search

open-eid / chrome-token-signing

DEPRECATED Chrome and Firefox extension for signing with your eID on the web
https://github.com/open-eid/chrome-token-signing/wiki
GNU Lesser General Public License v2.1
206 stars 75 forks source link

getCertificate() failed: Error: driver_error #173

Closed ecarou closed 4 years ago

ecarou commented 4 years ago

Hello,

I'm stuck on this error for a while. _Debug: hwcrypto.js 0.0.11 with Chrome native messaging extension 0.0.30/1.1.2.520 getCertificate() failed: Error: drivererror we moved from PC to MacOS. Everything's running on PC but cannot make it work on Mac.

I manage to read my card id on the mac using an app, so the reader is working and as far as i understand correctly installed.

What can i do to find what's wrong with my setup ?

Thanks

Counter178 commented 4 years ago

Hi there.

The "Error: driver_error" could come from either unsupported smart card reader or even web browser settings. Overall this case needs deeper troubleshooting from the bottom and thus why I recommend writing to ID-helpline https://www.id.ee/.

ecarou commented 4 years ago

Hi there.

The "Error: driver_error" could come from either unsupported smart card reader or even web browser settings. Overall this case needs deeper troubleshooting from the bottom and thus why I recommend writing to ID-helpline https://www.id.ee/.

I cannot read with the digidoc4 client app from id.ee ? but well from another app (belgian card id reader) ... does that mean that my card reader is not supported ?

Counter178 commented 4 years ago

Hi.

Supported reader : https://www.id.ee/en/article/useful-information-about-smartcard-readers/

For official support contact id-helpline.

metsma commented 4 years ago

https://github.com/open-eid/chrome-token-signing/wiki/DeveloperTips#logging Can you enable logging?

ecarou commented 4 years ago

2020-08-24 19:11:06 [64958] main_block_invoke() [chrome-host.mm:80] Message size: 107 2020-08-24 19:11:06 [64958] main_block_invoke() [chrome-host.mm:95] Message (107): {"type":"VERSION","nonce":"ao7cwm0v0yyk8hkr","src":"page.js","origin":"https://dev.mystuff.net","tab":438} 2020-08-24 19:11:06 [64958] write() [chrome-host.mm:38] Response(72) {"result":"ok","nonce":"ao7cwm0v0yyk8hkr","ver":1,"version":"1.1.2.520"} 2020-08-24 19:11:06 [64958] main_block_invoke() [chrome-host.mm:80] Message size: 121 2020-08-24 19:11:06 [64958] main_block_invoke() [chrome-host.mm:95] Message (121): {"type":"CERT","lang":"English","nonce":"9hikis69d60d3rwl","src":"page.js","origin":"https://dev.mystuff.net","tab":438} 2020-08-24 19:11:06 [64958] atrList() [PKCS11Path.cpp:69] found reader: VASCO DIGIPASS 870 2020-08-24 19:11:06 [64958] atrList() [PKCS11Path.cpp:82] Set ATR = 3B9813400AA503010101AD1311 for reader VASCO DIGIPASS 870 2020-08-24 19:11:06 [64958] PKCS11CardManager() [PKCS11CardManager.h:124] Function List not loaded /usr/local/lib/beid-pkcs11.bundle/Contents/MacOS/libbeidpkcs11.dylib: dlopen(/usr/local/lib/beid-pkcs11.bundle/Contents/MacOS/libbeidpkcs11.dylib, 6): no suitable image found. Did find: file system sandbox blocked open() of '/usr/local/lib/beid-pkcs11.bundle/Contents/MacOS/libbeidpkcs11.dylib' 2020-08-24 19:11:06 [64958] +[CertificateSelection show:]() [CertificateSelection.mm:162] Exception: Failed to load driver 2020-08-24 19:11:06 [64958] write() [chrome-host.mm:38] Response(60) {"result":"driver_error","nonce":"9hikis69d60d3rwl","ver":1}

Here is the log i get following your instructions, it seems that the fil libbeidpkcs11.dylib doesn't fit requirement ?

metsma commented 4 years ago

Is the belgium driver signed? codesign -d -vvv /usr/local/lib/beid-pkcs11.bundle/Contents/MacOS/libbeidpkcs11.dylib

ecarou commented 4 years ago

Executable=/usr/local/lib/libbeidpkcs11.4.4.20.dylib Identifier=libbeidpkcs11 Format=Mach-O thin (x86_64) CodeDirectory v=20500 size=4857 flags=0x10000(runtime) hashes=146+2 location=embedded Hash type=sha256 size=32 CandidateCDHash sha1=372cd19bc84b77fc9ff4ed78d10c206aa6f157e5 CandidateCDHashFull sha1=372cd19bc84b77fc9ff4ed78d10c206aa6f157e5 CandidateCDHash sha256=016916fddc436cb5cb3ab53b69c4bb0694cf2ee4 CandidateCDHashFull sha256=016916fddc436cb5cb3ab53b69c4bb0694cf2ee4c7e6c3f663f6a4bdd7d62e99 Hash choices=sha1,sha256 CMSDigest=f10a54c9aea51afdb6dbb66d8ef9d8c847585d6001d1393c0b64cd1851f2e4ff CMSDigestType=2 CDHash=016916fddc436cb5cb3ab53b69c4bb0694cf2ee4 Signature size=8996 Authority=Developer ID Application: Zetes Sa (EU27N85PBZ) Authority=Developer ID Certification Authority Authority=Apple Root CA Timestamp=9 Aug 2019 at 15:56:21 Info.plist=not bound TeamIdentifier=EU27N85PBZ Runtime Version=10.14.0 Sealed Resources=none Internal requirements count=1 size=176

Thanks for all the investigations you are doing to help me.

metsma commented 4 years ago

Hmm, it is codesigned maybe macOS sandbox does not like the /usr/local path. Can you try to move the library? sudo mkdir -p /Library/beid/lib sudo mv /usr/local/lib/libbeidpkcs11.5.0.5.dylib /usr/local/lib/beid-pkcs11.bundle /Library/beid/lib sudo ln -s /Library/beid/lib/libbeidpkcs11.5.0.5.dylib /usr/local/lib sudo ln -s /Library/beid/lib/beid-pkcs11.bundle /usr/local/lib

ecarou commented 4 years ago

Many Thanks Metsma... it works like this.

Really appreciate your help on this.