Comments (5)
I got a client log of the program they use that supplies the pkcs11 driver... it's a lot, but it looks like it might be something in their driver. Contacting support. I'll close this.
from rust-cryptoki.
What module do they use? Is it the same as yours?
Maybe they have special login requirements: https://docs.rs/cryptoki/latest/cryptoki/session/struct.Session.html#method.login
NOTE: By passing None into login, you must ensure that the CKF_PROTECTED_AUTHENTICATION_PATH flag is set in the TokenFlags.
from rust-cryptoki.
I think the card is a bit different.
The thing is... they use some software that, in my case and theirs, prompts for the pin if I pass in None. It appears to work in both cases, and I get this status from the card: RoUser
When I call decrypt though, it throws this: Pkcs11(UserNotLoggedIn)
I have given them a binary in which I collect the pin myself and send it, but I have not heard back yet.
But I would not have expected to get past the login attempt if there were an issue with the card not liking a None
pin.
from rust-cryptoki.
The really frustrating thing is when I go to search the card for Private(true) objects... I can't see them unless I login.
When I login (in both cases) I can see the private objects. so I know the login is doing something!
When I try to use one to decrypt it works on mine, but it throws Pkcs11(UserNotLoggedIn)
on theirs.
from rust-cryptoki.
I have read online about interference with other pkcs11 applications interfacing with the card:
MicrochipTech/cryptoauthlib#149
But I don't know enough about how any of this works... is this something that an application can control itself or does all access to the card need to be handled in order to not get corrupted sessions?
from rust-cryptoki.
Related Issues (20)
- Missing constants for x86_64-unknown-linux-gnu HOT 6
- Function name as part of errors HOT 3
- CKA_PUBLIC_KEY_INFO getting TypeInvalid HOT 8
- Wrapper for C_WaitForSlotEvent HOT 5
- finalize() without drop()? HOT 1
- `clone()` and `is_initialized()` HOT 13
- bug: `is_fn_supported()` always returns `true` HOT 1
- Signing and Verifying HOT 2
- PKCS OAEP padding always returns: Pkcs11(ArgumentsBad) HOT 3
- test slot::token_info::test::debug_info fails on 32-bit architectures. HOT 1
- Add Wycheproof-based tests
- Wasm support HOT 2
- session.login fails on MacOS Sonoma HOT 8
- New release? HOT 6
- PkcsOaepParams HOT 3
- Build of cryptoki v0.6.1 failing on Fedora 39+ HOT 23
- Cannot init_token using an HSM with PED
- Do not call C_Finalize if not initialized
- Add support for C_GetInterfaceList
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from rust-cryptoki.