OpenSC Crash when using `dnie-tool`

I am using OpenSC 0.26.1 on a MacBook M1 running macOS 15.4.

When I connect my Spanish DNIe, and try to run dnie-tool, it works fine. But it crashes if I provide my PIN. Similarly, Firefox crashes if I try to Log In the SmartCard reader in the Security Devices page.

$  dnie-tool --pin XXXXXXXXX --all -vvvvvv
P:6265; T:0x8481770560 02:03:23.313 [dnie-tool] ctx.c:981:sc_context_create: ===================================
P:6265; T:0x8481770560 02:03:23.314 [dnie-tool] ctx.c:982:sc_context_create: OpenSC version: 0.26.1
P:6265; T:0x8481770560 02:03:23.314 [dnie-tool] ctx.c:983:sc_context_create: Configured for dnie-tool (/Library/OpenSC/bin/dnie-tool)
P:6265; T:0x8481770560 02:03:23.314 [dnie-tool] ctx.c:858:sc_openssl3_init: Failed to load OpenSSL Legacy provider
P:6265; T:0x8481770560 02:03:23.314 [dnie-tool] reader-pcsc.c:890:pcsc_init: PC/SC options: connect_exclusive=0 disconnect_action=0 transaction_end_action=0 reconnect_action=0 enable_pinpad=1 enable_pace=1
P:6265; T:0x8481770560 02:03:23.317 [dnie-tool] reader-pcsc.c:1390:pcsc_detect_readers: called
P:6265; T:0x8481770560 02:03:23.317 [dnie-tool] reader-pcsc.c:1403:pcsc_detect_readers: Probing PC/SC readers
P:6265; T:0x8481770560 02:03:23.317 [dnie-tool] reader-pcsc.c:1456:pcsc_detect_readers: Establish PC/SC context
P:6265; T:0x8481770560 02:03:23.335 [dnie-tool] reader-pcsc.c:1339:pcsc_add_reader: Adding new PC/SC reader 'HID Global OMNIKEY 3x21 Smart Card Reader'
P:6265; T:0x8481770560 02:03:23.335 [dnie-tool] reader-pcsc.c:364:refresh_attributes: HID Global OMNIKEY 3x21 Smart Card Reader check
P:6265; T:0x8481770560 02:03:23.337 [dnie-tool] reader-pcsc.c:410:refresh_attributes: current  state: 0x00000122
P:6265; T:0x8481770560 02:03:23.337 [dnie-tool] reader-pcsc.c:411:refresh_attributes: previous state: 0x00000000
P:6265; T:0x8481770560 02:03:23.337 [dnie-tool] reader-pcsc.c:466:refresh_attributes: card present, changed
P:6265; T:0x8481770560 02:03:23.338 [dnie-tool] reader-pcsc.c:1557:pcsc_detect_readers: HID Global OMNIKEY 3x21 Smart Card Reader:SCardConnect(SHARED): 0x00000000
P:6265; T:0x8481770560 02:03:23.338 [dnie-tool] reader-pcsc.c:1138:detect_reader_features: called
P:6265; T:0x8481770560 02:03:23.338 [dnie-tool] reader-pcsc.c:1140:detect_reader_features: Requesting reader features ...
P:6265; T:0x8481770560 02:03:23.338 [dnie-tool] reader-pcsc.c:1158:detect_reader_features: Reader feature 12 found
P:6265; T:0x8481770560 02:03:23.338 [dnie-tool] reader-pcsc.c:1158:detect_reader_features: Reader feature 06 found
P:6265; T:0x8481770560 02:03:23.338 [dnie-tool] reader-pcsc.c:1158:detect_reader_features: Reader feature 07 found
P:6265; T:0x8481770560 02:03:23.338 [dnie-tool] reader-pcsc.c:1158:detect_reader_features: Reader feature 0a found
P:6265; T:0x8481770560 02:03:23.338 [dnie-tool] reader-pcsc.c:1158:detect_reader_features: Reader feature 13 found
P:6265; T:0x8481770560 02:03:23.338 [dnie-tool] reader-pcsc.c:1178:detect_reader_features: Reader feature 13 is not supported
P:6265; T:0x8481770560 02:03:23.338 [dnie-tool] reader-pcsc.c:1186:detect_reader_features: Reader supports pinpad PIN verification
P:6265; T:0x8481770560 02:03:23.338 [dnie-tool] reader-pcsc.c:1196:detect_reader_features: Reader supports pinpad PIN modification
P:6265; T:0x8481770560 02:03:23.338 [dnie-tool] reader-pcsc.c:1118:part10_get_vendor_product: id_vendor=076b id_product=3031
P:6265; T:0x8481770560 02:03:23.338 [dnie-tool] reader-pcsc.c:1209:detect_reader_features: HID Global OMNIKEY 3x21 Smart Card Reader is not pinpad reader, ignoring
P:6265; T:0x8481770560 02:03:23.338 [dnie-tool] reader-pcsc.c:1237:detect_reader_features: Reader does not have a display.
P:6265; T:0x8481770560 02:03:23.338 [dnie-tool] reader-pcsc.c:1079:part10_detect_max_data: get dwMaxAPDUDataSize property returned 261
P:6265; T:0x8481770560 02:03:23.338 [dnie-tool] reader-pcsc.c:1118:part10_get_vendor_product: id_vendor=076b id_product=3031
P:6265; T:0x8481770560 02:03:23.338 [dnie-tool] reader-pcsc.c:1286:detect_reader_features: Reader supports sending 261 bytes of data
P:6265; T:0x8481770560 02:03:23.338 [dnie-tool] reader-pcsc.c:1299:detect_reader_features: Reader supports receiving 261 bytes of data
P:6265; T:0x8481770560 02:03:23.339 [dnie-tool] reader-pcsc.c:1572:pcsc_detect_readers: returning with: 0 (Success)
P:6265; T:0x8481770560 02:03:23.339 [dnie-tool] sc.c:339:sc_detect_card_presence: called
P:6265; T:0x8481770560 02:03:23.339 [dnie-tool] reader-pcsc.c:474:pcsc_detect_card_presence: called
P:6265; T:0x8481770560 02:03:23.339 [dnie-tool] reader-pcsc.c:364:refresh_attributes: HID Global OMNIKEY 3x21 Smart Card Reader check
P:6265; T:0x8481770560 02:03:23.339 [dnie-tool] reader-pcsc.c:389:refresh_attributes: returning with: 0 (Success)
P:6265; T:0x8481770560 02:03:23.339 [dnie-tool] reader-pcsc.c:482:pcsc_detect_card_presence: returning with: 5
P:6265; T:0x8481770560 02:03:23.339 [dnie-tool] sc.c:350:sc_detect_card_presence: returning with: 5
Using reader with a card: HID Global OMNIKEY 3x21 Smart Card Reader
P:6265; T:0x8481770560 02:03:23.339 [dnie-tool] sc.c:339:sc_detect_card_presence: called
P:6265; T:0x8481770560 02:03:23.339 [dnie-tool] reader-pcsc.c:474:pcsc_detect_card_presence: called
P:6265; T:0x8481770560 02:03:23.339 [dnie-tool] reader-pcsc.c:364:refresh_attributes: HID Global OMNIKEY 3x21 Smart Card Reader check
P:6265; T:0x8481770560 02:03:23.340 [dnie-tool] reader-pcsc.c:389:refresh_attributes: returning with: 0 (Success)
P:6265; T:0x8481770560 02:03:23.340 [dnie-tool] reader-pcsc.c:482:pcsc_detect_card_presence: returning with: 5
P:6265; T:0x8481770560 02:03:23.340 [dnie-tool] sc.c:350:sc_detect_card_presence: returning with: 5
Connecting to card in reader HID Global OMNIKEY 3x21 Smart Card Reader...
P:6265; T:0x8481770560 02:03:23.340 [dnie-tool] card.c:254:sc_connect_card: called
P:6265; T:0x8481770560 02:03:23.340 [dnie-tool] reader-pcsc.c:613:pcsc_connect: called
P:6265; T:0x8481770560 02:03:23.340 [dnie-tool] reader-pcsc.c:364:refresh_attributes: HID Global OMNIKEY 3x21 Smart Card Reader check
P:6265; T:0x8481770560 02:03:23.340 [dnie-tool] reader-pcsc.c:389:refresh_attributes: returning with: 0 (Success)
P:6265; T:0x8481770560 02:03:23.341 [dnie-tool] reader-pcsc.c:645:pcsc_connect: Initial protocol: T=0
P:6265; T:0x8481770560 02:03:23.341 [dnie-tool] card-dnie.c:737:dnie_match_card: called
P:6265; T:0x8481770560 02:03:23.341 [dnie-tool] card-dnie.c:740:dnie_match_card: returning with: 1
P:6265; T:0x8481770560 02:03:23.341 [dnie-tool] card-dnie.c:841:dnie_init: called
P:6265; T:0x8481770560 02:03:23.341 [dnie-tool] cwa14890.c:2170:cwa_get_default_provider: called
P:6265; T:0x8481770560 02:03:23.341 [dnie-tool] cwa14890.c:1132:cwa_create_secure_channel: called
P:6265; T:0x8481770560 02:03:23.341 [dnie-tool] cwa14890.c:1138:cwa_create_secure_channel: Setting CWA SM status to none
P:6265; T:0x8481770560 02:03:23.341 [dnie-tool] cwa14890.c:1139:cwa_create_secure_channel: returning with: 0 (Success)
P:6265; T:0x8481770560 02:03:23.341 [dnie-tool] card-dnie.c:879:dnie_init: returning with: 0 (Success)
P:6265; T:0x8481770560 02:03:23.341 [dnie-tool] card.c:385:sc_connect_card: card info name:'dnie', type:27003, flags:0x0, max_send/recv_size:243/255
P:6265; T:0x8481770560 02:03:23.341 [dnie-tool] card.c:1674:sc_card_sm_check: called
P:6265; T:0x8481770560 02:03:23.341 [dnie-tool] card.c:1679:sc_card_sm_check: returning with: 0 (Success)
P:6265; T:0x8481770560 02:03:23.342 [dnie-tool] card.c:397:sc_connect_card: returning with: 0 (Success)
Using card driver DNIe: Spanish eID card.
P:6265; T:0x8481770560 02:03:23.342 [dnie-tool] card.c:471:sc_lock: called
P:6265; T:0x8481770560 02:03:23.342 [dnie-tool] reader-pcsc.c:692:pcsc_lock: called
P:6265; T:0x8481770560 02:03:23.342 [dnie-tool] card.c:513:sc_lock: returning with: 0 (Success)
P:6265; T:0x8481770560 02:03:23.342 [dnie-tool] sec.c:203:sc_pin_cmd: called
dnie-tool(6265,0x1f98d8c40) malloc: *** error for object 0x16ce0965b: pointer being freed was not allocated
dnie-tool(6265,0x1f98d8c40) malloc: *** set a breakpoint in malloc_error_break to debug
[1]    6265 abort      dnie-tool --pin XXXXXXXXX --all -vvvvvv

