by admin

Opensc No Slot With A Token Was Found

Package: opensc-pkcs11;Maintainer for opensc-pkcs11 is Debian OpenSC Maintainers <pkg-opensc-maint@lists.alioth.debian.org>; Source for opensc-pkcs11 is src:opensc (PTS, buildd, popcon).

  • No slot with a token was found. If I remove the card and reinsert in the reader I get the same result. I need to disconnect the reader from the USB (power cycle) to have it again working. Finally some investigations about the specifications of the CNS cards.
  • Commit Score: This score is calculated by counting number of weeks with non-zero commits in the last 1 year period. So if 26 weeks out of the last 52 had non-zero commits and the rest had zero commits, the score would be 50%. Issues & PR Score: This score is calculated by counting number of weeks with non-zero issues or PR activity in the last 1 year period.

Reported by: E <debian@x3nsic.net>

Smart Card / PKCS#11 support. OpenConnect supports the use of X.509 certificates and keys from smart cards (as well as software storage such as GNOME Keyring and SoftHSM) by means of the PKCS#11 standard. Objects from PKCS#11 tokens are specified by a PKCS#11 URI according to RFC 7512. In order to use a certificate or key with OpenConnect, you must provide a PKCS#11 URI which identifies it. When using multiple PINs and until the changes proposed by RedHat/Fedora are integrated in OpenSSH: Fedora 28: Better smart card support in OpenSSH One MUST use OpenSC’s onepin-opensc-pkcs11.so library to prevent the SSH agent from attempting to unlock all tokens/slots with the same PIN and eventually locking those tokens/slots that do not match.

Date: Thu, 2 Jun 2016 21:09:02 UTC

Severity: important

Found in version opensc/0.16.0~rc2-1

Reply or subscribe to this bug.

View this report as an mbox folder, status mbox, maintainer mbox

Report forwardedto debian-bugs-dist@lists.debian.org, debian@x3nsic.net, Debian OpenSC Maintainers <pkg-opensc-maint@lists.alioth.debian.org>:
Bug#826165; Package opensc-pkcs11. (Thu, 02 Jun 2016 21:09:06 GMT) (full text, mbox, link).

Acknowledgement sentto E <debian@x3nsic.net>:
New Bug report received and forwarded. Copy sent to debian@x3nsic.net, Debian OpenSC Maintainers <pkg-opensc-maint@lists.alioth.debian.org>. (Thu, 02 Jun 2016 21:09:06 GMT) (full text, mbox, link).

Message #5 received at submit@bugs.debian.org (full text, mbox, reply):

To: Debian Bug Tracking System <submit@bugs.debian.org>

Opensc No Slot With A Token Was Found Stolen

Subject: opensc-pkcs11: Signing fails with: PKCS11 function C_SignFinal failed: rv = CKR_GENERAL_ERROR (0x5)

Information forwardedto debian-bugs-dist@lists.debian.org, Debian OpenSC Maintainers <pkg-opensc-maint@lists.alioth.debian.org>:
Bug#826165; Package opensc-pkcs11. (Tue, 12 Jul 2016 11:27:09 GMT) (full text, mbox, link).

Acknowledgement sentto Stanimir Stoyanov <stanimir@datacentrix.org>:
Extra info received and forwarded to list. Copy sent to Debian OpenSC Maintainers <pkg-opensc-maint@lists.alioth.debian.org>. (Tue, 12 Jul 2016 11:27:09 GMT) (full text, mbox, link).

Message #10 received at 826165@bugs.debian.org (full text, mbox, reply):

From: Stanimir Stoyanov <stanimir@datacentrix.org>
Subject: Confirming

Information forwardedto debian-bugs-dist@lists.debian.org, Debian OpenSC Maintainers <pkg-opensc-maint@lists.alioth.debian.org>:
Bug#826165; Package opensc-pkcs11. (Sat, 15 Oct 2016 11:27:06 GMT) (full text, mbox, link).

Acknowledgement sentto gdsotirov@dir.bg:
Extra info received and forwarded to list. Copy sent to Debian OpenSC Maintainers <pkg-opensc-maint@lists.alioth.debian.org>. (Sat, 15 Oct 2016 11:27:06 GMT) (full text, mbox, link).

