Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Yubikey provider listed twice #45

Open
kmb64 opened this issue Aug 26, 2020 · 12 comments
Open

Yubikey provider listed twice #45

kmb64 opened this issue Aug 26, 2020 · 12 comments

Comments

@kmb64
Copy link

kmb64 commented Aug 26, 2020
edited
Loading

Sometimes after fortify has been running for some time, it will list two providers in the fortify tools provider drop-down as though there are two Yubikeys plugged in when there is definitely only one.

This will then lead to errors in trying to perform operations with the certificates on the card.

Usually have to restart Fortify to resolve this.

Fortify version 1.3.4 running on macOs Catalina 10.15.4

Screen Shot 2020-08-26 at 3 30 37 pm

Screen Shot 2020-08-26 at 3 34 32 pm

Screen Shot 2020-08-26 at 3 40 21 pm
@rmhrisk
Copy link
Contributor

rmhrisk commented Aug 26, 2020

Can you send a copy of the Fortify log when this occurs?

Can you also double check that the YubiKey PIV tool is not showing multiple slots at the same time this occurs?

Are you running the latest YubiKey PIV middleware?

@bls
Copy link

bls commented Sep 1, 2020

Hi, I'm on Karl's team - we're not sure how to check re: showing multiple slots? Our application uses slots 9a & 9d (authentication & we also use FortifyApp for decryption).

For card middleware we installed yubico-piv-tool 2.0.0 from homebrew.

We can see there's a newer release (2.1.1) so we'll test that, thank you. They are also shipping .pkg files now so will install straight from Yubico releases page.

@rmhrisk
Copy link
Contributor

rmhrisk commented Sep 1, 2020

When you get a re-production with the latest middleware please provide a fortify log that shows the double-entry and confirm that the yubikey software does not show two at the same time.

@bls
Copy link

bls commented Sep 1, 2020

Oh, I understand, got it. Thanks, we will definitely check that.