Apr 06 '25 00:04 cprecioso

as we don't have a card for testing, you need to do the debugging on your own.

check out opensc from git
install all requirements via brew
compile OpenSC with debug symbols, ie CFLAGS="-g -O0"
rerun dnie-tool within ldb to get a backtrace on the actual memory problem

Apr 07 '25 10:04 frankmorgner

as we don't have a card for testing, you need to do the debugging on your own.

check out opensc from git

install all requirements via brew

compile OpenSC with debug symbols, ie CFLAGS="-g -O0"

rerun dnie-tool within ldb to get a backtrace on the actual memory problem

Here you have some debugging info:

(lldb) run --pin "XXXXXXX" --all -vvvvvv
Process 69012 launched: '/Library/OpenSC/bin/dnie-tool' (arm64)
P:69012; T:0x8448827136 02:25:30.401 [dnie-tool] ctx.c:975:sc_context_create: ===================================
P:69012; T:0x8448827136 02:25:30.402 [dnie-tool] ctx.c:976:sc_context_create: OpenSC version: 0.26.1
P:69012; T:0x8448827136 02:25:30.402 [dnie-tool] ctx.c:977:sc_context_create: Configured for dnie-tool (/Library/OpenSC/bin/dnie-tool)
P:69012; T:0x8448827136 02:25:30.402 [dnie-tool] ctx.c:852:sc_openssl3_init: Failed to load OpenSSL Legacy provider
P:69012; T:0x8448827136 02:25:30.402 [dnie-tool] reader-pcsc.c:915:pcsc_init: PC/SC options: connect_exclusive=0 disconnect_action=0 transaction_end_action=0 reconnect_action=0 enable_pinpad=1 enable_pace=1
P:69012; T:0x8448827136 02:25:30.445 [dnie-tool] reader-pcsc.c:1415:pcsc_detect_readers: called
P:69012; T:0x8448827136 02:25:30.445 [dnie-tool] reader-pcsc.c:1428:pcsc_detect_readers: Probing PC/SC readers
P:69012; T:0x8448827136 02:25:30.445 [dnie-tool] reader-pcsc.c:1481:pcsc_detect_readers: Establish PC/SC context
P:69012; T:0x8448827136 02:25:30.452 [dnie-tool] reader-pcsc.c:1364:pcsc_add_reader: Adding new PC/SC reader 'CHERRY Smart Terminal xx44'
P:69012; T:0x8448827136 02:25:30.452 [dnie-tool] reader-pcsc.c:373:refresh_attributes: CHERRY Smart Terminal xx44 check
P:69012; T:0x8448827136 02:25:30.453 [dnie-tool] reader-pcsc.c:439:refresh_attributes: current  state: 0x00000022
P:69012; T:0x8448827136 02:25:30.453 [dnie-tool] reader-pcsc.c:440:refresh_attributes: previous state: 0x00000000
P:69012; T:0x8448827136 02:25:30.453 [dnie-tool] reader-pcsc.c:495:refresh_attributes: card present, changed
P:69012; T:0x8448827136 02:25:30.454 [dnie-tool] reader-pcsc.c:1582:pcsc_detect_readers: CHERRY Smart Terminal xx44:SCardConnect(SHARED): 0x00000000
P:69012; T:0x8448827136 02:25:30.454 [dnie-tool] reader-pcsc.c:1163:detect_reader_features: called
P:69012; T:0x8448827136 02:25:30.454 [dnie-tool] reader-pcsc.c:1165:detect_reader_features: Requesting reader features ... 
P:69012; T:0x8448827136 02:25:30.454 [dnie-tool] reader-pcsc.c:1183:detect_reader_features: Reader feature 12 found
P:69012; T:0x8448827136 02:25:30.454 [dnie-tool] reader-pcsc.c:1183:detect_reader_features: Reader feature 13 found
P:69012; T:0x8448827136 02:25:30.454 [dnie-tool] reader-pcsc.c:1203:detect_reader_features: Reader feature 13 is not supported
P:69012; T:0x8448827136 02:25:30.454 [dnie-tool] reader-pcsc.c:1104:part10_detect_max_data: get dwMaxAPDUDataSize property returned 261
P:69012; T:0x8448827136 02:25:30.454 [dnie-tool] reader-pcsc.c:1143:part10_get_vendor_product: id_vendor=046a id_product=00a7
P:69012; T:0x8448827136 02:25:30.454 [dnie-tool] reader-pcsc.c:1311:detect_reader_features: Reader supports sending 261 bytes of data
P:69012; T:0x8448827136 02:25:30.454 [dnie-tool] reader-pcsc.c:1324:detect_reader_features: Reader supports receiving 261 bytes of data
P:69012; T:0x8448827136 02:25:30.454 [dnie-tool] reader-pcsc.c:1597:pcsc_detect_readers: returning with: 0 (Success)
P:69012; T:0x8448827136 02:25:30.454 [dnie-tool] sc.c:339:sc_detect_card_presence: called
P:69012; T:0x8448827136 02:25:30.454 [dnie-tool] reader-pcsc.c:503:pcsc_detect_card_presence: called