Message #15 received at 826165@bugs.debian.org (full text, mbox, reply):

To: 826165@bugs.debian.org
Date: Sat, 15 Oct 2016 13:53:57 +0300

Information forwardedto debian-bugs-dist@lists.debian.org, Debian OpenSC Maintainers <pkg-opensc-maint@lists.alioth.debian.org>:
Bug#826165; Package opensc-pkcs11. (Thu, 15 Dec 2016 23:18:07 GMT) (full text, mbox, link).

Acknowledgement sentto debian@x3nsic.net:
Extra info received and forwarded to list. Copy sent to Debian OpenSC Maintainers <pkg-opensc-maint@lists.alioth.debian.org>. (Thu, 15 Dec 2016 23:18:07 GMT) (full text, mbox, link).

Message #20 received at 826165@bugs.debian.org (full text, mbox, reply):

To: 826165@bugs.debian.org
Subject: opensc-pkcs11: Signing fails with: PKCS11 function C_SignFinal failed: rv = CKR_GENERAL_ERROR (0x5)

Information forwardedto debian-bugs-dist@lists.debian.org, Debian OpenSC Maintainers <pkg-opensc-maint@lists.alioth.debian.org>:
Bug#826165; Package opensc-pkcs11. (Sat, 14 Jan 2017 17:27:03 GMT) (full text, mbox, link).

Acknowledgement sentto 'Georgi D. Sotirov' <gdsotirov@dir.bg>:
Extra info received and forwarded to list. Copy sent to Debian OpenSC Maintainers <pkg-opensc-maint@lists.alioth.debian.org>. (Sat, 14 Jan 2017 17:27:03 GMT) (full text, mbox, link).

Message #25 received at 826165@bugs.debian.org (full text, mbox, reply):

To: 826165@bugs.debian.org
Subject: Re: Bug#826165: opensc-pkcs11: Signing fails with: PKCS11 function C_SignFinal failed: rv = CKR_GENERAL_ERROR (0x5)

Send a report that this bug log contains spam.

Debian bug tracking system administrator <owner@bugs.debian.org>.Last modified:Fri Jan 1 04:10:40 2021; Machine Name:buxtehude

Debbugs is free software and licensed under the terms of the GNU Public License version 2. The current version can be obtained from https://bugs.debian.org/debbugs-source/.

Copyright © 1999 Darren O. Benham,1997,2003 nCipher Corporation Ltd,1994-97 Ian Jackson,2005-2017 Don Armstrong, and many other contributors.

2012-05-30 09:21:03 UTC
Hello all,
As you may know, I'm trying to implement writing certificate to OpenPGP
card via PKCS#11.
I succeed with pkcs15-init tool but have difficulty with pkcs11-tool.
When I import via pkcs15-init tool (Command: pkcs15-init
--store-certificate ***@mbm.vn.pem), the tool asks for Admin PIN
and the work is done. But when I try with pkcs11-tool:
pkcs11-tool --module=/usr/lib/opensc-pkcs11.so -w quannguyen.crt -y cert
--slot 2
the tool does not ask for PIN and the write cannot succeed (in OpenPGP
Opensccard, writing certificate requires SO (Admin) PIN).
I tried to provide the Admin PIN in the command, but still not successful:
pkcs11-tool --module=/usr/lib/opensc-pkcs11.so -w quannguyen.crt -y cert
--slot 2 -l --so-pin 12345678
pkcs11-tool --module=/usr/lib/opensc-pkcs11.so -w quannguyen.crt -y cert
--slot 2 --so-pin 12345678
I also researched and found that in pkcs15-init, a function to ask for
PIN is implemented and added via sc_pkcs15init_set_callbacks(), but
pkcs11-tool does not do so.
The question is:
Slot- 'Not ask for PIN' is intentional design of pkcs11-tool or a limitation?Opensc No Slot With A Token Was Found
- What is the right way to provide Admin PIN to pkcs11-tool to allow to
write data?

Opensc No Slot With A Token Was Found The First


- When I do import certificate in Firefox, the browser ask for a PIN. I
Openscexpect it to ask for Admin PIN but not sure which PIN it actually asks
for (user PIN, to login to slot, or admin PIN, to write data). Do you

Opensc No Slot With A Token Was Found Dead

know how Firefox determines which PIN to ask? Does it always ask for
user PIN of the slot, or smart enough to ask for right PIN?

Opensc No Slot With A Token Was Found One


Opensc No Slot With A Token Was Found A Way

--
Regards,
Quân