@kmb64
Copy link
Author

kmb64 commented Sep 4, 2020 

{"message":"Provider:Token:Remove reader:'Yubico Yubikey NEO OTP+U2F+CCID' name:'Yubico Yubikey NEO OTP+U2F+CCID' atr:3bfc1300008131fe15597562696b65794e454f7233e1","level":"info"}
{"message":"Provider:RemoveCrypto PKCS#11 '/usr/local/lib/libykcs11.dylib' 'Yubico Yubikey NEO OTP+U2F+CCID'","level":"info"}
{"message":"Provider:RemoveCrypto PKCS#11 finalize '/usr/local/lib/libykcs11.dylib'","level":"info"}
{"message":"Provider:Token:Remove Crypto removed 'Yubico Yubikey NEO OTP+U2F+CCID' e96f0bd16bf92e3b4f1f6139ed6bc858bdb70eec6716530e2038c6ea17d4b5aa","level":"info"}
{"message":"Provider:Token Amount of tokens was changed (+0/-1)","level":"info"}
{"message":"PCSCWatcher: New reader detected Yubico Yubikey NEO OTP+U2F+CCID","level":"info"}
{"message":"PCSCWatcher: New reader detected Yubico Yubikey NEO OTP+U2F+CCID","level":"info"}
{"message":"PCSCWatcher:Insert reader:'Yubico Yubikey NEO OTP+U2F+CCID' ATR:3bfc1300008131fe15597562696b65794e454f7233e1","level":"info"}
{"message":"PCSCWatcher:Insert reader:'Yubico Yubikey NEO OTP+U2F+CCID' ATR:3bfc1300008131fe15597562696b65794e454f7233e1","level":"info"}
{"message":"Provider:Token:Insert: reader:'Yubico Yubikey NEO OTP+U2F+CCID' name:'Yubico Yubikey NEO OTP+U2F+CCID' atr:3bfc1300008131fe15597562696b65794e454f7233e1","level":"info"}
{"message":"Provider:Token:Insert: Loading PKCS#11 library from /usr/local/lib/libykcs11.dylib","level":"info"}
{"message":"Provider:Token:Insert: Looking for Yubico Yubikey NEO OTP+U2F+CCID into 1 slot(s)","level":"info"}
{"message":"Provider: Add crypto 'Yubico Yubikey NEO OTP+U2F+CCID' e96f0bd16bf92e3b4f1f6139ed6bc858bdb70eec6716530e2038c6ea17d4b5aa","level":"info"}
{"message":"Provider:AddCrypto: PKCS#11 '/usr/local/lib/libykcs11.dylib' 'Yubico Yubikey NEO OTP+U2F+CCID'","level":"info"}
{"message":"Provider:Token Amount of tokens was changed (+1/-0)","level":"info"}
{"message":"Provider:Token:Remove reader:'Yubico Yubikey NEO OTP+U2F+CCID' name:'Yubico Yubikey NEO OTP+U2F+CCID' atr:3bfc1300008131fe15597562696b65794e454f7233e1","level":"info"}
{"message":"Provider:RemoveCrypto PKCS#11 '/usr/local/lib/libykcs11.dylib' 'Yubico Yubikey NEO OTP+U2F+CCID'","level":"info"}
{"message":"Provider:RemoveCrypto PKCS#11 finalize '/usr/local/lib/libykcs11.dylib'","level":"info"}
{"message":"Provider:Token:Remove Crypto removed 'Yubico Yubikey NEO OTP+U2F+CCID' e96f0bd16bf92e3b4f1f6139ed6bc858bdb70eec6716530e2038c6ea17d4b5aa","level":"info"}
{"message":"Provider:Token Amount of tokens was changed (+0/-1)","level":"info"}
{"message":"Server: Close session  origin:https://demoapp.kimba-dev.io (code: 1001)","level":"info"}
{"message":"PCSCWatcher: New reader detected Yubico Yubikey NEO OTP+U2F+CCID","level":"info"}
{"message":"PCSCWatcher: New reader detected Yubico Yubikey NEO OTP+U2F+CCID","level":"info"}
{"message":"PCSCWatcher:Insert reader:'Yubico Yubikey NEO OTP+U2F+CCID' ATR:3bfc1300008131fe15597562696b65794e454f7233e1","level":"info"}
{"message":"PCSCWatcher:Insert reader:'Yubico Yubikey NEO OTP+U2F+CCID' ATR:3bfc1300008131fe15597562696b65794e454f7233e1","level":"info"}
{"message":"Provider:Token:Insert: reader:'Yubico Yubikey NEO OTP+U2F+CCID' name:'Yubico Yubikey NEO OTP+U2F+CCID' atr:3bfc1300008131fe15597562696b65794e454f7233e1","level":"info"}
{"message":"Provider:Token:Insert: Loading PKCS#11 library from /usr/local/lib/libykcs11.dylib","level":"info"}
{"message":"Provider:Token:Insert: Looking for Yubico Yubikey NEO OTP+U2F+CCID into 1 slot(s)","level":"info"}
{"message":"Provider: Add crypto 'Yubico Yubikey NEO OTP+U2F+CCID' e96f0bd16bf92e3b4f1f6139ed6bc858bdb70eec6716530e2038c6ea17d4b5aa","level":"info"}
{"message":"Provider:AddCrypto: PKCS#11 '/usr/local/lib/libykcs11.dylib' 'Yubico Yubikey NEO OTP+U2F+CCID'","level":"info"}
{"message":"Provider:Token Amount of tokens was changed (+1/-0)","level":"info"}