P:69012; T:0x8448827136 02:25:30.454 [dnie-tool] reader-pcsc.c:373:refresh_attributes: CHERRY Smart Terminal xx44 check
P:69012; T:0x8448827136 02:25:30.454 [dnie-tool] reader-pcsc.c:412:refresh_attributes: returning with: 0 (Success)
P:69012; T:0x8448827136 02:25:30.454 [dnie-tool] reader-pcsc.c:511:pcsc_detect_card_presence: returning with: 1
P:69012; T:0x8448827136 02:25:30.455 [dnie-tool] sc.c:350:sc_detect_card_presence: returning with: 1
Using reader with a card: CHERRY Smart Terminal xx44
P:69012; T:0x8448827136 02:25:30.455 [dnie-tool] sc.c:339:sc_detect_card_presence: called
P:69012; T:0x8448827136 02:25:30.455 [dnie-tool] reader-pcsc.c:503:pcsc_detect_card_presence: called
P:69012; T:0x8448827136 02:25:30.455 [dnie-tool] reader-pcsc.c:373:refresh_attributes: CHERRY Smart Terminal xx44 check
P:69012; T:0x8448827136 02:25:30.455 [dnie-tool] reader-pcsc.c:412:refresh_attributes: returning with: 0 (Success)
P:69012; T:0x8448827136 02:25:30.455 [dnie-tool] reader-pcsc.c:511:pcsc_detect_card_presence: returning with: 1
P:69012; T:0x8448827136 02:25:30.455 [dnie-tool] sc.c:350:sc_detect_card_presence: returning with: 1
Connecting to card in reader CHERRY Smart Terminal xx44...
P:69012; T:0x8448827136 02:25:30.455 [dnie-tool] card.c:250:sc_connect_card: called
P:69012; T:0x8448827136 02:25:30.455 [dnie-tool] reader-pcsc.c:642:pcsc_connect: called
P:69012; T:0x8448827136 02:25:30.455 [dnie-tool] reader-pcsc.c:373:refresh_attributes: CHERRY Smart Terminal xx44 check
P:69012; T:0x8448827136 02:25:30.455 [dnie-tool] reader-pcsc.c:412:refresh_attributes: returning with: 0 (Success)
P:69012; T:0x8448827136 02:25:30.456 [dnie-tool] reader-pcsc.c:666:pcsc_connect: Initial protocol: T=0
P:69012; T:0x8448827136 02:25:30.456 [dnie-tool] card-dnie.c:737:dnie_match_card: called
P:69012; T:0x8448827136 02:25:30.456 [dnie-tool] card-dnie.c:740:dnie_match_card: returning with: 1
P:69012; T:0x8448827136 02:25:30.456 [dnie-tool] card-dnie.c:841:dnie_init: called
P:69012; T:0x8448827136 02:25:30.456 [dnie-tool] cwa14890.c:2170:cwa_get_default_provider: called
P:69012; T:0x8448827136 02:25:30.456 [dnie-tool] cwa14890.c:1132:cwa_create_secure_channel: called
P:69012; T:0x8448827136 02:25:30.456 [dnie-tool] cwa14890.c:1138:cwa_create_secure_channel: Setting CWA SM status to none
P:69012; T:0x8448827136 02:25:30.456 [dnie-tool] cwa14890.c:1139:cwa_create_secure_channel: returning with: 0 (Success)
P:69012; T:0x8448827136 02:25:30.456 [dnie-tool] card-dnie.c:879:dnie_init: returning with: 0 (Success)
P:69012; T:0x8448827136 02:25:30.456 [dnie-tool] card.c:381:sc_connect_card: card info name:'dnie', type:27003, flags:0x0, max_send/recv_size:243/255
P:69012; T:0x8448827136 02:25:30.456 [dnie-tool] card.c:1647:sc_card_sm_check: called
P:69012; T:0x8448827136 02:25:30.456 [dnie-tool] card.c:1652:sc_card_sm_check: returning with: 0 (Success)
P:69012; T:0x8448827136 02:25:30.456 [dnie-tool] card.c:393:sc_connect_card: returning with: 0 (Success)
Using card driver DNIe: Spanish eID card.
P:69012; T:0x8448827136 02:25:30.456 [dnie-tool] card.c:466:sc_lock: called
P:69012; T:0x8448827136 02:25:30.456 [dnie-tool] reader-pcsc.c:717:pcsc_lock: called
P:69012; T:0x8448827136 02:25:30.456 [dnie-tool] card.c:505:sc_lock: returning with: 0 (Success)
P:69012; T:0x8448827136 02:25:30.456 [dnie-tool] sec.c:203:sc_pin_cmd: called
dnie-tool(69012,0x1f796df00) malloc: *** error for object 0x16fdfe9eb: pointer being freed was not allocated
dnie-tool(69012,0x1f796df00) malloc: *** set a breakpoint in malloc_error_break to debug
Process 69012 stopped
* thread #1, queue = 'com.apple.main-thread', stop reason = breakpoint 1.1
    frame #0: 0x0000000189690aa0 libsystem_malloc.dylib`malloc_error_break
libsystem_malloc.dylib`malloc_error_break:
->  0x189690aa0 <+0>:  pacibsp 
    0x189690aa4 <+4>:  stp    x29, x30, [sp, #-0x10]!
    0x189690aa8 <+8>:  mov    x29, sp
    0x189690aac <+12>: nop    
Target 0: (dnie-tool) stopped.

