So I’ve got to fill in my taxes, and to do this in Belgium, we need to use our ID card. Well we can use a phone app too, but to use this app we have to register… using our ID card… \u00af\\_(\u30c4)_\/\u00af<\/p>\n
Last time I tested, this didn’t work well on FreeBSD, but I didn’t look too much into it and perhaps things changed since then. Also, like always, I refuse to do this on another OS where I know it works, that would be far too easy!<\/p>\n
So we should install the PC\/SC-Lite architecture to be able to read the cards and the beid middleware so we can use the card. Fortunately, beid<\/i> is in the ports so we can just install it:<\/p>\n This will also install pcsc-lite. The package messages tell us that we must:<\/p>\n Let’s do just all of that!<\/p>\n My card reader is a DunnoWhat-Random-USB-Card-Reader, perhaps devel\/libccid<\/i> should do? For some reason, this is not available in the packages but only via ports:<\/p>\n Does it work tho? Let’s find out!<\/p>\n So our card reader is on the USB port ugen0.6. We run pcscd<\/i> to see if it’s detected properly:<\/p>\n Sweet, so it appears to be detected and working with CCID. However if I run eid-viewer<\/i>, it doesn’t work. Looking at pcscd info, it looks like the power up of the card failed:<\/p>\n Searching a bit over the internet, I’ve found this bug report<\/a> and it seems that we have to tweak the CCID driver a little.<\/p>\n Edit \/usr\/local\/lib\/pcsc\/drivers\/ifd-ccid.bundle\/Contents\/Info.plist<\/i> and search for <key>ifdDriverOptions<\/key><\/i>. By default it is set to 0x0000<\/i> which, if you read the description belows, means that it tries to power on the card at 5V, then 1.8V then 3V. But apparently this doesn’t work with my particular card reader. Instead I let the card reader decide, change the value to 0x0030<\/i>:<\/p>\n Restart pcscd ( First, let’s enable pcscd at boot in \/etc\/rc.conf<\/i> with Now we need to configure devd<\/i> as described by the pcsc-lite<\/i> package message ( The -H<\/i> option is to re-read some configuration files in case of a non-USB reader. You can probably remove them.<\/p>\n Now let’s restart everything we need and check that it still works:<\/p>\n Check that it works with the eid-viewer<\/i>. <\/p>\n It’s probable that you already have procfs mounted because it’s needed by a lot of other ports. But if you didn’t, just add this line to \/etc\/fstab<\/i><\/p>\n and then just If you use Firefox, you are looking for this extension<\/a>. It should work after you have restarted Firefox.<\/p>\n On Chromium there is no extension, instead we work directly with NSS. For beid, the process is straightforward since they provide a script to install the necessary module in NSS. Go in your home directory and start the command beid-update-nssdb<\/i>. Then restart chromium completely and it should work.<\/p>\n Alternatively you can adapt this post<\/a> which explains how to manually update nssdb on Ubuntu. You would have to adapt this to FreeBSD and also use this library \/usr\/local\/lib\/libbeidpkcs11.so.0<\/i> instead of libcac.<\/p>\n You do this.<\/p>\n","protected":false},"excerpt":{"rendered":" So I’ve got to fill in my taxes, and to do this in Belgium, we need to use our ID card. Well we can use a phone app too, but to use this app we have to register… using our … Continue reading pkg install beid\r\n<\/pre>\n
\n
Install drivers for the card reader<\/h2>\n
cd \/usr\/ports\/devel\/libccid\r\nmake install clean\r\n<\/pre>\n
Does the card reader read cards?<\/h2>\n
$ usbconfig\r\n...\r\nugen0.6: <SCM Microsystems Inc. SCR35xx v2.0 USB SC Reader> at usbus0, cfg=0 md=HOST spd=FULL (12Mbps) pwr=ON (100mA)\r\n...\r\n<\/pre>\n
$ pcscd --info --color --foreground\r\n...\r\n00000155 [34366794240] ccid_usb.c:660:OpenUSBByName() Found Vendor\/Product: 04E6\/5410 (SCM Microsystems Inc. SCR 355)\r\n...\r\n<\/pre>\n
...\r\n00000011 [34375102464] ifdhandler.c:1221:IFDHPowerICC() PowerUp failed\r\n...\r\n<\/pre>\n
<key>ifdDriverOptions<\/key>\r\n <string>0x0030<\/string>\r\n<\/pre>\n
pcscd --info --color --foreground<\/code>) and try the card again (eid-viewer<\/code>). In my case, I can see my card details, so I believe this means that the card reader is working well.<\/p>\nHack around devd<\/h2>\n
pcscd_enable=\"YES\"<\/code>.<\/p>\npkg info -D pcsc-lite<\/code>). Add this to \/etc\/devd.conf<\/i>:<\/p>\n\r\nattach 100 {\r\n device-name \"ugen[0-9]+\";\r\n action \"\/usr\/local\/sbin\/pcscd -H\";\r\n};\r\n\r\ndetach 100 {\r\n device-name \"ugen[0-9]+\";\r\n action \"\/usr\/local\/sbin\/pcscd -H\";\r\n};\r\n<\/pre>\n\r\n$ service devd restart\r\n$ service pcscd restart\r\n<\/pre>\n
Mount procfs<\/h2>\n
\r\nproc \/proc procfs rw,late 0 0\r\n<\/pre>\n
mount procfs<\/code>.<\/p>\nInstall the eID Belgium<\/i> extension (for Firefox)<\/h2>\n
Get it to work in Chromium<\/h2>\n
Don’t trust your government<\/h2>\n