Difference between revisions of "Smartcard drivers manual installation"
(→PCSC as a service) |
|||
| (One intermediate revision by the same user not shown) | |||
| Line 7: | Line 7: | ||
* Register a specific smart-card driver, if any is available | * Register a specific smart-card driver, if any is available | ||
* Manage the start/stop script of PCSC as a service | * Manage the start/stop script of PCSC as a service | ||
| + | * Create the missing symlinks like the ''apt-get'' official package does | ||
| Line 18: | Line 19: | ||
sudo apt-get install libudev-dev | sudo apt-get install libudev-dev | ||
sudo apt-get install libusb-1.0.0 libusb-dev | sudo apt-get install libusb-1.0.0 libusb-dev | ||
| + | sudo apt-get install usbutils | ||
</syntaxhighlight> | </syntaxhighlight> | ||
| Line 37: | Line 39: | ||
</syntaxhighlight> | </syntaxhighlight> | ||
| − | Add PCSC | + | Add PCSC user to the group |
<syntaxhighlight lang="bash"> | <syntaxhighlight lang="bash"> | ||
| − | pcscd:x:999:pcsc | + | pcscd:x:999:pcsc |
</syntaxhighlight> | </syntaxhighlight> | ||
| Line 85: | Line 87: | ||
♦ NETBOOT trick ♦ You need to perform the following extra-operations in your ''chroot'' environment | ♦ NETBOOT trick ♦ You need to perform the following extra-operations in your ''chroot'' environment | ||
| − | |||
<syntaxhighlight lang="bash"> | <syntaxhighlight lang="bash"> | ||
apt-get install -f | apt-get install -f | ||
| Line 102: | Line 103: | ||
sudo make install | sudo make install | ||
sudo make fix-rights | sudo make fix-rights | ||
| + | </syntaxhighlight> | ||
| + | |||
| + | |||
| + | ==Create symlinks== | ||
| + | |||
| + | The manual installation does not create the same symlinks as the Debian official package. | ||
| + | |||
| + | You must create the missing links if you'd like to use PCSC_SCAN and the JAVA smartcard I/O. | ||
| + | |||
| + | <syntaxhighlight lang="bash"> | ||
| + | # Find the library (binary) | ||
| + | find / -name libpcsclite.so.1.0.0 | ||
| + | |||
| + | # Create symlinks | ||
| + | ln -s /usr/local/lib/libpcsclite.so.1.0.0 /lib/x86_64-linux-gnu/libpcsclite.so.1 | ||
| + | ln -s /usr/local/lib/libpcsclite.so.1.0.0 /lib/x86_64-linux-gnu/libpcsclite.so.1.0.0 | ||
</syntaxhighlight> | </syntaxhighlight> | ||
| Line 272: | Line 289: | ||
<syntaxhighlight lang="bash"> | <syntaxhighlight lang="bash"> | ||
cd /etc/init.d | cd /etc/init.d | ||
| − | update-rc.d pcscd | + | chmod 755 pcscd |
| + | update-rc.d pcscd defaults | ||
</syntaxhighlight> | </syntaxhighlight> | ||
| − | |||
| − | |||
=CCID= | =CCID= | ||
Latest revision as of 15:26, 13 April 2015
The PCSC library shipped with most distributions is a bit old. Sometimes you might need something more recent.
... In such cases you need to:
- Compile and install PCSC + its dependencies manually
- Register a specific smart-card driver, if any is available
- Manage the start/stop script of PCSC as a service
- Create the missing symlinks like the apt-get official package does
Contents
Requirements
Packages
sudo apt-get install build-essential
sudo apt-get install libudev-dev
sudo apt-get install libusb-1.0.0 libusb-dev
sudo apt-get install usbutils
user/group
Create new user & group
sudo adduser --system --no-create-home pcsc
sudo groupadd --system pcscd
Register existing users to the new group
vim /etc/groupAdd PCSC user to the group
pcscd:x:999:pcsc
HID Driver (step 1)
This step is specific to HID hardware.