Also happens with pkcs11-tool:

(lldb) run --login --test
Process 68862 launched: '/Library/OpenSC/bin/pkcs11-tool' (arm64)
Using slot 0 with a present token (0x0)
Logging in to "DNI electrónico".
Please enter User PIN: XXXXXXXX
pkcs11-tool(68862,0x1f796df00) malloc: *** error for object 0x16fdfe3fb: pointer being freed was not allocated
pkcs11-tool(68862,0x1f796df00) malloc: *** set a breakpoint in malloc_error_break to debug
Process 68862 stopped
* thread #1, queue = 'com.apple.main-thread', stop reason = breakpoint 1.1
    frame #0: 0x0000000189690aa0 libsystem_malloc.dylib`malloc_error_break
libsystem_malloc.dylib`malloc_error_break:
->  0x189690aa0 <+0>:  pacibsp 
    0x189690aa4 <+4>:  stp    x29, x30, [sp, #-0x10]!
    0x189690aa8 <+8>:  mov    x29, sp
    0x189690aac <+12>: nop    
Target 0: (pkcs11-tool) stopped.

Also, this issue is not related to macOS, but ARM64. It fails the exact same way on Windows 11 ARM64.

If you need more information, please ask me for it.

Jul 19 '25 00:07 LumitoLuma

Did you manage to compile this from source with debugging flags enabled? If so, run break malloc_error_break before starting run --login --test. This will stop at the critical point allowing you to perform a backtrace in lldb. With that info we can see where the problem is. thank you.

Jul 19 '25 09:07 frankmorgner

Did you manage to compile this from source with debugging flags enabled? If so, run break malloc_error_break before starting run --login --test. This will stop at the critical point allowing you to perform a backtrace in lldb. With that info we can see where the problem is. thank you.

Thanks, I forgot to do the backtrace in lldb. Here you have it (dnie-tool):

* thread #1, queue = 'com.apple.main-thread', stop reason = signal SIGABRT
  * frame #0: 0x0000000187b7d388 libsystem_kernel.dylib`__pthread_kill + 8
    frame #1: 0x0000000187bb688c libsystem_pthread.dylib`pthread_kill + 296
    frame #2: 0x0000000187abfc60 libsystem_c.dylib`abort + 124
    frame #3: 0x00000001879c4174 libsystem_malloc.dylib`malloc_vreport + 892
    frame #4: 0x00000001879c7c90 libsystem_malloc.dylib`malloc_report + 64
    frame #5: 0x00000001879cc21c libsystem_malloc.dylib`___BUG_IN_CLIENT_OF_LIBMALLOC_POINTER_BEING_FREED_WAS_NOT_ALLOCATED + 32
    frame #6: 0x0000000101236be0 libopensc.12.dylib`dnie_sm_free_wrapped_apdu(card=0x000000015700be00, plain=0x0000000000000000, sm_apdu=0x000000016fdfe590) at card-dnie.c:776:3
    frame #7: 0x0000000101236758 libopensc.12.dylib`dnie_sm_get_wrapped_apdu(card=0x000000015700be00, plain=0x000000016fdfeb00, sm_apdu=0x000000016fdfe688) at card-dnie.c:811:4
    frame #8: 0x000000010129d664 libopensc.12.dylib`sc_sm_single_transmit(card=0x000000015700be00, apdu=0x000000016fdfeb00) at sm.c:139:7
    frame #9: 0x0000000101122704 libopensc.12.dylib`sc_single_transmit(card=0x000000015700be00, apdu=0x000000016fdfeb00) at apdu.c:374:3
    frame #10: 0x0000000101121b38 libopensc.12.dylib`sc_transmit(card=0x000000015700be00, apdu=0x000000016fdfeb00) at apdu.c:517:6
    frame #11: 0x0000000101121924 libopensc.12.dylib`sc_transmit_apdu(card=0x000000015700be00, apdu=0x000000016fdfeb00) at apdu.c:635:7
    frame #12: 0x0000000101239280 libopensc.12.dylib`dnie_pin_verify(card=0x000000015700be00, data=0x000000016fdfecf8, tries_left=0x000000016fdfee64) at card-dnie.c:2150:8
    frame #13: 0x0000000101236444 libopensc.12.dylib`dnie_pin_cmd(card=0x000000015700be00, data=0x000000016fdfecf8, tries_left=0x000000016fdfee64) at card-dnie.c:2226:10
    frame #14: 0x0000000101109310 libopensc.12.dylib`sc_pin_cmd(card=0x000000015700be00, data=0x000000016fdfecf8, tries_left=0x000000016fdfee64) at sec.c:212:7
    frame #15: 0x0000000101109220 libopensc.12.dylib`sc_verify(card=0x000000015700be00, type=1, ref=0, pin=“XXXXXXXXXXXX”, pinlen=12, tries_left=0x000000016fdfee64) at sec.c:141:9
    frame #16: 0x0000000100000a88 dnie-tool`main(argc=5, argv=0x000000016fdff5d8) at dnie-tool.c:172:7
    frame #17: 0x0000000187816b98 dyld`start + 6076
  thread #2
    frame #0: 0x0000000187b768b0 libsystem_kernel.dylib`__workq_kernreturn + 8

