/src/winscard_svc.c:383:ContextThread() Received command: CMD_GET_READERS_STATE from client 12
00000046 [140017007589056] ../PCSC/src/winscard_svc.c:383:ContextThread() Received command: CMD_WAIT_READER_STATE_CHANGE from client 12
00000005 [140017007589056] ../PCSC/src/winscard_svc.c:883:MSGSendReaderStates() Send reader states: 12
00000033 [140017007589056] ../PCSC/src/winscard_svc.c:383:ContextThread() Received command: CMD_STOP_WAITING_READER_STATE_CHANGE from client 12
00000005 [140017007589056] ../PCSC/src/winscard_svc.c:467:ContextThread() CMD_STOP_WAITING_READER_STATE_CHANGE for client 12, rv=SCARD_S_SUCCESS
00000062 [140017007589056] ../PCSC/src/winscard_svc.c:383:ContextThread() Received command: CONNECT from client 12
00019624 [140017007589056] ../PCSC/src/winscard_svc.c:542:ContextThread() Authorized client for 'Alcor Micro AU9540 00 00'
00000008 [140017007589056] ../PCSC/src/winscard.c:253:SCardConnect() Attempting Connect to Alcor Micro AU9540 00 00 using protocol: 3
00000004 [140017007589056] ../PCSC/src/readerfactory.c:844:RFReaderInfo() RefReader() count was: 1
00000822 [140017007589056] ifdhandler.c:1232:IFDHPowerICC() action: PowerUp, usb:058f/9540:libudev:0:/dev/bus/usb/005/028 (lun: 0)
00248573 [140017007589056] ../PCSC/src/winscard.c:327:SCardConnect() power up complete.
00000010 [140017007589056] Card ATR: 3B DB 96 00 80 B1 FE 45 1F 83 00 12 42 8F 53 65 49 44 0F 90 00 20
00000002 [140017007589056] ../PCSC/src/winscard.c:347:SCardConnect() powerState: POWER_STATE_IN_USE
00000011 [140017007589056] ../PCSC/src/prothandler.c:103:PHSetProtocol() Attempting PTS to T=1
00000003 [140017007589056] ifdhandler.c:729:IFDHSetProtocolParameters() protocol T=1, usb:058f/9540:libudev:0:/dev/bus/usb/005/028 (lun: 0)
00098931 [140017007589056] ../PCSC/src/winscard.c:428:SCardConnect() Active Protocol: T=1
00000014 [140017007589056] ../PCSC/src/winscard.c:454:SCardConnect() hCard Identity: 7fa964c5
00000004 [140017007589056] ../PCSC/src/winscard.c:516:SCardConnect() UnrefReader() count was: 2
00000004 [140017007589056] ../PCSC/src/winscard_svc.c:562:ContextThread() CONNECT for client 12, rv=SCARD_S_SUCCESS
00000213 [140017007589056] ../PCSC/src/winscard_svc.c:383:ContextThread() Received command: CONTROL from client 12
00000007 [140017007589056] ../PCSC/src/readerfactory.c:871:RFReaderInfoById() RefReader() count was: 1
00000006 [140017007589056] ifdhandler.c:1492:IFDHControl() ControlCode: 0x42000D48, usb:058f/9540:libudev:0:/dev/bus/usb/005/028 (lun: 0)
00000004 [140017007589056] Control TxBuffer:
00000007 [140017007589056] Control RxBuffer: 12 04 42 33 00 12
00000005 [140017007589056] ../PCSC/src/winscard.c:1361:SCardControl() UnrefReader() count was: 2
00000004 [140017007589056] ../PCSC/src/winscard_svc.c:784:ContextThread() CONTROL for client 12, rv=SCARD_S_SUCCESS
00000047 [140017007589056] ../PCSC/src/winscard_svc.c:383:ContextThread() Received command: CONTROL from client 12
