Windows 8 64bit beidpkcs11.dll compatibility with external applications

GertClaeskens / eid-mw

Automatically exported from code.google.com/p/eid-mw

GNU Lesser General Public License v3.0

0 stars 0 forks source link

Windows 8 64bit beidpkcs11.dll compatibility with external applications #114

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago

Steps to reproduce this problem:
1. Install OpenVPN GUI and eid software
2. Use a pkcs11-provider in the OpenVPN GUI configuration:
pkcs11-providers "C:/Windows/System32/beidpkcs11.dll"
3. Connect to the OpenVPN server

The expected result is a pincode prompt, but instead nothing happens.

When we examine the log file we can see that it stops after:
TLS: Initial packet
VERIFY OK: depth=1
VERIFY OK: nsCertType=SERVER
VERIFY OK: depth=0

Software versions:
Windows 8 64 bit
eid viewer 4.0.5 158 (eID-QuickInstaller-build-7382_signed_tcm227-228999)
OpenVPN GUI 2.3.2
OpenVPN server 2.1.0

Original issue reported on code.google.com by beerd...@gmail.com on 14 Oct 2013 at 1:08

GoogleCodeExporter commented 9 years ago

[deleted comment]

GoogleCodeExporter commented 9 years ago

Hello,

Could you provide me a pkcs11 log, so I can check if anything is wrong there?

You can find out how to make a pkcs11 log here:
http://test.eid.belgium.be/faq/faq_nl.htm#Browser_authenticatie

Wkr,
 Frederik

Original comment by frederik...@gmail.com on 15 Oct 2013 at 10:21

GoogleCodeExporter commented 9 years ago

We have tried to follow the provided instructions, however there is no 
HKEY_LOCAL_MACHINE > SOFTWARE > BEID tree in our registry.
Creating it ourselves didn't work.

We have also checked HKEY_CURRENT_USER > SOFTWARE > BEID ,  which only 
contained an installer directory.
Creating the necessary keys in that directory was also unsuccessful.

Do you have any further instructions?

Kind regards
Jan

Original comment by beerd...@gmail.com on 16 Oct 2013 at 12:23

GoogleCodeExporter commented 9 years ago

Apparently it does work now.

I left out the CKA_VALUE part, I hope that's ok.

Kind regards
Jan

Original comment by beerd...@gmail.com on 16 Oct 2013 at 1:22

Attachments:

pkcs11.log

GoogleCodeExporter commented 9 years ago

Thanks for the log

1624 2140 16.10.2013 15:07:59 cal_sign() | E: MiddlewareException thrown: 
0xe1d00200
1624 2140 16.10.2013 15:07:59 C_Sign() | E: cal_sign() returned CKR_DEVICE_ERROR
1624 2140 16.10.2013 15:07:59 C_Sign() | I: leave, ret = 0x00000030

I'll try to reproduce the issue.
Could you try your application again, but with a different cardreader?
(I noticed in the logs you have another one)

Wkr,
 Frederik

Original comment by frederik...@gmail.com on 16 Oct 2013 at 2:07

Changed state: Accepted

GoogleCodeExporter commented 9 years ago

Unfortunately, the second cardreader did not work, but we managed to find 
another one.

This one (Vasco Digipass 905) seems to throw the same error.

Original comment by beerd...@gmail.com on 16 Oct 2013 at 2:50

Attachments:

[pkcs11 (1).log](https://storage.googleapis.com/google-code-attachments/eid-mw/issue-114/comment-6/pkcs11 %281%29.log)

GoogleCodeExporter commented 9 years ago

It looks like we are running into the 5 seconds limitation of Windows 8 (no 
card communication for over 5 seconds while holding a transaction -> card reset)

http://technet.microsoft.com/en-us/library/hh849637.aspx

Original comment by frederik...@gmail.com on 21 Oct 2013 at 8:37

GoogleCodeExporter commented 9 years ago

Original comment by frederik...@gmail.com on 8 Jul 2014 at 1:46

GoogleCodeExporter commented 9 years ago

The 5 seconds problem is fixed in eIDMW 407.

Did this resolve your issue?

Original comment by frederik...@gmail.com on 9 Jul 2014 at 11:14

Changed state: Fixed