This seems to be caused on the dnie_sm_free_wrapped_apdu function, exactly at:

free((unsigned char *) (*sm_apdu)->data);
free((*sm_apdu)->resp);

Jul 21 '25 11:07 LumitoLuma

I fixed the memory corruption in the above pull request. However, the actual problem is found in the SM encoding, which happens before and errors. This error is not correctly printed in the debug log (presumably because of the memory corruption). So this problem is only half fixed right now. Please check if you can get more debug information with the above pull request.

Jul 22 '25 07:07 frankmorgner

I fixed the memory corruption in the above pull request. However, the actual problem is found in the SM encoding, which happens before and errors. This error is not correctly printed in the debug log (presumably because of the memory corruption). So this problem is only half fixed right now. Please check if you can get more debug information with the above pull request.

I am unable to get much debugging information, but I get this new error (pkcs11-tool, but the error is the same):

(lldb) run --test --login
Process 33354 launched: '/Library/OpenSC/bin/pkcs11-tool' (arm64)
Using slot 0 with a present token (0x0)
Logging in to "DNI electrónico".
Please enter User PIN: 
error: PKCS11 function C_Login failed: rv = CKR_GENERAL_ERROR (0x5)
Aborting.
Process 33354 exited with status = 1 (0x00000001)

I will later try to provide more info.

Jul 22 '25 10:07 LumitoLuma

I have exactly the same issue with my Spanish DNIe card. If you need some information I'm glad to provide it

Jul 29 '25 17:07 rafa-suagu

Yeah, you need to apply #3456 and then post the debug log of dnie-tool --pin "XXXXXXX" --all -vvv, for example.

Jul 29 '25 20:07 frankmorgner

Yeah, you need to apply #3456 and then post the debug log of dnie-tool --pin "XXXXXXX" --all -vvv, for example.

Thanks for your quick response!! Can you guide me how to "apply" the PR? Maybe a nightly build? or compilation is mandatory?

Aug 01 '25 23:08 rafa-suagu

you could install the build artifact, e.g. https://ci.appveyor.com/api/buildjobs/cifomeq02rj97x9b/artifacts/OpenSC-0.26.0_Win64.msi and then run the command line tool above to get the debug log.

Aug 04 '25 18:08 frankmorgner

you could install the build artifact, e.g. https://ci.appveyor.com/api/buildjobs/cifomeq02rj97x9b/artifacts/OpenSC-0.26.0_Win64.msi and then run the command line tool above to get the debug log.

I'm using MacOS, can you share the dmg link, please?

Aug 06 '25 22:08 rafa-suagu

It is available here: https://github.com/OpenSC/Nightly/tree/2025-08-04_8d72a760

Download the fragments of the dmg file and reconstruct the whole image by running this command in the terminal:

# Recreate the macOS image
cat OpenSC*.dmg.* > OpenSC.dmg

Aug 06 '25 22:08 frankmorgner

I've just test and I can confirm that I got the same error as https://github.com/OpenSC/OpenSC/issues/3390#issuecomment-3102073809