{"message":"Provider:Token:Remove reader:'Yubico Yubikey NEO OTP+U2F+CCID' name:'Yubico Yubikey NEO OTP+U2F+CCID' atr:3bfc1300008131fe15597562696b65794e454f7233e1","level":"info"}
{"message":"e: TOKEN_REMOVE_NO_SLOTS_FOUND\n    at new e (/Applications/Fortify.app/Contents/Resources/app/out/main.js:18:663972)\n    at $t.<anonymous> (/Applications/Fortify.app/Contents/Resources/app/out/main.js:32:35212)\n    at Generator.next (<anonymous>)\n    at s (/Applications/Fortify.app/Contents/Resources/app/out/main.js:18:628213)","level":"error"}
{"message":"PCSCWatcher:Insert reader:'Yubico Yubikey NEO OTP+U2F+CCID' ATR:3bfc1300008131fe15597562696b65794e454f7233e1","level":"info"}
{"message":"PCSCWatcher:Insert reader:'Yubico Yubikey NEO OTP+U2F+CCID' ATR:3bfc1300008131fe15597562696b65794e454f7233e1","level":"info"}
{"message":"Provider:Token:Insert: reader:'Yubico Yubikey NEO OTP+U2F+CCID' name:'Yubico Yubikey NEO OTP+U2F+CCID' atr:3bfc1300008131fe15597562696b65794e454f7233e1","level":"info"}
{"message":"Provider:Token:Insert: Loading PKCS#11 library from /usr/local/lib/libykcs11.dylib","level":"info"}
{"message":"Provider:Token:Remove reader:'Yubico Yubikey NEO OTP+U2F+CCID' name:'Yubico Yubikey NEO OTP+U2F+CCID' atr:3bfc1300008131fe15597562696b65794e454f7233e1","level":"info"}
{"message":"Provider:Token:Insert: Looking for Yubico Yubikey NEO OTP+U2F+CCID into 1 slot(s)","level":"info"}
{"message":"Provider:Token:Insert: Loading PKCS#11 library from /Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so","level":"info"}
{"message":"Provider:Token:Insert: No slots found. It's possible token 3bfc1300008131fe15597562696b65794e454f7233e1 uses wrong PKCS#11 lib /usr/local/lib/libykcs11.dylib,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so","level":"error"}
{"message":"Provider:Token:Insert: Loading PKCS#11 library from /Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so","level":"info"}
{"message":"Provider:Token:Insert: No slots found. It's possible token 3bfc1300008131fe15597562696b65794e454f7233e1 uses wrong PKCS#11 lib /usr/local/lib/libykcs11.dylib,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so","level":"error"}
{"message":"Provider:Token:Insert: Loading PKCS#11 library from /Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so","level":"info"}
{"message":"Provider:Token:Insert: No slots found. It's possible token 3bfc1300008131fe15597562696b65794e454f7233e1 uses wrong PKCS#11 lib /usr/local/lib/libykcs11.dylib,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so","level":"error"}
{"message":"Provider:Token:Insert: Loading PKCS#11 library from /Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so","level":"info"}
{"message":"Provider:Token:Insert: No slots found. It's possible token 3bfc1300008131fe15597562696b65794e454f7233e1 uses wrong PKCS#11 lib /usr/local/lib/libykcs11.dylib,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so","level":"error"}
{"message":"Provider:Token:Insert: Loading PKCS#11 library from /Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so","level":"info"}
{"message":"Provider:Token:Insert: No slots found. It's possible token 3bfc1300008131fe15597562696b65794e454f7233e1 uses wrong PKCS#11 lib /usr/local/lib/libykcs11.dylib,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so","level":"error"}
{"message":"Provider:Token:Insert: Loading PKCS#11 library from /Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so","level":"info"}
{"message":"Provider:Token:Insert: No slots found. It's possible token 3bfc1300008131fe15597562696b65794e454f7233e1 uses wrong PKCS#11 lib /usr/local/lib/libykcs11.dylib,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so","level":"error"}
{"message":"Provider:Token:Insert: Loading PKCS#11 library from /Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so","level":"info"}
