Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Issue with belgian EID card #57

Open
RenaudDemarneffe opened this issue Jul 9, 2023 · 14 comments
Open

Issue with belgian EID card #57

RenaudDemarneffe opened this issue Jul 9, 2023 · 14 comments

Comments

@RenaudDemarneffe
Copy link

RenaudDemarneffe commented Jul 9, 2023
edited

Hello,

I tried to authenticate with a belgian EID card through the web-eid.js script and I get the following error
image

I use the 'Web eID software' version 2.2.0.572 on Windows 10 and the 'web-eid.js' script version 2.0.1.
I tried to authenticate through Chrome and Edge.

The logs of the 'RIA web-eid' software are the following:

2023-07-09T11:47:59.342Z DEBUG src\controller\application.cpp:162:class std::unique_ptr<struct std::pair<class CommandType,class QMap<class QString,class QVariant> >,struct std::default_delete<struct std::pair<class CommandType,class QMap<class QString,class QVariant> > > > __cdecl Application::parseArgs(void) - Parent window handle is unused "0"
2023-07-09T11:47:59.342Z INFO src\controller\controller.cpp:72:void __cdecl Controller::run(void) - "web-eid" app "2.2.0+572" running in stdin/stdout mode
2023-07-09T11:47:59.445Z DEBUG src\controller\threads\controllerchildthread.hpp:106:void __cdecl ControllerChildThread::beforeRun(void) - Starting "WaitForCardThread" 2058862480688 for command "INSERT_CARD"
2023-07-09T11:48:03.822Z WARNING src\controller\threads/waitforcardthread.hpp:72:bool __cdecl WaitForCardThread::warnAndEmitStatusUpdate(const enum RetriableError,const class std::exception &) - Command "INSERT_CARD" retriable error "SMART_CARD_CHANGE_REQUIRED": C_GetTokenInfo: token not recognized in src\electronic-ids\pkcs11\PKCS11CardManager.hpp:140:tokens
2023-07-09T11:48:08.721Z WARNING src\controller\threads/waitforcardthread.hpp:72:bool __cdecl WaitForCardThread::warnAndEmitStatusUpdate(const enum RetriableError,const class std::exception &) - Command "INSERT_CARD" retriable error "SMART_CARD_CHANGE_REQUIRED": C_GetTokenInfo: token not recognized in src\electronic-ids\pkcs11\PKCS11CardManager.hpp:140:tokens
2023-07-09T11:48:11.709Z DEBUG src\controller\controller.cpp:336:void __cdecl Controller::onDialogCancel(void) - User cancelled
2023-07-09T11:48:11.711Z DEBUG src\controller\controller.cpp:58:void __cdecl `anonymous-namespace'::interruptThread(class QThread *) - Interrupting thread 2058862480688
2023-07-09T11:48:13.540Z WARNING src\controller\threads/waitforcardthread.hpp:72:bool __cdecl WaitForCardThread::warnAndEmitStatusUpdate(const enum RetriableError,const class std::exception &) - Command "INSERT_CARD" retriable error "SMART_CARD_CHANGE_REQUIRED": C_GetTokenInfo: token not recognized in src\electronic-ids\pkcs11\PKCS11CardManager.hpp:140:tokens
2023-07-09T11:48:13.540Z INFO src\controller\threads\controllerchildthread.hpp:47:void __cdecl ControllerChildThread::run(void) - "WaitForCardThread" 2058862480688 for command "INSERT_CARD" completed successfully
2023-07-09T11:48:13.542Z DEBUG src\controller\threads\controllerchildthread.hpp:97:__cdecl ControllerChildThread::~ControllerChildThread(void) - "WaitForCardThread" 2058862480688 destroyed

Could you please help me debug this issue?
@mrts and @saxomoose, perhaps you could help me regarding the issues or patches you have applied for belgian EID.

Regards,
Renaud
@mrts
Copy link
Member

mrts commented Jul 10, 2023

Hi Renaud! Can you please try with Web eID version 2.3.1 from https://installer.id.ee/media/web-eid/web-eid_2.3.1.634.x64.exe - does this fix the issue?

