SCM SPR332 PIN entry doesn't work
Maciej S. Szmigiero
mail at maciej.szmigiero.name
Sun Jan 28 22:02:39 CET 2018
On 21.01.2018 00:16, Maciej S. Szmigiero wrote:
> On 14.01.2018 01:01, Maciej S. Szmigiero wrote:
>> Hi all,
>>
>> I've just received a SCM SPR332 from FLOSS-Shop (marked as "SPR332 V2"
>> on its bottom side) and while its basic reader functionality seems to work
>> just fine I can't get the secure PIN entry mode to work at all.
>>
>> I've tried two different OpenPGP cards, tried both GnuPG built-in CCID
>> driver and the pcsc-lite one to no avail.
>>
>> I've even tried the latest vendor Windows driver (with OpenSC and a constant
>> length PIN verify operation), but the behavior in each of these setups was
>> always the same:
>> Upon typing and accepting a PIN the "key" LED on the reader continues to
>> blink for a few seconds, then the reader responds with "64 00" result at
>> the USB interface level (which is probably the code for
>> "SPE [Secure PIN Entry] operation timed out" error) and then it doesn't
>> want to communicate with the card anymore.
>>
>> A relevant log snippet from GnuPG built-in CCID driver:
>> DBG: prompting for pinpad entry '||Please unlock the card%0A%0A
Number: 0005 00005B0E%0AHolder: '
>> DBG: ccid-driver: sending escape sequence to switch to a case 1 APDU
>> DBG: ccid-driver: PC_to_RDR_Escape:
>> DBG: ccid-driver: dwLength ..........: 3
>> DBG: ccid-driver: bSlot .............: 0
>> DBG: ccid-driver: bSeq ..............: 56
>> DBG: ccid-driver: [0007] 00 00 00 80 02 00
>> DBG: ccid-driver: RDR_to_PC_Escape:
>> DBG: ccid-driver: dwLength ..........: 0
>> DBG: ccid-driver: bSlot .............: 0
>> DBG: ccid-driver: bSeq ..............: 56
>> DBG: ccid-driver: bStatus ...........: 0
>> DBG: ccid-driver: buffer[9] .........: 00
>> DBG: ccid-driver: PC_to_RDR_Secure:
>> DBG: ccid-driver: dwLength ..........: 19
>> DBG: ccid-driver: bSlot .............: 0
>> DBG: ccid-driver: bSeq ..............: 57
>> DBG: ccid-driver: bBMI ..............: 0x00
>> DBG: ccid-driver: wLevelParameter ...: 0x0000
>> DBG: ccid-driver: [0010] 00 00 82 00 00 19
>> DBG: ccid-driver: [0016] 06 02 01 09 04 00 00 00 00 00 20 00 82
>> DBG: ccid-driver: RDR_to_PC_DataBlock:
>> DBG: ccid-driver: dwLength ..........: 2
>> DBG: ccid-driver: bSlot .............: 0
>> DBG: ccid-driver: bSeq ..............: 57
>> DBG: ccid-driver: bStatus ...........: 0
>> DBG: ccid-driver: [0010] 64 00
>> DBG: dismiss pinpad entry prompt
>> verify CHV2 failed: Operation cancelled
>> app_check_pin failed: Operation cancelled
>> DBG: ccid-driver: PC_to_RDR_XfrBlock:
>> DBG: ccid-driver: dwLength ..........: 9
>> DBG: ccid-driver: bSlot .............: 0
>> DBG: ccid-driver: bSeq ..............: 58
>> DBG: ccid-driver: bBWI ..............: 0x04
>> DBG: ccid-driver: wLevelParameter ...: 0x0000
>> DBG: ccid-driver: [0010] 00 00 05 00 CA 00
>> DBG: ccid-driver: [0016] 6E 00 A1
>> DBG: ccid-driver: usb_bulk_read error: LIBUSB_ERROR_TIMEOUT
>> ccid_transceive failed: (0x1000a)
>> apdu_send_simple(0) failed: card I/O error
>> DBG: ccid-driver: PC_to_RDR_XfrBlock:
>> DBG: ccid-driver: dwLength ..........: 9
>> DBG: ccid-driver: bSlot .............: 0
>> DBG: ccid-driver: bSeq ..............: 59
>> DBG: ccid-driver: bBWI ..............: 0x04
>> DBG: ccid-driver: wLevelParameter ...: 0x0000
>> DBG: ccid-driver: [0010] 00 00 05 00 CA 00
>> DBG: ccid-driver: [0016] C5 00 0A
>> DBG: ccid-driver: usb_bulk_read error: LIBUSB_ERROR_TIMEOUT
>> ccid_transceive failed: (0x1000a)
>> apdu_send_simple(0) failed: card I/O error
>>
>> I've tried also an EMV card with this reader, the behavior
>> is slightly different in this case: the typed PIN is accepted
>> immediately, but "00 82 00 82" T=1 protocol error is returned
>> at the USB interface level.
>> And the card communication still works after this.
>>
>> The same cards (two OpenPGP ones and one EMV) accept PIN input without
>> problems using exactly the same software setup when driven by a
>> different PIN pad reader (a HP smart card keyboard).
>>
>> What's interesting is that the reader reports firmware version 7.0
>> while all the references I could find talk about firmware version 6.01.
>>
>> The vendor Windows driver also has a firmware version check utility
>> that explicitly checks for firmware version 6.01 (unfortunately,
>> it is just a checking tool without up- or down-grade capability).
>>
>> Now, I wonder: did anybody earlier spotted a similar behavior with this
>> or other SCM/Identiv readers?
>> Or is it possible that this reader is loaded with some non-standard
>> firmware?
>> It reports as "SPRx32 USB Smart Card Reader", which suggests the firmware
>> should be common with a well-tested SPR532 model.
>
> Has anybody used this reader as a PIN pad successfully or had similar
> issues?
>
For posterity's sake: after contacting FLOSS-Shop the problem turned out
to be caused by the reader firmware (version 7.0).
If somebody encounters a similar problem in the future please contact
your seller or Identive to get an updated firmware (the working one is
marked version 7.01 build 1.53).
Maciej
More information about the Gnupg-users
mailing list