dnie-tool --pin XXXXXXX --all -vvv

P:36709; T:0x4529550848 02:59:26.478 [dnie-tool] ctx.c:975:sc_context_create: ===================================
P:36709; T:0x4529550848 02:59:26.478 [dnie-tool] ctx.c:976:sc_context_create: OpenSC version: 0.26.1
P:36709; T:0x4529550848 02:59:26.478 [dnie-tool] ctx.c:977:sc_context_create: Configured for dnie-tool (/Library/OpenSC/bin/dnie-tool)
P:36709; T:0x4529550848 02:59:26.479 [dnie-tool] ctx.c:852:sc_openssl3_init: Failed to load OpenSSL Legacy provider
P:36709; T:0x4529550848 02:59:26.479 [dnie-tool] reader-pcsc.c:915:pcsc_init: PC/SC options: connect_exclusive=0 disconnect_action=0 transaction_end_action=0 reconnect_action=0 enable_pinpad=1 enable_pace=1
P:36709; T:0x4529550848 02:59:26.480 [dnie-tool] reader-pcsc.c:1415:pcsc_detect_readers: called
P:36709; T:0x4529550848 02:59:26.480 [dnie-tool] reader-pcsc.c:1428:pcsc_detect_readers: Probing PC/SC readers
P:36709; T:0x4529550848 02:59:26.480 [dnie-tool] reader-pcsc.c:1481:pcsc_detect_readers: Establish PC/SC context
P:36709; T:0x4529550848 02:59:26.497 [dnie-tool] reader-pcsc.c:1364:pcsc_add_reader: Adding new PC/SC reader 'MSI StarReader SMART'
P:36709; T:0x4529550848 02:59:26.497 [dnie-tool] reader-pcsc.c:373:refresh_attributes: MSI StarReader SMART check
P:36709; T:0x4529550848 02:59:26.499 [dnie-tool] reader-pcsc.c:439:refresh_attributes: current  state: 0x00000122
P:36709; T:0x4529550848 02:59:26.500 [dnie-tool] reader-pcsc.c:440:refresh_attributes: previous state: 0x00000000
P:36709; T:0x4529550848 02:59:26.500 [dnie-tool] reader-pcsc.c:495:refresh_attributes: card present, changed
P:36709; T:0x4529550848 02:59:26.501 [dnie-tool] reader-pcsc.c:1582:pcsc_detect_readers: MSI StarReader SMART:SCardConnect(SHARED): 0x00000000
P:36709; T:0x4529550848 02:59:26.501 [dnie-tool] reader-pcsc.c:1163:detect_reader_features: called
P:36709; T:0x4529550848 02:59:26.501 [dnie-tool] reader-pcsc.c:1165:detect_reader_features: Requesting reader features ...
P:36709; T:0x4529550848 02:59:26.502 [dnie-tool] reader-pcsc.c:1183:detect_reader_features: Reader feature 12 found
P:36709; T:0x4529550848 02:59:26.502 [dnie-tool] reader-pcsc.c:1104:part10_detect_max_data: get dwMaxAPDUDataSize property returned 65536
P:36709; T:0x4529550848 02:59:26.503 [dnie-tool] reader-pcsc.c:1143:part10_get_vendor_product: id_vendor=0bda id_product=0161
P:36709; T:0x4529550848 02:59:26.503 [dnie-tool] reader-pcsc.c:1311:detect_reader_features: Reader supports sending 65536 bytes of data
P:36709; T:0x4529550848 02:59:26.503 [dnie-tool] reader-pcsc.c:1324:detect_reader_features: Reader supports receiving 65536 bytes of data
P:36709; T:0x4529550848 02:59:26.504 [dnie-tool] reader-pcsc.c:1597:pcsc_detect_readers: returning with: 0 (Success)
P:36709; T:0x4529550848 02:59:26.504 [dnie-tool] sc.c:339:sc_detect_card_presence: called
P:36709; T:0x4529550848 02:59:26.504 [dnie-tool] reader-pcsc.c:503:pcsc_detect_card_presence: called
P:36709; T:0x4529550848 02:59:26.504 [dnie-tool] reader-pcsc.c:373:refresh_attributes: MSI StarReader SMART check
P:36709; T:0x4529550848 02:59:26.505 [dnie-tool] reader-pcsc.c:412:refresh_attributes: returning with: 0 (Success)
P:36709; T:0x4529550848 02:59:26.505 [dnie-tool] reader-pcsc.c:511:pcsc_detect_card_presence: returning with: 5
P:36709; T:0x4529550848 02:59:26.505 [dnie-tool] sc.c:350:sc_detect_card_presence: returning with: 5
Using reader with a card: MSI StarReader SMART
P:36709; T:0x4529550848 02:59:26.505 [dnie-tool] sc.c:339:sc_detect_card_presence: called
P:36709; T:0x4529550848 02:59:26.505 [dnie-tool] reader-pcsc.c:503:pcsc_detect_card_presence: called
P:36709; T:0x4529550848 02:59:26.505 [dnie-tool] reader-pcsc.c:373:refresh_attributes: MSI StarReader SMART check
P:36709; T:0x4529550848 02:59:26.506 [dnie-tool] reader-pcsc.c:412:refresh_attributes: returning with: 0 (Success)
P:36709; T:0x4529550848 02:59:26.506 [dnie-tool] reader-pcsc.c:511:pcsc_detect_card_presence: returning with: 5