00000006 [140017007589056] ../PCSC/src/readerfactory.c:871:RFReaderInfoById() RefReader() count was: 1
00000003 [140017007589056] ifdhandler.c:1492:IFDHControl() ControlCode: 0x42330012, usb:058f/9540:libudev:0:/dev/bus/usb/005/028 (lun: 0)
00000004 [140017007589056] Control TxBuffer:
00000005 [140017007589056] Control RxBuffer: 01 02 00 00 03 01 00 09 01 00 0B 02 8F 05 0C 02 40 95 0A 04 00 00 01 00
00000003 [140017007589056] ../PCSC/src/winscard.c:1361:SCardControl() UnrefReader() count was: 2
00000003 [140017007589056] ../PCSC/src/winscard_svc.c:784:ContextThread() CONTROL for client 12, rv=SCARD_S_SUCCESS
00000095 [140017007589056] ../PCSC/src/winscard_svc.c:383:ContextThread() Received command: BEGIN_TRANSACTION from client 12
00000006 [140017007589056] ../PCSC/src/readerfactory.c:871:RFReaderInfoById() RefReader() count was: 1
00000004 [140017007589056] ../PCSC/src/winscard.c:1084:SCardBeginTransaction() Status: rv=SCARD_S_SUCCESS
00000004 [140017007589056] ../PCSC/src/winscard.c:1087:SCardBeginTransaction() UnrefReader() count was: 2
00000004 [140017007589056] ../PCSC/src/winscard_svc.c:614:ContextThread() BEGIN_TRANSACTION for client 12, rv=SCARD_S_SUCCESS
00000038 [140017007589056] ../PCSC/src/winscard_svc.c:383:ContextThread() Received command: TRANSMIT from client 12
00000008 [140017007589056] ../PCSC/src/readerfactory.c:871:RFReaderInfoById() RefReader() count was: 1
00000003 [140017007589056] ../PCSC/src/winscard.c:1597:SCardTransmit() Send Protocol: T=1
00000005 [140017007589056] APDU: 00 A4 04 0C 10 A0 00 00 00 77 01 08 00 07 00 00 FE 00 00 01 00
00000004 [140017007589056] ifdhandler.c:1384:IFDHTransmitToICC() usb:058f/9540:libudev:0:/dev/bus/usb/005/028 (lun: 0)
00171781 [140017007589056] SW: 90 00
00000006 [140017007589056] ../PCSC/src/winscard.c:1650:SCardTransmit() UnrefReader() count was: 2
00000003 [140017007589056] ../PCSC/src/winscard_svc.c:735:ContextThread() TRANSMIT for client 12, rv=SCARD_S_SUCCESS
00000255 [140017007589056] ../PCSC/src/winscard_svc.c:383:ContextThread() Received command: TRANSMIT from client 12
00000009 [140017007589056] ../PCSC/src/readerfactory.c:871:RFReaderInfoById() RefReader() count was: 1
00000003 [140017007589056] ../PCSC/src/winscard.c:1597:SCardTransmit() Send Protocol: T=1
00000004 [140017007589056] APDU: 00 A4 09 0C 04 AD F1 34 01
00000003 [140017007589056] ifdhandler.c:1384:IFDHTransmitToICC() usb:058f/9540:libudev:0:/dev/bus/usb/005/028 (lun: 0)
00023945 [140017007589056] SW: 90 00
00000006 [140017007589056] ../PCSC/src/winscard.c:1650:SCardTransmit() UnrefReader() count was: 2
00000003 [140017007589056] ../PCSC/src/winscard_svc.c:735:ContextThread() TRANSMIT for client 12, rv=SCARD_S_SUCCESS
00000059 [140017007589056] ../PCSC/src/winscard_svc.c:383:ContextThread() Received command: TRANSMIT from client 12
00000009 [140017007589056] ../PCSC/src/readerfactory.c:871:RFReaderInfoById() RefReader() count was: 1