- Download latest stable version from HID http://www.hidglobal.com/drivers
Try to install HID driver
tar xzvf ifdokccid_linux_x86_64-v4.0.5.5.tar.gz
cd ifdokccid_linux_x86_64-v4.0.5.5/
sudo ./installThis step should be a failure... But specifics PCSC libs are now in /usr/lib/pcsc/drivers/ifdokccid_linux_x86_64-v4.0.5.5.bundle
PCSC-lite (Linux driver)
PCSC lite is the reference Open Source driver on all *nux platforms.
- Download "pcsclite-latest.zip" from https://alioth.debian.org/projects/pcsclite/
Install
Unzip and prepare compilation
unzip pcsclite-latest.zip
tar xjvf pcsc-lite-1.8.13.tar.bz2
cd pcsc-lite-1.8.13/
chmod +x configure
♦ NETBOOT trick ♦ You need to perform the following extra-operations in your chroot environment
apt-get install -f
apt-get install pkg-config libusb-dev
dpkg --configure -a
apt-get install -f
export LD_LIBRARY_PATH=/usr/local/lib
Configure, compile and install the driver:
./configure --enable-usbdropdir=/usr/lib/pcsc/drivers
make
sudo make install
sudo make fix-rights
Create symlinks
The manual installation does not create the same symlinks as the Debian official package.
You must create the missing links if you'd like to use PCSC_SCAN and the JAVA smartcard I/O.
# Find the library (binary)
find / -name libpcsclite.so.1.0.0
# Create symlinks
ln -s /usr/local/lib/libpcsclite.so.1.0.0 /lib/x86_64-linux-gnu/libpcsclite.so.1
ln -s /usr/local/lib/libpcsclite.so.1.0.0 /lib/x86_64-linux-gnu/libpcsclite.so.1.0.0
Start/Stop script
Create a new daemon manager, the file must be name pcscd!
vim /etc/init.d/pcscd
Put the following content:
#! /bin/sh
### BEGIN INIT INFO
# Provides: pcscd
# Required-Start: $local_fs $remote_fs $syslog
# Required-Stop: $local_fs $remote_fs $syslog
# Should-Start: udev
# Should-Stop: udev
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Short-Description: Daemon to access a smart card using PC/SC
# Description: The PC/SC daemon is used to dynamically
# allocate/deallocate reader drivers at runtime and manage
# connections to the readers.
### END INIT INFO
# Authors:
# Carlos Prados Bocos <cprados@debian.org>
# Ludovic Rousseau <rousseau@debian.org>
# Do NOT "set -e"
# PATH should only include /usr/* if it runs after the mountnfs.sh script
PATH=/sbin:/usr/sbin:/bin:/usr/bin:/usr/lib/pcsc/
DESC="PCSC Lite resource manager"
