@@ -1128,22 +1128,19 @@
 	return;
 }
 
 /*
  * SYNPOSIS
- *     LONG cackey_reconnect_card(struct cackey_slot *slot, DWORD default_protocol, LPDWORD selected_protocol);
+ *     LONG cackey_reconnect_card(struct cackey_slot *slot, DWORD default_protocol);
  *
  * ARGUMENTS
  *     cackey_slot *slot
  *         Slot to send commands to
  *
  *     DWORD default_protocol
  *         Protocol to attempt first
  *
- *     LPDWORD selected_protocol
- *         [OUT] Protocol selected
- *
  * RETURN VALUE
  *     The return value from SCardReconnect()
  *
  * NOTES
  *     This function is a wrapper around SCardReconnect()
@@ -1152,24 +1149,31 @@
  *     dwPreferredProtocols of "default_protocol".  If that call returns
  *     SCARD_E_PROTO_MISMATCH try again with a protocol of T=0, and failing
  *     that T=1.
  *
  */
-static LONG cackey_reconnect_card(struct cackey_slot *slot, DWORD default_protocol, LPDWORD selected_protocol) {
+static LONG cackey_reconnect_card(struct cackey_slot *slot, DWORD default_protocol) {
+	DWORD selected_protocol;
 	LONG scard_conn_ret;
 
-	scard_conn_ret = SCardReconnect(slot->pcsc_card, SCARD_SHARE_SHARED, default_protocol, SCARD_RESET_CARD, selected_protocol);
+	selected_protocol = 0;
+
+	scard_conn_ret = SCardReconnect(slot->pcsc_card, SCARD_SHARE_SHARED, default_protocol, SCARD_RESET_CARD, &selected_protocol);
 
 	if (scard_conn_ret == SCARD_E_PROTO_MISMATCH) {
 		CACKEY_DEBUG_PRINTF("SCardReconnect() returned SCARD_E_PROTO_MISMATCH, trying with just T=0")
-		scard_conn_ret = SCardReconnect(slot->pcsc_card, SCARD_SHARE_SHARED, SCARD_PROTOCOL_T0, SCARD_RESET_CARD, selected_protocol);
+		scard_conn_ret = SCardReconnect(slot->pcsc_card, SCARD_SHARE_SHARED, SCARD_PROTOCOL_T0, SCARD_RESET_CARD, &selected_protocol);
 
 		if (scard_conn_ret == SCARD_E_PROTO_MISMATCH) {
 			CACKEY_DEBUG_PRINTF("SCardReconnect() returned SCARD_E_PROTO_MISMATCH, trying with just T=1")
-			scard_conn_ret = SCardReconnect(slot->pcsc_card, SCARD_SHARE_SHARED, SCARD_PROTOCOL_T1, SCARD_RESET_CARD, selected_protocol);
+			scard_conn_ret = SCardReconnect(slot->pcsc_card, SCARD_SHARE_SHARED, SCARD_PROTOCOL_T1, SCARD_RESET_CARD, &selected_protocol);
 		}
 	}
+
+	if (scard_conn_ret == SCARD_S_SUCCESS) {
+		slot->protocol = selected_protocol;
+	}
 
 	return(scard_conn_ret);
 }
 
 /*
@@ -1236,11 +1240,11 @@
 					CACKEY_DEBUG_PRINTF("SCardConnect() returned SCARD_E_PROTO_MISMATCH, trying with just T=1")
 					scard_conn_ret = SCardConnect(*cackey_pcsc_handle, slot->pcsc_reader, SCARD_SHARE_SHARED, SCARD_PROTOCOL_T1, &slot->pcsc_card, &protocol);
 				}
 			}
 
-			scard_conn_ret = cackey_reconnect_card(slot, protocol, &protocol);
+			scard_conn_ret = cackey_reconnect_card(slot, protocol);
 		}
 
 		if (scard_conn_ret != SCARD_S_SUCCESS) {
 			CACKEY_DEBUG_PRINTF("Connection to card failed, returning in failure (SCardConnect() = %s/%li)", CACKEY_DEBUG_FUNC_SCARDERR_TO_STR(scard_conn_ret), (long) scard_conn_ret);
 
@@ -1443,11 +1447,10 @@
  */
 static cackey_ret cackey_send_apdu(struct cackey_slot *slot, unsigned char class, unsigned char instruction, unsigned char p1, unsigned char p2, unsigned int lc, unsigned char *data, unsigned int le, uint16_t *respcode, unsigned char *respdata, size_t *respdata_len) {
 	uint8_t major_rc, minor_rc;
 	size_t bytes_to_copy, tmp_respdata_len;
 	LPCSCARD_IO_REQUEST pioSendPci;
-	DWORD protocol;
 	DWORD xmit_len, recv_len;
 	LONG scard_xmit_ret, scard_reconn_ret;
 	BYTE xmit_buf[1024], recv_buf[1024];
 	int pcsc_connect_ret, pcsc_getresp_ret;
 	int idx;
@@ -1538,10 +1541,12 @@
 		CACKEY_DEBUG_PRINTF("Failed to send APDU to card (SCardTransmit() = %s/%lx), will ask calling function to retry (not resetting card)...", CACKEY_DEBUG_FUNC_SCARDERR_TO_STR(scard_xmit_ret), (unsigned long) scard_xmit_ret);
 