00000003 [140017007589056] ../PCSC/src/winscard.c:1597:SCardTransmit() Send Protocol: T=1
00000003 [140017007589056] APDU: 00 B0 00 00 04
00000003 [140017007589056] ifdhandler.c:1384:IFDHTransmitToICC() usb:058f/9540:libudev:0:/dev/bus/usb/005/028 (lun: 0)
00020718 [140017007589056] SW: 00 62 82
00000007 [140017007589056] ../PCSC/src/winscard.c:1650:SCardTransmit() UnrefReader() count was: 2
00000002 [140017007589056] ../PCSC/src/winscard_svc.c:735:ContextThread() TRANSMIT for client 12, rv=SCARD_S_SUCCESS
00000170 [140017007589056] ../PCSC/src/winscard_svc.c:383:ContextThread() Received command: END_TRANSACTION from client 12
00000007 [140017007589056] ../PCSC/src/readerfactory.c:871:RFReaderInfoById() RefReader() count was: 1
00000004 [140017007589056] ../PCSC/src/winscard.c:1236:SCardEndTransaction() Status: rv=SCARD_S_SUCCESS
00000003 [140017007589056] ../PCSC/src/winscard.c:1239:SCardEndTransaction() UnrefReader() count was: 2
00000002 [140017007589056] ../PCSC/src/winscard_svc.c:630:ContextThread() END_TRANSACTION for client 12, rv=SCARD_S_SUCCESS
00000044 [140017007589056] ../PCSC/src/winscard_svc.c:383:ContextThread() Received command: DISCONNECT from client 12
00000006 [140017007589056] ../PCSC/src/readerfactory.c:871:RFReaderInfoById() RefReader() count was: 1
00000004 [140017007589056] ../PCSC/src/winscard.c:883:SCardDisconnect() Active Contexts: 1
00000002 [140017007589056] ../PCSC/src/winscard.c:884:SCardDisconnect() dwDisposition: 0
00000003 [140017007589056] ../PCSC/src/winscard.c:1019:SCardDisconnect() powerState: POWER_STATE_GRACE_PERIOD
00000004 [140017007589056] ifdhandler.c:389:IFDHGetCapabilities() tag: 0xFB2, usb:058f/9540:libudev:0:/dev/bus/usb/005/028 (lun: 0)
00000005 [140017007589056] ../PCSC/src/winscard.c:1032:SCardDisconnect() Stopping polling thread
00000002 [140017007589056] ifdhandler.c:354:IFDHStopPolling() usb:058f/9540:libudev:0:/dev/bus/usb/005/028 (lun: 0)
00000073 [140017007589056] ../PCSC/src/winscard.c:1045:SCardDisconnect() UnrefReader() count was: 2
00000004 [140017007589056] ../PCSC/src/winscard_svc.c:599:ContextThread() DISCONNECT for client 12, rv=SCARD_S_SUCCESS
00000033 [140017007589056] ../PCSC/src/winscard_svc.c:383:ContextThread() Received command: RELEASE_CONTEXT from client 12
00000007 [140017007589056] ../PCSC/src/winscard.c:224:SCardReleaseContext() Releasing Context: 0x78F3B9B6
00000003 [140017007589056] ../PCSC/src/winscard_svc.c:516:ContextThread() RELEASE_CONTEXT for client 12, rv=SCARD_S_SUCCESS
00000026 [140017007589056] ../PCSC/src/winscard_svc.c:376:ContextThread() Client die: 12
00000017 [140017007589056] ../PCSC/src/winscard_svc.c:1112:MSGCleanupClient() Thread is stopping: dwClientID=12, threadContext @0x6502dab7e150
00000004 [140017007589056] ../PCSC/src/winscard_svc.c:1120:MSGCleanupClient() Freeing SCONTEXT @0x6502dab7e150
00399997 [140017095952064] ../PCSC/src/eventhandler.c:492:EHStatusHandlerThread() powerState: POWER_STATE_POWERED

