Skip to content

Windows - exclusive transaction is only usable for 5 seconds #172

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
Joerger opened this issue May 6, 2025 · 2 comments · May be fixed by #173
Open

Windows - exclusive transaction is only usable for 5 seconds #172

Joerger opened this issue May 6, 2025 · 2 comments · May be fixed by #173

Comments

@Joerger
Copy link

Joerger commented May 6, 2025

On Windows, an exclusive transaction from SCardBeginTransaction is only usable for 5 seconds. After this timeout, all operations will result with SCARD_W_RESET_CARD - "The smart card has been reset, so any shared state information is invalid.".

From the Winscard API docs:

If a transaction is held on the card for more than five seconds with no operations happening on that card, then the card is reset. Calling any of the Smart Card and Reader Access Functions or Direct Card Access Functions on the card that is transacted results in the timer being reset to continue allowing the transaction to be used.

The SCardBeginTransaction function is a smart card and reader access function. For more information about other access functions, see Smart Card and Reader Access Functions.

To resolve this, the caller must refresh the transaction with SCardReconnect.

From the Winscard API docs:

The SCardReconnect function reestablishes an existing connection between the calling application and a smart card. This function moves a card handle from direct access to general access, or acknowledges and clears an error condition that is preventing further access to the card.

I've validated that this approach works and am working on preparing a PR.

Related downstream issues:
@ericchiang
Copy link
Collaborator

Probably time to finally do #108 ?

@Joerger
Copy link
Author

Joerger commented May 6, 2025

Probably time to finally do #108 ?

That's been on my radar as it would be useful alongside application-side PIN caching. Do you plan on completing that PR or do you need someone to take it over (I may or may not have the bandwidth for it at the moment).

That said, supporting refreshing exclusive transactions will still be useful with PIV internal PIN caching. How would you like to see this implemented? Should this be an automatic retry mechanism on SCARD_W_RESET_CARD, e.g. within func (t *scTx) Transmit?

This was referenced May 7, 2025
Open
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Try to reconnect transaction on SCARD_W_RESET_CARD error Joerger/piv-go
2 participants
@ericchiang @Joerger