Re: coolkey with stunnel-nss

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Matt Anderson wrote:
Jack Magne wrote:
Matt:

You can try the following to get some debug info from CoolKey.

1. In the terminal from which you launch your app do:

export COOL_KEY_LOG_FILE=/tmp/cool.txt

2. Run your program.

3. After it fails take a look at /tmp/cool.txt, it may have some clues.

Unfortunately this file is empty when I try to use stunnel with coolkey. Which suggests to me that NSS isn't getting far enough to even query the coolkey module for my certificate.

However when I run certutil I don't always have access to my certificate on my CAC card. Half the time it prompts me for my "CoolKey" password, the other time (when it works) it prompts me for the "Matt R Anderson" pin. I've attached those two log files so you can see them.

-matt
Sounds like stunnel isn't loading the pkcs #11 module. Do you know where stunnel is opening it's certDB?

bob
------------------------------------------------------------------------

Initialize called, hello 5
C_GetInfo called
C_GetSlotList called
calling IsConnected
card changed
cleared all sessions
time connect: Connect Time 401 ms
time connect: Read Slot 401 ms
time connect: connection status 401 ms
time connnect: Begin transaction 401 ms
CoolKey Select failed 0x6
CAC Cert 0: select CAC applet:  72 ms
CAC Cert 0: fetch CAC Cert:  121 ms
CAC Cert 0: Fetch rest :  560 ms
CAC Cert 0: Cert has been read:  560 ms
CAC Cert 0: Cert has been uncompressed:  560 ms
refreshTokenState: Failed to load objects.
isTokenPresent, card state is 0x3e
C_GetSlotList called
calling IsConnected
IsConnected returned false
isTokenPresent, card state is 0x3e
Called C_GetSlotInfo
calling IsConnected
IsConnected returned false
isTokenPresent, card state is 0x3e
C_GetTokenInfo called
calling IsConnected
IsConnected returned false
isTokenPresent, card state is 0x3e
C_GetMechanismList called
calling IsConnected
IsConnected returned false
isTokenPresent, card state is 0x3e
C_GetMechanismList returning 0
C_GetMechanismList called
calling IsConnected
IsConnected returned false
isTokenPresent, card state is 0x3e
C_GetMechanismList returning 0
C_OpenSession called
calling IsConnected
IsConnected returned false
isTokenPresent, card state is 0x3e
C_FindObjectsInit called, 1 templates
template [00] type: 0000, pValue: bf8cbe8c, ulValueLen: 00000004, value: 3461563220
calling IsConnected
IsConnected returned false
C_FindObjects called, max objects = 1
calling IsConnected
IsConnected returned false
returned 0 objects:
Called C_GetSlotInfo
calling IsConnected
IsConnected returned false
isTokenPresent, card state is 0x3e
C_GetSessionInfo called
calling IsConnected
IsConnected returned false
C_GetSessionInfo called
calling IsConnected
IsConnected returned false
C_Login called
calling IsConnected
IsConnected returned false
Called C_GetSlotInfo
calling IsConnected
IsConnected returned false
isTokenPresent, card state is 0x3e
C_GetSessionInfo called
calling IsConnected
IsConnected returned false
C_FindObjectsInit called, 2 templates
template [00] type: 0001, pValue: 0355df58, ulValueLen: 00000001
template [01] type: 0000, pValue: 0355df5c, ulValueLen: 00000004, value: 1
calling IsConnected
IsConnected returned false
C_FindObjects called, max objects = 16
calling IsConnected
IsConnected returned false
returned 0 objects:
C_GetSessionInfo called
calling IsConnected
IsConnected returned false
C_FindObjectsInit called, 2 templates
template [00] type: 0001, pValue: 0355df58, ulValueLen: 00000001
template [01] type: 0000, pValue: bf8cbe38, ulValueLen: 00000004, value: 3461563219
calling IsConnected
IsConnected returned false
C_FindObjects called, max objects = 10
calling IsConnected
IsConnected returned false
returned 0 objects:
C_CloseAllSessions(0x1) called
Finalizing...
------------------------------------------------------------------------