{"message":"Provider:Token:Insert: No slots found. It's possible token 3bfc1300008131fe15597562696b65794e454f7233e1 uses wrong PKCS#11 lib /usr/local/lib/libykcs11.dylib,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so","level":"error"}
{"message":"Provider:Token:Insert: Loading PKCS#11 library from /Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so","level":"info"}
{"message":"Provider:Token:Insert: No slots found. It's possible token 3bfc1300008131fe15597562696b65794e454f7233e1 uses wrong PKCS#11 lib /usr/local/lib/libykcs11.dylib,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so","level":"error"}
{"message":"Provider:Token:Insert: Loading PKCS#11 library from /Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so","level":"info"}
{"message":"Provider:Token:Insert: No slots found. It's possible token 3bfc1300008131fe15597562696b65794e454f7233e1 uses wrong PKCS#11 lib /usr/local/lib/libykcs11.dylib,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so","level":"error"}
{"message":"Provider:Token:Insert: Loading PKCS#11 library from /Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so","level":"info"}
{"message":"Provider:Token:Insert: No slots found. It's possible token 3bfc1300008131fe15597562696b65794e454f7233e1 uses wrong PKCS#11 lib /usr/local/lib/libykcs11.dylib,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so","level":"error"}
{"message":"Provider:Token:Insert: Loading PKCS#11 library from /Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so","level":"info"}
{"message":"Provider:Token:Insert: No slots found. It's possible token 3bfc1300008131fe15597562696b65794e454f7233e1 uses wrong PKCS#11 lib /usr/local/lib/libykcs11.dylib,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so","level":"error"}
{"message":"Provider:Token:Insert: Loading PKCS#11 library from /Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so","level":"info"}
{"message":"Provider:Token:Insert: No slots found. It's possible token 3bfc1300008131fe15597562696b65794e454f7233e1 uses wrong PKCS#11 lib /usr/local/lib/libykcs11.dylib,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so","level":"error"}
{"message":"Provider:Token:Insert: Loading PKCS#11 library from /Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so","level":"info"}
{"message":"Provider:Token:Insert: No slots found. It's possible token 3bfc1300008131fe15597562696b65794e454f7233e1 uses wrong PKCS#11 lib /usr/local/lib/libykcs11.dylib,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so","level":"error"}
{"message":"Provider:Token:Insert: Loading PKCS#11 library from /Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so","level":"info"}
{"message":"Provider:Token:Insert: No slots found. It's possible token 3bfc1300008131fe15597562696b65794e454f7233e1 uses wrong PKCS#11 lib /usr/local/lib/libykcs11.dylib,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so,/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so","level":"error"}
{"message":"e: /Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so\n    at new e (/Applications/Fortify.app/Contents/Resources/app/out/main.js:18:663972)\n    at $t.<anonymous> (/Applications/Fortify.app/Contents/Resources/app/out/main.js:32:33772)\n    at Generator.next (<anonymous>)\n    at s (/Applications/Fortify.app/Contents/Resources/app/out/main.js:18:628213)","level":"error"}
{"message":"Fortify: Create window message","level":"info"}
{"message":"e: TOKEN_REMOVE_NO_SLOTS_FOUND\n    at new e (/Applications/Fortify.app/Contents/Resources/app/out/main.js:18:663972)\n    at $t.<anonymous> (/Applications/Fortify.app/Contents/Resources/app/out/main.js:32:35212)\n    at Generator.next (<anonymous>)\n    at s (/Applications/Fortify.app/Contents/Resources/app/out/main.js:18:628213)","level":"error"}
{"message":"PCSCWatcher:Insert reader:'Yubico Yubikey NEO OTP+U2F+CCID' ATR:3bfc1300008131fe15597562696b65794e454f7233e1","level":"info"}
