[Pcsclite-muscle] Trouble using Yubikey 5 NFC
Sebastien Requiem
sebastien at canihaz.net
Wed Apr 19 23:34:50 PDT 2023
On Wed, Apr 19, 2023, at 10:20 PM, Ludovic Rousseau wrote:
> Le mer. 19 avr. 2023 à 19:32, Sebastien Requiem
> <sebastien at canihaz.net> a écrit :
>> Since the middleware is scdaemon from gnupg, it is futile to offer a patch that modifies the communication protocol so that extended payload would be made by short apdu (multiple calls and offset) knowing that the code relies heavily on extended mode and knowing that the middleware cannot know in advance if extended apdu is available on the hardware or not.
>
> The middleware can know if a reader supports, or not, extended APDU.
> See "Extended APDU support reported by PC/SC (part 2)" (from 2012)
> https://ludovicrousseau.blogspot.com/2012/04/extended-apdu-support-reported-by-pcsc.html
Ah! A piece of information that I was missing when doing my research. And I believe that this discussion got spurred EXACTLY for the same reason that the feature has been implemented. (ie: clients sending long APDU to devices that dont support it).
I can now dedicate a bit of time to submit a patch for scdaemon if technically feasible.
>> I ended up shifting from RSA4096 to ECC 25519 which reduces the key size and everything works as expected now.
>
> That is a solution :-)
If you cannot go to the sea, make the sea come to you :-)
> If you are looking for a contactless reader that supports extended
> APDU you can have a look at this list:
> https://ccid.apdu.fr/select_readers/index.html?features=contactless&dwFeatures%E2%89%A013
Thanks for that and the assistance on the issue.
--
More information about the pcsclite-muscle
mailing list