@RenaudDemarneffe
Copy link
Author

Hi !
I tried with the last version but I dot the same error:

2023-07-10T19:37:25.852Z DEBUG src\controller\application.cpp:162:class std::unique_ptr<struct std::pair<class CommandType,class QMap<class QString,class QVariant> >,struct std::default_delete<struct std::pair<class CommandType,class QMap<class QString,class QVariant> > > > __cdecl Application::parseArgs(void) - Parent window handle is unused "0"
2023-07-10T19:37:25.853Z INFO src\controller\controller.cpp:72:void __cdecl Controller::run(void) - "web-eid" app "2.3.1+634" running in stdin/stdout mode
2023-07-10T19:37:26.093Z DEBUG src\controller\threads\controllerchildthread.hpp:106:void __cdecl ControllerChildThread::beforeRun(void) - Starting "WaitForCardThread" 1937549752128 for command "INSERT_CARD"
2023-07-10T19:37:30.567Z WARNING src\controller\threads/waitforcardthread.hpp:72:bool __cdecl WaitForCardThread::warnAndEmitStatusUpdate(const enum RetriableError,const class std::exception &) - Command "INSERT_CARD" retriable error "SMART_CARD_CHANGE_REQUIRED": C_GetTokenInfo: token not recognized in src\electronic-ids\pkcs11\PKCS11CardManager.hpp:140:tokens
2023-07-10T19:37:35.531Z WARNING src\controller\threads/waitforcardthread.hpp:72:bool __cdecl WaitForCardThread::warnAndEmitStatusUpdate(const enum RetriableError,const class std::exception &) - Command "INSERT_CARD" retriable error "SMART_CARD_CHANGE_REQUIRED": C_GetTokenInfo: token not recognized in src\electronic-ids\pkcs11\PKCS11CardManager.hpp:140:tokens

@mrts
Copy link
Member

mrts commented Jul 11, 2023

The C_GetTokenInfo: token not recognized error comes from here: https://github.com/web-eid/libelectronic-id/blob/main/src/electronic-ids/pkcs11/PKCS11CardManager.hpp#L293-L296 in case C_GetTokenInfo returns the CKR_TOKEN_NOT_RECOGNIZED error code.

Does your card otherwise work with the Belgian eID middleware, do you have other unsupported tokens attached to your computer?

@RenaudDemarneffe
Copy link
Author

I tries with the Belgian eID middleware and it works.
I also tries from another computer with a clean installation and I have the same error as on my computer.

How can I retreive the tokens attached to a computer?

@mrts
Copy link
Member

mrts commented Jul 11, 2023

I changed the code so that CKR_TOKEN_NOT_RECOGNIZED is ignored during C_GetTokenInfo. Can you please try the installer from build artifacts here and test if this fixes it?

@RenaudDemarneffe
Copy link
Author

I tried your patch but it does not solve the issue.
The error message is now:
image

and the logs are:

2023-07-12T07:55:44.649Z DEBUG src\controller\application.cpp:162:class std::unique_ptr<struct std::pair<class CommandType,class QMap<class QString,class QVariant> >,struct std::default_delete<struct std::pair<class CommandType,class QMap<class QString,class QVariant> > > > __cdecl Application::parseArgs(void) - Parent window handle is unused "0"
2023-07-12T07:55:44.650Z INFO src\controller\controller.cpp:72:void __cdecl Controller::run(void) - "web-eid" app "2.4.0+1622" running in stdin/stdout mode
2023-07-12T07:55:44.961Z DEBUG src\controller\threads\controllerchildthread.hpp:106:void __cdecl ControllerChildThread::beforeRun(void) - Starting "WaitForCardThread" 1551693817168 for command "INSERT_CARD"
2023-07-12T07:55:49.385Z WARNING src\controller\threads/waitforcardthread.hpp:72:bool __cdecl WaitForCardThread::warnAndEmitStatusUpdate(const enum RetriableError,const class std::exception &) - Command "INSERT_CARD" retriable error "SMART_CARD_CHANGE_REQUIRED": Either authentication or signing token is missing in src\electronic-ids\pkcs11\Pkcs11ElectronicID.cpp:212:Pkcs11ElectronicID
2023-07-12T07:55:54.285Z WARNING src\controller\threads/waitforcardthread.hpp:72:bool __cdecl WaitForCardThread::warnAndEmitStatusUpdate(const enum RetriableError,const class std::exception &) - Command "INSERT_CARD" retriable error "SMART_CARD_CHANGE_REQUIRED": Either authentication or signing token is missing in src\electronic-ids\pkcs11\Pkcs11ElectronicID.cpp:212:Pkcs11ElectronicID
2023-07-12T07:55:59.226Z WARNING src\controller\threads/waitforcardthread.hpp:72:bool __cdecl WaitForCardThread::warnAndEmitStatusUpdate(const enum RetriableError,const class std::exception &) - Command "INSERT_CARD" retriable error "SMART_CARD_CHANGE_REQUIRED": Either authentication or signing token is missing in src\electronic-ids\pkcs11\Pkcs11ElectronicID.cpp:212:Pkcs11ElectronicID
2023-07-12T07:56:04.280Z WARNING src\controller\threads/waitforcardthread.hpp:72:bool __cdecl WaitForCardThread::warnAndEmitStatusUpdate(const enum RetriableError,const class std::exception &) - Command "INSERT_CARD" retriable error "SMART_CARD_CHANGE_REQUIRED": Either authentication or signing token is missing in src\electronic-ids\pkcs11\Pkcs11ElectronicID.cpp:212:Pkcs11ElectronicID
2023-07-12T07:56:09.232Z WARNING src\controller\threads/waitforcardthread.hpp:72:bool __cdecl WaitForCardThread::warnAndEmitStatusUpdate(const enum RetriableError,const class std::exception &) - Command "INSERT_CARD" retriable error "SMART_CARD_CHANGE_REQUIRED": Either authentication or signing token is missing in src\electronic-ids\pkcs11\Pkcs11ElectronicID.cpp:212:Pkcs11ElectronicID
2023-07-12T07:56:14.119Z WARNING src\controller\threads/waitforcardthread.hpp:72:bool __cdecl WaitForCardThread::warnAndEmitStatusUpdate(const enum RetriableError,const class std::exception &) - Command "INSERT_CARD" retriable error "SMART_CARD_CHANGE_REQUIRED": Either authentication or signing token is missing in src\electronic-ids\pkcs11\Pkcs11ElectronicID.cpp:212:Pkcs11ElectronicID
2023-07-12T07:56:19.018Z WARNING src\controller\threads/waitforcardthread.hpp:72:bool __cdecl WaitForCardThread::warnAndEmitStatusUpdate(const enum RetriableError,const class std::exception &) - Command "INSERT_CARD" retriable error "SMART_CARD_CHANGE_REQUIRED": Either authentication or signing token is missing in src\electronic-ids\pkcs11\Pkcs11ElectronicID.cpp:212:Pkcs11ElectronicID
2023-07-12T07:56:23.895Z WARNING src\controller\threads/waitforcardthread.hpp:72:bool __cdecl WaitForCardThread::warnAndEmitStatusUpdate(const enum RetriableError,const class std::exception &) - Command "INSERT_CARD" retriable error "SMART_CARD_CHANGE_REQUIRED": Either authentication or signing token is missing in src\electronic-ids\pkcs11\Pkcs11ElectronicID.cpp:212:Pkcs11ElectronicID

@mrts
Copy link
Member

mrts commented Jul 13, 2023
edited

Thanks a lot for testing!

Either authentication or signing token is missing means that web-eid cannot find both the signing and authentication certificates on the card. Currently, the assumption of the PKCS#11 module is that both certificates are required.

Do you also see Failed to find extended key usage extension from certificate or any other errors regarding the certificate somewhere in the logs? Does your card have 2 certificates? Is it an old card from 2015? One Belgian user reported similar problems with the old card that contained a non-standard authentication certificate.

@mrts
Copy link
Member

mrts commented Jul 14, 2023
edited

One more thing, can you please turn on Belgian eID middleware logging while testing and copy-paste the errors from these logs as well in case there are any? Quoting the docs:

For extra logging, set the log_level configuration option to 'debug'
as follows:

  • On Windows: create the following REG_DWORD and set its value to 1:
    HKEY_CURRENT_USER\Software\BEID\logging\log_level
  • On Linux: create/edit the file ~/.config/beid.conf to add the following:
    [logging]
    log_level=debug
  • On Mac OS X: create/edit the file ~/Library/Preferences/beid.conf to add the following:
    [logging]
    log_level=debug

The log files can be found:

  • On Windows: <userhome>\Application Data\.BEID_x.log
    with <userhome>: <disk>:\Documents and Settings\<username>\Application Data
  • On Linux, Mac OS X: ~/.BEID_x.log

Also, I will move the issue into libelectronic-id repository where it belongs.

@mrts mrts transferred this issue from web-eid/web-eid-webextension Jul 14, 2023
@RenaudDemarneffe
Copy link
Author

Hi mrts,

Thank you for your comments.

I made a new test as requested into your comments and with the Belgian eID middleware logs enabled.
Here are the results.

I don't see the message Failed to find extended key usage extension from certificate into logs.
The web-eid logs are still the same:

2023-07-14T11:27:13.329Z DEBUG src\controller\application.cpp:162:class std::unique_ptr<struct std::pair<class CommandType,class QMap<class QString,class QVariant> >,struct std::default_delete<struct std::pair<class CommandType,class QMap<class QString,class QVariant> > > > __cdecl Application::parseArgs(void) - Parent window handle is unused "0"
2023-07-14T11:27:13.330Z INFO src\controller\controller.cpp:72:void __cdecl Controller::run(void) - "web-eid" app "2.4.0+1622" running in stdin/stdout mode
2023-07-14T11:27:13.541Z DEBUG src\controller\threads\controllerchildthread.hpp:106:void __cdecl ControllerChildThread::beforeRun(void) - Starting "WaitForCardThread" 1875201862016 for command "INSERT_CARD"
2023-07-14T11:27:17.964Z WARNING src\controller\threads/waitforcardthread.hpp:72:bool __cdecl WaitForCardThread::warnAndEmitStatusUpdate(const enum RetriableError,const class std::exception &) - Command "INSERT_CARD" retriable error "SMART_CARD_CHANGE_REQUIRED": Either authentication or signing token is missing in src\electronic-ids\pkcs11\Pkcs11ElectronicID.cpp:212:Pkcs11ElectronicID
2023-07-14T11:27:22.894Z WARNING src\controller\threads/waitforcardthread.hpp:72:bool __cdecl WaitForCardThread::warnAndEmitStatusUpdate(const enum RetriableError,const class std::exception &) - Command "INSERT_CARD" retriable error "SMART_CARD_CHANGE_REQUIRED": Either authentication or signing token is missing in src\electronic-ids\pkcs11\Pkcs11ElectronicID.cpp:212:Pkcs11ElectronicID
2023-07-14T11:27:27.799Z WARNING src\controller\threads/waitforcardthread.hpp:72:bool __cdecl WaitForCardThread::warnAndEmitStatusUpdate(const enum RetriableError,const class std::exception &) - Command "INSERT_CARD" retriable error "SMART_CARD_CHANGE_REQUIRED": Either authentication or signing token is missing in src\electronic-ids\pkcs11\Pkcs11ElectronicID.cpp:212:Pkcs11ElectronicID
2023-07-14T11:27:32.710Z WARNING src\controller\threads/waitforcardthread.hpp:72:bool __cdecl WaitForCardThread::warnAndEmitStatusUpdate(const enum RetriableError,const class std::exception &) - Command "INSERT_CARD" retriable error "SMART_CARD_CHANGE_REQUIRED": Either authentication or signing token is missing in src\electronic-ids\pkcs11\Pkcs11ElectronicID.cpp:212:Pkcs11ElectronicID
2023-07-14T11:27:37.664Z WARNING src\controller\threads/waitforcardthread.hpp:72:bool __cdecl WaitForCardThread::warnAndEmitStatusUpdate(const enum RetriableError,const class std::exception &) - Command "INSERT_CARD" retriable error "SMART_CARD_CHANGE_REQUIRED": Either authentication or signing token is missing in src\electronic-ids\pkcs11\Pkcs11ElectronicID.cpp:212:Pkcs11ElectronicID
2023-07-14T11:27:42.595Z WARNING src\controller\threads/waitforcardthread.hpp:72:bool __cdecl WaitForCardThread::warnAndEmitStatusUpdate(const enum RetriableError,const class std::exception &) - Command "INSERT_CARD" retriable error "SMART_CARD_CHANGE_REQUIRED": Either authentication or signing token is missing in src\electronic-ids\pkcs11\Pkcs11ElectronicID.cpp:212:Pkcs11ElectronicID
