** Description changed: - Description will follow + When the EP11 token of Opencryptoki is configured with STRICT_MODE or + VHSM_MODE (or both) in config file /etc/opencryptoki/ep11tok.conf then + C_Login may return CKR_DEVICE_ERROR. + + ---Steps to Reproduce--- + Configure the EP11 token of Opencryptoki with keywords STRICT_MODE or VHSM_MODE (or both) in config file /etc/opencryptoki/ep11tok.conf + + Then run 'pkcsep11_session show -slot 4' and enter the user pin.It fails + with 'C_Login() rc = 0x30 [CKR_DEVICE_ERROR]' + + The OCK trace shows lines like the following with corrupted APQNs: + + 11/23/2018 10:43:45 [ep11_specific.c:6208 ep11tok] INFO: ep11tok_login_session session=1 + 11/23/2018 10:43:45 [ep11_specific.c:6074 ep11tok] INFO: Logging in adapter 2B8E.FFFF8EE0 + 11/23/2018 10:43:45 [ep11_specific.c:6127 ep11tok] ERROR: ep11_login_handler dll_m_Login failed: 0x6 + 11/23/2018 10:43:45 [ep11_specific.c:6074 ep11tok] INFO: Logging in adapter 00.0000 + 11/23/2018 10:43:45 [ep11_specific.c:6127 ep11tok] ERROR: ep11_login_handler dll_m_Login failed: 0x6 + 11/23/2018 10:43:45 [ep11_specific.c:6074 ep11tok] INFO: Logging in adapter 00.0000 + + Userspace tool common name: Opencryptoki + + Problem exit only for version 3.10 and 3.11. + + For Version 3.11 following upstream commit can be applied seamlessly. + Upstream commit that fixes this problem: + https://github.com/opencryptoki/opencryptoki/commit/1dae7c15e7bc3bb5b5aad72b851e0b9cd328bb0b + + For version 3.10 , patch attached. + + Mean, need to be integrated into 18.10 and 19.04 + + (taken from comment #2)
-- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1814521 Title: [UBUNTU] - opencryptoki: EP11 token fails when using Strict-Session mode or VHSM-Mode To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/1814521/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