{"message":"PCSCWatcher:Insert reader:'Yubico Yubikey NEO OTP+U2F+CCID' ATR:3bfc1300008131fe15597562696b65794e454f7233e1","level":"info"}
{"message":"Provider:Token:Insert: reader:'Yubico Yubikey NEO OTP+U2F+CCID' name:'Yubico Yubikey NEO OTP+U2F+CCID' atr:3bfc1300008131fe15597562696b65794e454f7233e1","level":"info"}
{"message":"Provider:Token:Insert: Loading PKCS#11 library from /usr/local/lib/libykcs11.dylib","level":"info"}
{"message":"Provider:Token:Insert: Looking for Yubico Yubikey NEO OTP+U2F+CCID into 1 slot(s)","level":"info"}
{"message":"Provider:Token:Insert: Loading PKCS#11 library from /Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so","level":"info"}
{"message":"Provider:Token:Insert: Looking for Yubico Yubikey NEO OTP+U2F+CCID into 1 slot(s)","level":"info"}
{"message":"Provider: Add crypto 'Yubico Yubikey NEO OTP+U2F+CCID' e96f0bd16bf92e3b4f1f6139ed6bc858bdb70eec6716530e2038c6ea17d4b5aa","level":"info"}
{"message":"Provider:AddCrypto: PKCS#11 '/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so' 'Yubico Yubikey NEO OTP+U2F+CCID'","level":"info"}
{"message":"Provider:Token Amount of tokens was changed (+1/-0)","level":"info"}
{"message":"Server: New session connect https://tools.fortifyapp.com","level":"info"}
{"message":"Server: Push session to stack","level":"info"}
{"message":"Server: Cannot parse MessageSignedProtocol","level":"info"}
{"message":"Server: Initialize secure session origin:https://tools.fortifyapp.com id:b54d6bead93b47547a862ec29131ea648ebef3c61fa0e83f6acc1bf95da5edb7 authorized:true","level":"info"}
{"message":"Server: session:b54d6bead93b47547a862ec29131ea648ebef3c61fa0e83f6acc1bf95da5edb7 server/isLoggedIn","level":"info"}
{"message":"Server: session:b54d6bead93b47547a862ec29131ea648ebef3c61fa0e83f6acc1bf95da5edb7 provider/action/info","level":"info"}
{"message":"Server: session:b54d6bead93b47547a862ec29131ea648ebef3c61fa0e83f6acc1bf95da5edb7 provider/action/getCrypto","level":"info"}
{"message":"Server: session:b54d6bead93b47547a862ec29131ea648ebef3c61fa0e83f6acc1bf95da5edb7 provider/action/getCrypto reader:'MacOS Crypto' name:'MacOS Crypto' id:68020fd23079a8741a2bec2436d615d892ff58a9","level":"info"}
{"message":"Server: session:b54d6bead93b47547a862ec29131ea648ebef3c61fa0e83f6acc1bf95da5edb7 provider:68020fd23079a8741a2bec2436d615d892ff58a9 crypto/isLoggedIn","level":"info"}
{"message":"Server: session:b54d6bead93b47547a862ec29131ea648ebef3c61fa0e83f6acc1bf95da5edb7 provider/action/getCrypto","level":"info"}
{"message":"Server: session:b54d6bead93b47547a862ec29131ea648ebef3c61fa0e83f6acc1bf95da5edb7 provider/action/getCrypto reader:'NSS User Private Key and Certificate Services' name:'NSS Certificate DB' id:8bbae6f98340d7a92006c21da65c1acd345ba946","level":"info"}
{"message":"Server: session:b54d6bead93b47547a862ec29131ea648ebef3c61fa0e83f6acc1bf95da5edb7 provider:8bbae6f98340d7a92006c21da65c1acd345ba946 crypto/isLoggedIn","level":"info"}
{"message":"Server: session:b54d6bead93b47547a862ec29131ea648ebef3c61fa0e83f6acc1bf95da5edb7 provider/action/getCrypto","level":"info"}
{"message":"Server: session:b54d6bead93b47547a862ec29131ea648ebef3c61fa0e83f6acc1bf95da5edb7 provider/action/getCrypto reader:'Yubico Yubikey NEO OTP+U2F+CCID' name:'Yubico Yubikey NEO OTP+U2F+CCID' id:e96f0bd16bf92e3b4f1f6139ed6bc858bdb70eec6716530e2038c6ea17d4b5aa","level":"info"}
{"message":"Server: session:b54d6bead93b47547a862ec29131ea648ebef3c61fa0e83f6acc1bf95da5edb7 provider:e96f0bd16bf92e3b4f1f6139ed6bc858bdb70eec6716530e2038c6ea17d4b5aa crypto/isLoggedIn","level":"info"}
{"message":"Server: session:b54d6bead93b47547a862ec29131ea648ebef3c61fa0e83f6acc1bf95da5edb7 provider/action/getCrypto","level":"info"}
{"message":"Server: session:b54d6bead93b47547a862ec29131ea648ebef3c61fa0e83f6acc1bf95da5edb7 provider/action/getCrypto reader:'Yubico Yubikey NEO OTP+U2F+CCID' name:'Yubico Yubikey NEO OTP+U2F+CCID' id:e96f0bd16bf92e3b4f1f6139ed6bc858bdb70eec6716530e2038c6ea17d4b5aa","level":"info"}