2023-07-14T11:27:47.508Z WARNING src\controller\threads/waitforcardthread.hpp:72:bool __cdecl WaitForCardThread::warnAndEmitStatusUpdate(const enum RetriableError,const class std::exception &) - Command "INSERT_CARD" retriable error "SMART_CARD_CHANGE_REQUIRED": Either authentication or signing token is missing in src\electronic-ids\pkcs11\Pkcs11ElectronicID.cpp:212:Pkcs11ElectronicID
2023-07-14T11:27:52.433Z WARNING src\controller\threads/waitforcardthread.hpp:72:bool __cdecl WaitForCardThread::warnAndEmitStatusUpdate(const enum RetriableError,const class std::exception &) - Command "INSERT_CARD" retriable error "SMART_CARD_CHANGE_REQUIRED": Either authentication or signing token is missing in src\electronic-ids\pkcs11\Pkcs11ElectronicID.cpp:212:Pkcs11ElectronicID
2023-07-14T11:27:57.350Z WARNING src\controller\threads/waitforcardthread.hpp:72:bool __cdecl WaitForCardThread::warnAndEmitStatusUpdate(const enum RetriableError,const class std::exception &) - Command "INSERT_CARD" retriable error "SMART_CARD_CHANGE_REQUIRED": Either authentication or signing token is missing in src\electronic-ids\pkcs11\Pkcs11ElectronicID.cpp:212:Pkcs11ElectronicID
2023-07-14T11:28:02.241Z WARNING src\controller\threads/waitforcardthread.hpp:72:bool __cdecl WaitForCardThread::warnAndEmitStatusUpdate(const enum RetriableError,const class std::exception &) - Command "INSERT_CARD" retriable error "SMART_CARD_CHANGE_REQUIRED": Either authentication or signing token is missing in src\electronic-ids\pkcs11\Pkcs11ElectronicID.cpp:212:Pkcs11ElectronicID
2023-07-14T11:28:07.175Z WARNING src\controller\threads/waitforcardthread.hpp:72:bool __cdecl WaitForCardThread::warnAndEmitStatusUpdate(const enum RetriableError,const class std::exception &) - Command "INSERT_CARD" retriable error "SMART_CARD_CHANGE_REQUIRED": Either authentication or signing token is missing in src\electronic-ids\pkcs11\Pkcs11ElectronicID.cpp:212:Pkcs11ElectronicID
2023-07-14T11:28:12.077Z WARNING src\controller\threads/waitforcardthread.hpp:72:bool __cdecl WaitForCardThread::warnAndEmitStatusUpdate(const enum RetriableError,const class std::exception &) - Command "INSERT_CARD" retriable error "SMART_CARD_CHANGE_REQUIRED": Either authentication or signing token is missing in src\electronic-ids\pkcs11\Pkcs11ElectronicID.cpp:212:Pkcs11ElectronicID
2023-07-14T11:28:17.002Z WARNING src\controller\threads/waitforcardthread.hpp:72:bool __cdecl WaitForCardThread::warnAndEmitStatusUpdate(const enum RetriableError,const class std::exception &) - Command "INSERT_CARD" retriable error "SMART_CARD_CHANGE_REQUIRED": Either authentication or signing token is missing in src\electronic-ids\pkcs11\Pkcs11ElectronicID.cpp:212:Pkcs11ElectronicID
2023-07-14T11:28:21.935Z WARNING src\controller\threads/waitforcardthread.hpp:72:bool __cdecl WaitForCardThread::warnAndEmitStatusUpdate(const enum RetriableError,const class std::exception &) - Command "INSERT_CARD" retriable error "SMART_CARD_CHANGE_REQUIRED": Either authentication or signing token is missing in src\electronic-ids\pkcs11\Pkcs11ElectronicID.cpp:212:Pkcs11ElectronicID
2023-07-14T11:28:26.839Z WARNING src\controller\threads/waitforcardthread.hpp:72:bool __cdecl WaitForCardThread::warnAndEmitStatusUpdate(const enum RetriableError,const class std::exception &) - Command "INSERT_CARD" retriable error "SMART_CARD_CHANGE_REQUIRED": Either authentication or signing token is missing in src\electronic-ids\pkcs11\Pkcs11ElectronicID.cpp:212:Pkcs11ElectronicID
2023-07-14T11:28:31.739Z WARNING src\controller\threads/waitforcardthread.hpp:72:bool __cdecl WaitForCardThread::warnAndEmitStatusUpdate(const enum RetriableError,const class std::exception &) - Command "INSERT_CARD" retriable error "SMART_CARD_CHANGE_REQUIRED": Either authentication or signing token is missing in src\electronic-ids\pkcs11\Pkcs11ElectronicID.cpp:212:Pkcs11ElectronicID