Initialize called, hello 5
C_GetInfo called
C_GetSlotList called
calling IsConnected
card changed
cleared all sessions
time connect: Connect Time 400 ms
time connect: Read Slot 400 ms
time connect: connection status 401 ms
time connnect: Begin transaction 401 ms
CoolKey Select failed 0x6
CAC Cert 0: select CAC applet:  72 ms
CAC Cert 0: fetch CAC Cert:  149 ms
CAC Cert 0: Cert has been read:  149 ms
CAC Cert 0: Cert has been uncompressed:  149 ms
CAC Cert 1: select CAC applet:  77 ms
CAC Cert 2: select CAC applet:  73 ms
isTokenPresent, card state is 0x3e
C_GetSlotList called
calling IsConnected
IsConnected returned false
isTokenPresent, card state is 0x3e
Called C_GetSlotInfo
calling IsConnected
IsConnected returned false
isTokenPresent, card state is 0x3e
C_GetTokenInfo called
calling IsConnected
IsConnected returned false
isTokenPresent, card state is 0x3e
C_GetMechanismList called
calling IsConnected
IsConnected returned false
isTokenPresent, card state is 0x3e
C_GetMechanismList returning 0
C_GetMechanismList called
calling IsConnected
IsConnected returned false
isTokenPresent, card state is 0x3e
C_GetMechanismList returning 0
C_OpenSession called
calling IsConnected
IsConnected returned false
isTokenPresent, card state is 0x3e
C_FindObjectsInit called, 1 templates
template [00] type: 0000, pValue: bfc4e20c, ulValueLen: 00000004, value: 3461563220
calling IsConnected
IsConnected returned false
C_FindObjects called, max objects = 1
calling IsConnected
IsConnected returned false
returned 0 objects:
Called C_GetSlotInfo
calling IsConnected
IsConnected returned false
isTokenPresent, card state is 0x3e
C_GetSessionInfo called
calling IsConnected
IsConnected returned false
C_GetSessionInfo called
calling IsConnected
IsConnected returned false
C_Login called
calling IsConnected
IsConnected returned false
Called C_GetSlotInfo
calling IsConnected
IsConnected returned false
isTokenPresent, card state is 0x3e
C_GetSessionInfo called
calling IsConnected
IsConnected returned false
C_FindObjectsInit called, 2 templates
template [00] type: 0001, pValue: 0355df58, ulValueLen: 00000001
template [01] type: 0000, pValue: 0355df5c, ulValueLen: 00000004, value: 1
calling IsConnected
IsConnected returned false
C_FindObjectsInit found matching object 0x00000600
C_FindObjects called, max objects = 16
calling IsConnected
IsConnected returned false
returned 1 objects: 0x00000600
C_GetAttributeValue called, 2 templates for object 0x00000600
template [00] type: 0001, pValue: 00000000, ulValueLen: 00000000
template [01] type: 0003, pValue: 00000000, ulValueLen: 00000000
calling IsConnected
IsConnected returned false
template [00] type: 0001, pValue: 00000000, ulValueLen: 00000001
template [01] type: 0003, pValue: 00000000, ulValueLen: 00000012
C_GetAttributeValue called, 2 templates for object 0x00000600
template [00] type: 0001, pValue: 09073b48, ulValueLen: 00000001
template [01] type: 0003, pValue: 09071c28, ulValueLen: 00000012
calling IsConnected
IsConnected returned false
template [00] type: 0001, pValue: 09073b48, ulValueLen: 00000001
template [01] type: 0003, pValue: 09071c28, ulValueLen: 00000012
C_GetAttributeValue called, 1 templates for object 0x00000600
template [00] type: 0011, pValue: 00000000, ulValueLen: 00000000
calling IsConnected
IsConnected returned false
template [00] type: 0011, pValue: 00000000, ulValueLen: 000006ac
C_GetAttributeValue called, 1 templates for object 0x00000600
template [00] type: 0011, pValue: 09080698, ulValueLen: 000006ac
calling IsConnected
IsConnected returned false
template [00] type: 0011, pValue: 09080698, ulValueLen: 000006ac
C_GetSessionInfo called
calling IsConnected
IsConnected returned false
C_FindObjectsInit called, 2 templates
template [00] type: 0001, pValue: 0355df58, ulValueLen: 00000001
template [01] type: 0000, pValue: bfc4e1b8, ulValueLen: 00000004, value: 3461563219
calling IsConnected
IsConnected returned false
C_FindObjects called, max objects = 10
calling IsConnected
IsConnected returned false
returned 0 objects:
C_GetAttributeValue called, 2 templates for object 0x00000600
template [00] type: 0102, pValue: 00000000, ulValueLen: 00000000
template [01] type: 0000, pValue: 00000000, ulValueLen: 00000000
calling IsConnected
IsConnected returned false
template [00] type: 0102, pValue: 00000000, ulValueLen: 00000002
template [01] type: 0000, pValue: 00000000, ulValueLen: 00000004
C_GetAttributeValue called, 2 templates for object 0x00000600
template [00] type: 0102, pValue: 09081ef0, ulValueLen: 00000002
template [01] type: 0000, pValue: 09081ef8, ulValueLen: 00000004, value: 151468600
calling IsConnected
IsConnected returned false
template [00] type: 0102, pValue: 09081ef0, ulValueLen: 00000002
template [01] type: 0000, pValue: 09081ef8, ulValueLen: 00000004, value: 1
C_FindObjectsInit called, 2 templates
template [00] type: 0102, pValue: 09081ef0, ulValueLen: 00000002
template [01] type: 0000, pValue: 09081ef8, ulValueLen: 00000004, value: 3
calling IsConnected
IsConnected returned false
C_FindObjectsInit found matching object 0x00000400
C_FindObjects called, max objects = 1
calling IsConnected
IsConnected returned false
returned 1 objects: 0x00000400
C_CloseAllSessions(0x1) called
Finalizing...
------------------------------------------------------------------------

_______________________________________________
Coolkey-devel mailing list
Coolkey-devel@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/coolkey-devel

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

_______________________________________________
Coolkey-devel mailing list
Coolkey-devel@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/coolkey-devel

[Index of Archives]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Women]

  Powered by Linux