Here this is ... when using Latvian eparaksts software.

I see differences even starting with 1st command

APDU: 00 A4 04 0C 10 A0 00 00 00 77 01 08 00 07 00 00 FE 00 00 01 00
SW: 90 00
APDU: 00 A4 09 0C 04 AD F1 34 01
SW: 90 00
APDU: 00 B0 00 00 04
SW: 00 62 82

vs

APDU: 00 A4 04 00 10 A0 00 00 00 77 01 08 00 07 00 00 FE 00 00 01 00 00
SW: 90 00
APDU: 00 A4 09 04 02 2F 01 00
SW: 62 25 80 REDACTED...
APDU: 00 B0 00 00 64
SW: 80 00 43 REDACTED...

@metsma
Copy link
Contributor

metsma commented Mar 3, 2025
edited
Loading

Does master branch and latest tag fail same way?
Is this updated card?
I see that middleware selects different certificate file
APDU: 00 A4 01 04 02 34 02 00
vs
APDU: 00 A4 09 0C 04 AD F1 34 01

@davispuh
Copy link
Author

davispuh commented Mar 3, 2025

Does master branch and latest tag fail same way?

Yeah I tried v1.2.0 tag and it fails in exactly same way.

99999999 [133170281645760] APDU: 00 A4 04 00 10 A0 00 00 00 77 01 08 00 07 00 00 FE 00 00 01 00
00172272 [133170281645760] SW: 90 00
00000114 [133170281645760] APDU: 00 A4 04 0C 0D E8 28 BD 08 0F F2 50 4F 54 20 41 57 50
00021363 [133170281645760] SW: 90 00
00000072 [133170281645760] APDU: 00 A4 02 0C 02 34 01
00017507 [133170281645760] SW: 90 00
00000079 [133170281645760] APDU: 00 B0 00 00 04
00020841 [133170281645760] SW: 00 62 82

Also note that it wasn't trivial to build v1.2.0, there's test build issue with https://github.com/web-eid/libpcsc-cpp/tree/v1.2.0 I worked around by commenting out some stuff.

Is this updated card?

What do you mean with this? It's my first eID I got in 2020 year. Original certificates expired (5 year validity) but I renewed them so they're still valid till 2030 year.

@davispuh
Copy link
Author

davispuh commented Mar 3, 2025

If I change

diff --git i/src/electronic-ids/pcsc/EIDIDEMIA.cpp w/src/electronic-ids/pcsc/EIDIDEMIA.cpp
index 74dd589..71e7ce6 100644
--- i/src/electronic-ids/pcsc/EIDIDEMIA.cpp
+++ w/src/electronic-ids/pcsc/EIDIDEMIA.cpp
@@ -42,7 +42,9 @@ const auto ADF1_AID = CommandApdu::select(
 const auto ADF2_AID = CommandApdu::select(0x04,
                                           {0x51, 0x53, 0x43, 0x44, 0x20, 0x41, 0x70, 0x70, 0x6C,
                                            0x69, 0x63, 0x61, 0x74, 0x69, 0x6F, 0x6E});
-const auto AUTH_CERT = CommandApdu::select(0x09, {0xAD, 0xF1, 0x34, 0x01});
+const auto AUTH_CERT = CommandApdu::select(0x09, {0x2F, 0x01});
 const auto SIGN_CERT = CommandApdu::select(0x09, {0xAD, 0xF2, 0x34, 0x1F});

 } // namespace

Then we successfully get data

SW: 80 00 43 01 90 00

But we fail with readDataLengthFromAsn1(): First byte must be SEQUENCE (0x30)

And

+const auto AUTH_CERT = CommandApdu::select(0x01, {0x34, 0x02});

Fails with SW: 6A 82 which means File not found

metsma added a commit to metsma/libelectronic-id that referenced this issue Mar 3, 2025
@metsma
Read certificate file ref from DCOD file
d6f657a 
Fixes: web-eid#119

Signed-off-by: Raul Metsma <raul@metsma.ee>
@metsma metsma linked a pull request Mar 3, 2025 that will close this issue
Open
@metsma
Copy link
Contributor

metsma commented Mar 3, 2025

Can you test this PR?

metsma added a commit to metsma/libelectronic-id that referenced this issue Mar 4, 2025
@metsma
Read certificate file ref from DCOD file
a0e513b 
Fixes: web-eid#119

Signed-off-by: Raul Metsma <raul@metsma.ee>
metsma added a commit to metsma/libelectronic-id that referenced this issue Mar 4, 2025
@metsma
Read certificate file ref from DCOD file
3ea1a6b 
Fixes: web-eid#119