 		/* Begin Smartcard Transaction */
 		cackey_end_transaction(slot);
 
+		cackey_reconnect_card(slot, slot->protocol);
+
 		return(CACKEY_PCSC_E_RETRY);
 	}
 
 	if (scard_xmit_ret != SCARD_S_SUCCESS) {
 		CACKEY_DEBUG_PRINTF("Failed to send APDU to card (SCardTransmit() = %s/%lx)", CACKEY_DEBUG_FUNC_SCARDERR_TO_STR(scard_xmit_ret), (unsigned long) scard_xmit_ret);
@@ -1550,15 +1555,13 @@
 		cackey_mark_slot_reset(slot);
 
 		if (scard_xmit_ret == SCARD_W_RESET_CARD) {
 			CACKEY_DEBUG_PRINTF("Reset required, please hold...");
 
-			scard_reconn_ret = cackey_reconnect_card(slot, SCARD_PROTOCOL_T0 | SCARD_PROTOCOL_T1, &protocol);
+			scard_reconn_ret = cackey_reconnect_card(slot, SCARD_PROTOCOL_T0 | SCARD_PROTOCOL_T1);
 
 			if (scard_reconn_ret == SCARD_S_SUCCESS) {
-				/* Update protocol */
-				slot->protocol = protocol;
 				switch (slot->protocol) {
 					case SCARD_PROTOCOL_T0:
 						pioSendPci = SCARD_PCI_T0;
 
 						break;
@@ -2859,21 +2862,27 @@
 			case CACKEY_ID_TYPE_CERT_ONLY:
 				break;
 		}
 
 		if (send_ret != CACKEY_PCSC_S_OK) {
-			CACKEY_DEBUG_PRINTF("ADPU Sending Failed -- returning in error.");
-
 			if (free_tmpbuf) {
 				if (tmpbuf_s) {
 					free(tmpbuf_s);
 				}
 			}
 
 			/* End transaction */
 			cackey_end_transaction(slot);
 
+			if (send_ret == CACKEY_PCSC_E_RETRY) {
+				CACKEY_DEBUG_PRINTF("ADPU Sending Failed -- retrying.");
+
+				return(cackey_signdecrypt(slot, identity, buf, buflen, outbuf, outbuflen, padInput, unpadOutput));
+			}
+
+			CACKEY_DEBUG_PRINTF("ADPU Sending Failed -- returning in error.");
+
 			if (respcode == 0x6982 || respcode == 0x6e00) {
 				if (respcode == 0x6E00) {
 					CACKEY_DEBUG_PRINTF("Got \"WRONG CLASS\", this means we are talking to the wrong object (likely because the card went away) -- resetting");
 				} else {
 					CACKEY_DEBUG_PRINTF("Security status not satisified (respcode = 0x%04x).  Returning NEEDLOGIN", (int) respcode);
@@ -3182,15 +3191,12 @@
 		cackey_mark_slot_reset(slot);
 
 		if (status_ret == SCARD_W_RESET_CARD) {
 			CACKEY_DEBUG_PRINTF("Reset required, please hold...");
 
-			scard_reconn_ret = cackey_reconnect_card(slot, SCARD_PROTOCOL_T0 | SCARD_PROTOCOL_T1, &protocol);
+			scard_reconn_ret = cackey_reconnect_card(slot, SCARD_PROTOCOL_T0 | SCARD_PROTOCOL_T1);
 			if (scard_reconn_ret == SCARD_S_SUCCESS) {
-				/* Update protocol */
-				slot->protocol = protocol;
-
 				/* Re-establish transaction, if it was present */
 				if (slot->transaction_depth > 0) {
 					slot->transaction_depth--;
 					slot->transaction_need_hw_lock = 1;
 					cackey_begin_transaction(slot);
@@ -6371,10 +6377,12 @@
 				if (buflen == CACKEY_PCSC_E_NEEDLOGIN) {
 					retval = CKR_USER_NOT_LOGGED_IN;
 				} else if (buflen == CACKEY_PCSC_E_TOKENABSENT) {
 					retval = CKR_DEVICE_REMOVED;
 				} else {
+					CACKEY_DEBUG_PRINTF("Failed to send APDU, error = %li", (long int) buflen);
+
 					retval = CKR_GENERAL_ERROR;
 				}
 			} else if (((unsigned long) buflen) > *pulPartLen && pPart) {
 				/* Decrypted data too large */
 				retval = CKR_BUFFER_TOO_SMALL;