NAME=pcscd
DAEMON=/usr/local/sbin/$NAME
IPCDIR=/var/run/pcscd
PIDFILE=$IPCDIR/$NAME.pid
SCRIPTNAME=/etc/init.d/$NAME
# if you need to pass arguments to pcscd you should edit the file
# /etc/default/pcscd and add a line
# DAEMON_ARGS="--your-option"
# Exit if the package is not installed
[ -x "$DAEMON" ] || exit 0
# Read configuration variable file if it is present
[ -r /etc/default/$NAME ] && . /etc/default/$NAME
# Load the VERBOSE setting and other rcS variables
. /lib/init/vars.sh
# Define LSB log_* functions.
# Depend on lsb-base (>= 3.0-6) to ensure that this file is present.
. /lib/lsb/init-functions
# get LANG variable (code from /etc/init.d/keymap.sh)
ENV_FILE="none"
[ -r /etc/environment ] && ENV_FILE="/etc/environment"
[ -r /etc/default/locale ] && ENV_FILE="/etc/default/locale"
value=$(egrep "^[^#]*LANG=" $ENV_FILE | tail -n1 | cut -d= -f2)
eval LANG=$value
#
# Function that starts the daemon/service
#
do_start()
{
# create $IPCDIR with correct access rights
if [ ! -d $IPCDIR ]
then
rm -rf $IPCDIR
mkdir $IPCDIR
fi
chmod 0755 $IPCDIR
# Return
# 0 if daemon has been started
# 1 if daemon was already running
# 2 if daemon could not be started
start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON --test > /dev/null \
|| return 1
start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON -- \
$DAEMON_ARGS \
|| return 2
# Add code here, if necessary, that waits for the process to be ready
# to handle requests from services started subsequently which depend
# on this one. As a last resort, sleep for some time.
}
#
# Function that stops the daemon/service
#
do_stop()
{
# Return
# 0 if daemon has been stopped
# 1 if daemon was already stopped
# 2 if daemon could not be stopped
# other if a failure occurred
start-stop-daemon --stop --quiet --retry=3 --pidfile $PIDFILE --name $NAME
RETVAL="$?"
[ "$RETVAL" = 2 ] && return 2
}
case "$1" in
start)
[ "$VERBOSE" != no ] && log_daemon_msg "Starting $DESC" "$NAME"
do_start
case "$?" in
0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
esac
;;
stop)
[ "$VERBOSE" != no ] && log_daemon_msg "Stopping $DESC" "$NAME"
do_stop
case "$?" in
0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
esac
;;
status)
status_of_proc -p "$PIDFILE" "$DAEMON" "$NAME" && exit 0 || exit $?
;;
restart|force-reload)
#
# If the "reload" option is implemented then remove the
# 'force-reload' alias
#
log_daemon_msg "Restarting $DESC" "$NAME"
do_stop
case "$?" in
0|1)
do_start
case "$?" in
0) log_end_msg 0 ;;
1) log_end_msg 1 ;; # Old process is still running
*) log_end_msg 1 ;; # Failed to start
esac
;;
*)
# Failed to stop
log_end_msg 1
;;
esac
;;
*)
echo "Usage: $SCRIPTNAME {start|stop|status|restart|force-reload}" >&2
exit 3
;;
esac
:
PCSC as a service
Now you can register PCSC as a service.
cd /etc/init.d
chmod 755 pcscd
update-rc.d pcscd defaultsCCID
CCID is a mandatory dependency of PCSC.
- Download "ccid-latest.zip" from https://alioth.debian.org/projects/pcsclite/
Install
unzip ccid-latest.zip
tar xjvf ccid-1.4.18.tar.bz2
cd ccid-1.4.18/
chmod +x configure
./configure
make
sudo make install
Setup verification
Now you can try to start the PCSC daemon manually:
sudo pcscd -v- pcsc-lite version 1.8.13
- usbdropdir=/usr/lib/pcsc/drivers
HID driver (step 2)
cd ifdokccid_linux_x86_64-v4.0.5.5/
sudo ./installThis time everything should be OK! :)
PCSC_SCAN
PCSC_SCAN is small scan utility, very useful to check your configuration / reader status / cards properties...
- Download latest version of PCSC_SCAN on http://ludovic.rousseau.free.fr/softwares/pcsc-tools/index.html
tar xzvf pcsc-tools-1.4.23.tar.gz
make
sudo make install
-- At this point you must REBOOT your computer for the changes to apply on the whole system. --
Test your setup
Proceed to the following tests to ensure your environment is OK.
# Start the PCSC daemon manually
sudo pcscd -fd
# Run the test
pcsc_scan
Sources
- HID drivers README file
- Debian project PCSC: https://alioth.debian.org/projects/pcsclite/
- Ludovic Rousseau's blog & comments: http://ludovicrousseau.blogspot.se
- Ludovic Rousseau PCSC_TOOLS: http://ludovic.rousseau.free.fr/softwares/pcsc-tools/index.html
- Very good tutorial: http://tech.springcard.com/guides/pcsc-unix-with-pcsclite/