Signed-off-by: Raul Metsma <raul@metsma.ee>
metsma added a commit to metsma/libelectronic-id that referenced this issue Mar 4, 2025
@metsma
Read certificate file ref from DCOD file
b107563 
Fixes: web-eid#119

Signed-off-by: Raul Metsma <raul@metsma.ee>
metsma added a commit to metsma/libelectronic-id that referenced this issue Mar 4, 2025
@metsma
Read certificate file ref from DCOD file
be69b46 
Fixes: web-eid#119

Signed-off-by: Raul Metsma <raul@metsma.ee>
@davispuh
Copy link
Author

davispuh commented Mar 4, 2025

It failed with

00000000 [132969368909504] APDU: 00 A4 04 0C 0D E8 28 BD 08 0F F2 50 4F 54 20 41 57 50
00025777 [132969368909504] SW: 6A 82

But this fixed it

diff --git i/src/electronic-ids/pcsc/EIDIDEMIA.cpp w/src/electronic-ids/pcsc/EIDIDEMIA.cpp
index daf0e6d..5480590 100644
--- i/src/electronic-ids/pcsc/EIDIDEMIA.cpp
+++ w/src/electronic-ids/pcsc/EIDIDEMIA.cpp
@@ -61,6 +61,7 @@ void EIDIDEMIA::selectADF2() const

 byte_vector EIDIDEMIA::getCertificateImpl(const CertificateType type) const
 {
+    transmitApduWithExpectedResponse(*card, MAIN_AID);
     type.isAuthentication() ? selectADF1() : selectADF2();
     return electronic_id::getCertificate(
         *card, CommandApdu::select(0x02, type.isAuthentication() ? authCertRef() : signCertRef()));

And now it works perfectly. I was able to authenticate and sign. Thanks! 💓

metsma added a commit to metsma/libelectronic-id that referenced this issue Mar 4, 2025
@metsma
Read certificate file ref from DCOD file
a54efe2 
Fixes: web-eid#119

Signed-off-by: Raul Metsma <raul@metsma.ee>
metsma added a commit to metsma/libelectronic-id that referenced this issue Mar 4, 2025
@metsma
Read certificate file ref from DCOD file
7433554 
Fixes: web-eid#119

Signed-off-by: Raul Metsma <raul@metsma.ee>
metsma added a commit to metsma/libelectronic-id that referenced this issue Mar 4, 2025
@metsma
Read certificate file ref from DCOD file
e327a51 
Fixes: web-eid#119

Signed-off-by: Raul Metsma <raul@metsma.ee>
metsma added a commit to metsma/libelectronic-id that referenced this issue Mar 4, 2025
@metsma
Read certificate file ref from DCOD file
d9921b6 
Fixes: web-eid#119

Signed-off-by: Raul Metsma <raul@metsma.ee>
metsma added a commit to metsma/libelectronic-id that referenced this issue Mar 4, 2025
@metsma
Read certificate file ref from DCOD file
d7671b2 
Fixes: web-eid#119

Signed-off-by: Raul Metsma <raul@metsma.ee>
metsma added a commit to metsma/libelectronic-id that referenced this issue Mar 5, 2025
@metsma
Read certificate file ref from DCOD file
b777700 
Fixes: web-eid#119

Signed-off-by: Raul Metsma <raul@metsma.ee>
metsma added a commit to metsma/libelectronic-id that referenced this issue Mar 5, 2025
@metsma
Read certificate file ref from DCOD file
d22d90e 
Fixes: web-eid#119

Signed-off-by: Raul Metsma <raul@metsma.ee>
metsma added a commit to metsma/libelectronic-id that referenced this issue Mar 5, 2025
@metsma
Read certificate file ref from DCOD file
2911bfb 
Fixes: web-eid#119

Signed-off-by: Raul Metsma <raul@metsma.ee>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Read certificate file ref from DCOD file metsma/libelectronic-id
2 participants
@davispuh @metsma