2023-07-14T11:28:36.650Z WARNING src\controller\threads/waitforcardthread.hpp:72:bool __cdecl WaitForCardThread::warnAndEmitStatusUpdate(const enum RetriableError,const class std::exception &) - Command "INSERT_CARD" retriable error "SMART_CARD_CHANGE_REQUIRED": Either authentication or signing token is missing in src\electronic-ids\pkcs11\Pkcs11ElectronicID.cpp:212:Pkcs11ElectronicID
2023-07-14T11:28:41.563Z WARNING src\controller\threads/waitforcardthread.hpp:72:bool __cdecl WaitForCardThread::warnAndEmitStatusUpdate(const enum RetriableError,const class std::exception &) - Command "INSERT_CARD" retriable error "SMART_CARD_CHANGE_REQUIRED": Either authentication or signing token is missing in src\electronic-ids\pkcs11\Pkcs11ElectronicID.cpp:212:Pkcs11ElectronicID
2023-07-14T11:28:46.481Z WARNING src\controller\threads/waitforcardthread.hpp:72:bool __cdecl WaitForCardThread::warnAndEmitStatusUpdate(const enum RetriableError,const class std::exception &) - Command "INSERT_CARD" retriable error "SMART_CARD_CHANGE_REQUIRED": Either authentication or signing token is missing in src\electronic-ids\pkcs11\Pkcs11ElectronicID.cpp:212:Pkcs11ElectronicID
2023-07-14T11:28:51.408Z WARNING src\controller\threads/waitforcardthread.hpp:72:bool __cdecl WaitForCardThread::warnAndEmitStatusUpdate(const enum RetriableError,const class std::exception &) - Command "INSERT_CARD" retriable error "SMART_CARD_CHANGE_REQUIRED": Either authentication or signing token is missing in src\electronic-ids\pkcs11\Pkcs11ElectronicID.cpp:212:Pkcs11ElectronicID
2023-07-14T11:28:56.341Z WARNING src\controller\threads/waitforcardthread.hpp:72:bool __cdecl WaitForCardThread::warnAndEmitStatusUpdate(const enum RetriableError,const class std::exception &) - Command "INSERT_CARD" retriable error "SMART_CARD_CHANGE_REQUIRED": Either authentication or signing token is missing in src\electronic-ids\pkcs11\Pkcs11ElectronicID.cpp:212:Pkcs11ElectronicID
2023-07-14T11:29:01.260Z WARNING src\controller\threads/waitforcardthread.hpp:72:bool __cdecl WaitForCardThread::warnAndEmitStatusUpdate(const enum RetriableError,const class std::exception &) - Command "INSERT_CARD" retriable error "SMART_CARD_CHANGE_REQUIRED": Either authentication or signing token is missing in src\electronic-ids\pkcs11\Pkcs11ElectronicID.cpp:212:Pkcs11ElectronicID
2023-07-14T11:29:05.074Z DEBUG src\controller\controller.cpp:336:void __cdecl Controller::onDialogCancel(void) - User cancelled
2023-07-14T11:29:05.074Z DEBUG src\controller\controller.cpp:58:void __cdecl `anonymous-namespace'::interruptThread(class QThread *) - Interrupting thread 1875201862016
2023-07-14T11:29:06.151Z WARNING src\controller\threads/waitforcardthread.hpp:72:bool __cdecl WaitForCardThread::warnAndEmitStatusUpdate(const enum RetriableError,const class std::exception &) - Command "INSERT_CARD" retriable error "SMART_CARD_CHANGE_REQUIRED": Either authentication or signing token is missing in src\electronic-ids\pkcs11\Pkcs11ElectronicID.cpp:212:Pkcs11ElectronicID
2023-07-14T11:29:06.151Z INFO src\controller\threads\controllerchildthread.hpp:47:void __cdecl ControllerChildThread::run(void) - "WaitForCardThread" 1875201862016 for command "INSERT_CARD" completed successfully
2023-07-14T11:29:06.155Z DEBUG src\controller\threads\controllerchildthread.hpp:97:__cdecl ControllerChildThread::~ControllerChildThread(void) - "WaitForCardThread" 1875201862016 destroyed