P:36709; T:0x4529550848 02:59:26.506 [dnie-tool] sc.c:350:sc_detect_card_presence: returning with: 5
Connecting to card in reader MSI StarReader SMART...
P:36709; T:0x4529550848 02:59:26.506 [dnie-tool] card.c:250:sc_connect_card: called
P:36709; T:0x4529550848 02:59:26.506 [dnie-tool] reader-pcsc.c:642:pcsc_connect: called
P:36709; T:0x4529550848 02:59:26.506 [dnie-tool] reader-pcsc.c:373:refresh_attributes: MSI StarReader SMART check
P:36709; T:0x4529550848 02:59:26.507 [dnie-tool] reader-pcsc.c:412:refresh_attributes: returning with: 0 (Success)
P:36709; T:0x4529550848 02:59:26.508 [dnie-tool] reader-pcsc.c:666:pcsc_connect: Initial protocol: T=0
P:36709; T:0x4529550848 02:59:26.508 [dnie-tool] card-dnie.c:737:dnie_match_card: called
P:36709; T:0x4529550848 02:59:26.508 [dnie-tool] card-dnie.c:740:dnie_match_card: returning with: 1
P:36709; T:0x4529550848 02:59:26.508 [dnie-tool] card-dnie.c:832:dnie_init: called
P:36709; T:0x4529550848 02:59:26.509 [dnie-tool] cwa14890.c:2172:cwa_get_default_provider: called
P:36709; T:0x4529550848 02:59:26.509 [dnie-tool] cwa14890.c:1132:cwa_create_secure_channel: called
P:36709; T:0x4529550848 02:59:26.509 [dnie-tool] cwa14890.c:1138:cwa_create_secure_channel: Setting CWA SM status to none
P:36709; T:0x4529550848 02:59:26.509 [dnie-tool] cwa14890.c:1139:cwa_create_secure_channel: returning with: 0 (Success)
P:36709; T:0x4529550848 02:59:26.509 [dnie-tool] card-dnie.c:870:dnie_init: returning with: 0 (Success)
P:36709; T:0x4529550848 02:59:26.509 [dnie-tool] card.c:381:sc_connect_card: card info name:'dnie', type:27003, flags:0x0, max_send/recv_size:243/255
P:36709; T:0x4529550848 02:59:26.509 [dnie-tool] card.c:1647:sc_card_sm_check: called
P:36709; T:0x4529550848 02:59:26.509 [dnie-tool] card.c:1652:sc_card_sm_check: returning with: 0 (Success)
P:36709; T:0x4529550848 02:59:26.509 [dnie-tool] card.c:393:sc_connect_card: returning with: 0 (Success)
Using card driver DNIe: Spanish eID card.
P:36709; T:0x4529550848 02:59:26.509 [dnie-tool] card.c:466:sc_lock: called
P:36709; T:0x4529550848 02:59:26.509 [dnie-tool] reader-pcsc.c:717:pcsc_lock: called
P:36709; T:0x4529550848 02:59:26.509 [dnie-tool] card.c:505:sc_lock: returning with: 0 (Success)
P:36709; T:0x4529550848 02:59:26.509 [dnie-tool] sec.c:203:sc_pin_cmd: called
P:36709; T:0x4529550848 02:59:27.190 [dnie-tool] sec.c:259:sc_pin_cmd: returning with: -1400 (Internal error)
Error: PIN verification failed: Internal error
P:36709; T:0x4529550848 02:59:27.191 [dnie-tool] card.c:515:sc_unlock: called
P:36709; T:0x4529550848 02:59:27.191 [dnie-tool] reader-pcsc.c:759:pcsc_unlock: called
P:36709; T:0x4529550848 02:59:27.191 [dnie-tool] card.c:410:sc_disconnect_card: called
P:36709; T:0x4529550848 02:59:27.191 [dnie-tool] card-dnie.c:885:dnie_finish: called
P:36709; T:0x4529550848 02:59:27.191 [dnie-tool] cwa14890.c:1132:cwa_create_secure_channel: called
P:36709; T:0x4529550848 02:59:27.191 [dnie-tool] cwa14890.c:1138:cwa_create_secure_channel: Setting CWA SM status to none
P:36709; T:0x4529550848 02:59:27.191 [dnie-tool] cwa14890.c:1139:cwa_create_secure_channel: returning with: 0 (Success)
P:36709; T:0x4529550848 02:59:27.191 [dnie-tool] card-dnie.c:891:dnie_finish: returning with: 0 (Success)
P:36709; T:0x4529550848 02:59:27.191 [dnie-tool] reader-pcsc.c:698:pcsc_disconnect: MSI StarReader SMART:SCardDisconnect returned: 0x00000000
P:36709; T:0x4529550848 02:59:27.192 [dnie-tool] card.c:430:sc_disconnect_card: returning with: 0 (Success)
P:36709; T:0x4529550848 02:59:27.192 [dnie-tool] ctx.c:1060:sc_release_context: called
P:36709; T:0x4529550848 02:59:27.192 [dnie-tool] reader-pcsc.c:996:pcsc_finish: called

pkcs11-tool --login --test -v

Using slot 0 with a present token (0x0)
Logging in to "DNI electrónico".
Please enter User PIN:
error: PKCS11 function C_Login failed: rv = CKR_GENERAL_ERROR (0x5)
Aborting.

Aug 07 '25 01:08 rafa-suagu

OpenSC OpenSC copied to clipboard

Crash when using `dnie-tool`

OpenSC
OpenSC copied to clipboard