-
Notifications
You must be signed in to change notification settings - Fork 33
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Unable to use custom driver #439
Comments
Looks like Fortify uses pvpkcs11.dll module instead of mcard-pkcs11.dll. But it must try modules from cards.json first before pvpkcs11. But I don't see any logs about it I think the simplest way to try your PKCS#11 module is to use |
Please add your PKCS#11 module to {
"cards": [
{
"name": "OMNIKEY AG Smart Card",
"atr": "3b9d188131fc358031c0694d54434f5373020505d3",
"readOnly": false,
"libraries": [
"C:/Program Files/ONECI/mcard/mcard-pkcs11.dll"
]
}
]
} |
By here we go I meant it failed:
Can I have more detail on interface to support? |
Hi again, I did the change in config.json, and it works surprisingly better. My dll is loaded on top of generic PKCS11 and I can access the pin prompt. Will keep you posted, |
I added I think we need to improve our UI and allow Users to add cards or HSMs to |
All in all, in card.json I had added
With the ATR in uppercase as ID, because it's this way with all the other custom configs. By the way, this configuration is for the official ID card of Côte d'Ivoire. What is the process to register for good configurations? |
Please try something like this {
"cards": [
{
"atr": "3B9D188131FC358031C0694D54434F5373020505D3",
"name": "MCARD",
"driver": "5b9ac33100924d9d86b6109147de08c3"
}
],
"drivers": {
"id": "5b9ac33100924d9d86b6109147de08c3",
"name": "MCARD",
"file": {
"windows": "C:/Program Files/ONECI/mcard/mcard-pkcs11.dll"
}
}
}
|
I am also going back to PeculiarVentures/x509#11 as now I can sign, but I cannot verify signature. |
Hi @microshine @rmhrisk Thanks |
Does #439 (comment) work? Does lib exist for Linux and MacOS? I could add it to
It's the file generated by Fortify application. You may create your own script for JSON file opening and editing. |
Yes, editing the file works perfectly. So, I should rewrap your MSI installer with a small script after installation? I guess the zip version cannot work that way, can it? |
I think it's impossible. |
File a bug to support your card and provide all the associated details. |
@Ottunger We published the new version of Fortify today Please restart the Fortify app to update your |
Thank you so much, I will update and try. |
Hi guys, I just tested and nice job, no more need to change custom config for me! x64: "%PROGRAMFILES/ONECI/mcard/mcard-pkcs11.dll" (correct) |
@microshine please confirm card.json contains both. @Ottunger do you have a link for the card details I can look at? |
I checked card.json contains only one. What do you call card details? But in any case, I'm afraid not. |
@Ottunger I am curious what the capabilities of the card are, what product you are using it with, etc. |
In process. Adding x86 path to |
Happy to have a chat but I don't have much info myself, and was told not to disclose too much on Github publicly. |
@donskov I fixed and published |
@Ottunger |
Hi,
I have a smart card with a custom non-complete PKCS11 driver for it.
I have added its configuration to the card.json file:
If I use the same driver for pkcs11-tool, it works flawlessly:
But when I access tools.fortifyapp.com, I can see the token, but no certificate on it. This is happening on a windows 10 x64.
On a windows 8.1 x64, the tools.fortifyapp.com prompts for the PIN of the card and then can display certificates.
Is there anything I could investigate to understand why card is not unlocked?
The fortify.log remains empty.
Side note: I created PeculiarVentures/x509#11 about the certificates which are on this card. I will finally be able to test the signature after I can access the private keys.
Thanks,
The text was updated successfully, but these errors were encountered: