[Pcsclite-muscle] Reliable reader names
Sebastien Lorquet
sebastien at lorquet.fr
Thu Nov 30 07:49:15 PST 2023
Hi,
Le 30/11/2023 à 15:54, Andreas Schwier a écrit :
> We are using that to connect SmartCard-HSMs automatically to cloud
> services during system startup. Ideally we would spawn the connect
> process based on USB activation, but then we would need to bypass
> pcscd. Instead we create systemd units that connect a certain
> SmartCard-HSM with a specified URL. In the systemd unit we specify the
> reader name.
The best option is not to do that. We have this exact situation at my
company and we dont have to deal with reader names, at all.
We just scan all readers and identify cards in them. We have some
polling in place to identify removal and insertion of new cards.
Identification is very easy to do in your case, since your know your
card and you can select proper probing commands (select application?)
instead of relying on the ATR.
This allows you to identify cards by serial number or other card
identifier, and use that in your config files and URLs. This has the
advantage of being completely independent of the reader, you can
identify the card in *any* reader.
This is a better technique, because what you care about are *cards* not
readers.
(When a reader contains an unknown card, or no card, just release the
reader so it can be used for something else.)
Sebastien
More information about the pcsclite-muscle
mailing list