The Belgian eID logs are the following:

2023-07-14 13:27:14 - 612|18652 - cardlayer - CRITICAL: Failed to get CardData: 0xe1d00200
2023-07-14 13:27:14 - 612|18652 - cardlayer - CRITICAL: Failed to get CardData: 0xe1d00200
2023-07-14 13:27:17 - 612|18652 - cardlayer - CRITICAL: Failed to get CardData: 0xe1d00200
2023-07-14 13:27:19 - 612|18652 - cardlayer - CRITICAL: Failed to get CardData: 0xe1d00200
2023-07-14 13:27:19 - 612|18652 - cardlayer - CRITICAL: Failed to get CardData: 0xe1d00200
2023-07-14 13:27:22 - 612|18652 - cardlayer - CRITICAL: Failed to get CardData: 0xe1d00200

My card only has two certificates, but it was issued during 2015.
image
The problem is probably the same as the other Belgian user.

What do you understand by 'non-standard authentication certificate'? How can I chek if my certificate is a standard one or not?

@RenaudDemarneffe
Copy link
Author

I checked into the Belgian eID middleware and found the following card types (https://github.com/Fedict/eid-mw/blob/7d08e590c2976053ad51d9a05f75903e66df9292/cardcomm/pkcs11/src/p11.h#L118):

{ "3B9813400AA503010101AD1311",						"BE eid",						CARD_TYPE_BEID },		      \
{ "3B9894400AA503010101AD1310",						"BE eid",						CARD_TYPE_BEID },		      \
{ "3B989440FFA503010101AD1310",						"BE eid",						CARD_TYPE_BEID },		      \
{ "3BBA96008131865D0064057B0203318090007D",		"Telesec",				   	CARD_TYPE_TELESEC},	      \
{ "3BBA96008131865D0064056002033180900066",		"Telesec",				   	CARD_TYPE_TELESEC },       \
{ "3BA70040148065A214010137",						   "?Gemplus GPK4000",        CARD_TYPE_GEMPLUS },       \
{ "3B7D94000080318065B08301029083009000",			"?Gemplus XPresso 32K",    CARD_TYPE_NOTSUPPORTED },  \
{ "3BBF96008131FE5D00640411030131C073F701D00090007D", "Telesec TCOS 3.0",  CARD_TYPE_TELESEC_30 },

Only the first one is listed into your library.

Into the following file into the Belgian middleware https://github.com/Fedict/eid-mw/blob/7d08e590c2976053ad51d9a05f75903e66df9292/installers/eid-mw/Windows/Product64.wxs#L234, you can find the BelEIDV1_7 and BelEIDV1_8 tokens (see 'ATR' attributes) that are registered into your library but for the BelEIDV1_7, there's an 'ATRMask' attribute that allow hiding some parts of the token. The problem is probably comming from there.

Is it possible to add the same mask into your library?

@RenaudDemarneffe RenaudDemarneffe mentioned this issue Jul 15, 2023
Draft
@RenaudDemarneffe
Copy link
Author

Hi mrts,

I checked into the Windows registry and found the ATR token. As stated above, there's a mask.
image

I've created a PR to apply the mask when checking tokens. Could you check this and see if my analysis is correct?
Thank you very much.

@mrts
Copy link
Member

mrts commented Jul 17, 2023
edited

Thank you! We will continue with this during the v2.5 development cycle which will begin in August.

@kristelmerilain
Copy link

Unfortunately we have not had the chance to investigate this issue during the v2.5 development cycle.
We will look in to it as soon as possible.

@RenaudDemarneffe
Copy link
Author

When is planned the v2.5 development cycle because I need this update for one of our project that we will release at the end of year?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@mrts @RenaudDemarneffe @kristelmerilain