{"message":"Server: session:b54d6bead93b47547a862ec29131ea648ebef3c61fa0e83f6acc1bf95da5edb7 provider:e96f0bd16bf92e3b4f1f6139ed6bc858bdb70eec6716530e2038c6ea17d4b5aa crypto/isLoggedIn","level":"info"}
{"message":"Server: session:b54d6bead93b47547a862ec29131ea648ebef3c61fa0e83f6acc1bf95da5edb7 provider/action/getCrypto","level":"info"}
{"message":"Server: session:b54d6bead93b47547a862ec29131ea648ebef3c61fa0e83f6acc1bf95da5edb7 provider/action/getCrypto reader:'MacOS Crypto' name:'MacOS Crypto' id:68020fd23079a8741a2bec2436d615d892ff58a9","level":"info"}
{"message":"Server: session:b54d6bead93b47547a862ec29131ea648ebef3c61fa0e83f6acc1bf95da5edb7 provider:68020fd23079a8741a2bec2436d615d892ff58a9 crypto/isLoggedIn","level":"info"}
{"message":"Server: session:b54d6bead93b47547a862ec29131ea648ebef3c61fa0e83f6acc1bf95da5edb7 provider:68020fd23079a8741a2bec2436d615d892ff58a9 crypto/keyStorage/keys","level":"info"}
{"message":"Server: session:b54d6bead93b47547a862ec29131ea648ebef3c61fa0e83f6acc1bf95da5edb7 provider:68020fd23079a8741a2bec2436d615d892ff58a9 crypto/certificateStorage/keys","level":"info"}
{"message":"Server: session:b54d6bead93b47547a862ec29131ea648ebef3c61fa0e83f6acc1bf95da5edb7 provider:68020fd23079a8741a2bec2436d615d892ff58a9 crypto/certificateStorage/getItem","level":"info"}
{"message":"Server: session:b54d6bead93b47547a862ec29131ea648ebef3c61fa0e83f6acc1bf95da5edb7 provider:68020fd23079a8741a2bec2436d615d892ff58a9 crypto/certificateStorage/getItem","level":"info"}
{"message":"Server: session:b54d6bead93b47547a862ec29131ea648ebef3c61fa0e83f6acc1bf95da5edb7 provider:68020fd23079a8741a2bec2436d615d892ff58a9 crypto/certificateStorage/getItem","level":"info"}
{"message":"Server: session:b54d6bead93b47547a862ec29131ea648ebef3c61fa0e83f6acc1bf95da5edb7 provider:68020fd23079a8741a2bec2436d615d892ff58a9 crypto/certificateStorage/getItem","level":"info"}
{"message":"Server: session:b54d6bead93b47547a862ec29131ea648ebef3c61fa0e83f6acc1bf95da5edb7 provider:68020fd23079a8741a2bec2436d615d892ff58a9 crypto/certificateStorage/getItem","level":"info"}
{"message":"Server: session:b54d6bead93b47547a862ec29131ea648ebef3c61fa0e83f6acc1bf95da5edb7 provider:68020fd23079a8741a2bec2436d615d892ff58a9 crypto/certificateStorage/getItem","level":"info"}
{"message":"Server: session:b54d6bead93b47547a862ec29131ea648ebef3c61fa0e83f6acc1bf95da5edb7 provider:68020fd23079a8741a2bec2436d615d892ff58a9 crypto/certificateStorage/getItem","level":"info"}
{"message":"Server: session:b54d6bead93b47547a862ec29131ea648ebef3c61fa0e83f6acc1bf95da5edb7 provider:68020fd23079a8741a2bec2436d615d892ff58a9 crypto/certificateStorage/getItem","level":"info"}
{"message":"Server: session:b54d6bead93b47547a862ec29131ea648ebef3c61fa0e83f6acc1bf95da5edb7 provider:68020fd23079a8741a2bec2436d615d892ff58a9 crypto/certificateStorage/getItem","level":"info"}
{"message":"Server: session:b54d6bead93b47547a862ec29131ea648ebef3c61fa0e83f6acc1bf95da5edb7 provider:68020fd23079a8741a2bec2436d615d892ff58a9 crypto/certificateStorage/getItem","level":"info"}
{"message":"Server: session:b54d6bead93b47547a862ec29131ea648ebef3c61fa0e83f6acc1bf95da5edb7 provider:68020fd23079a8741a2bec2436d615d892ff58a9 crypto/certificateStorage/export","level":"info"}
{"message":"Server: session:b54d6bead93b47547a862ec29131ea648ebef3c61fa0e83f6acc1bf95da5edb7 provider:68020fd23079a8741a2bec2436d615d892ff58a9 crypto/certificateStorage/export","level":"info"}
{"message":"Server: session:b54d6bead93b47547a862ec29131ea648ebef3c61fa0e83f6acc1bf95da5edb7 provider:68020fd23079a8741a2bec2436d615d892ff58a9 crypto/certificateStorage/export","level":"info"}
{"message":"Server: session:b54d6bead93b47547a862ec29131ea648ebef3c61fa0e83f6acc1bf95da5edb7 provider:68020fd23079a8741a2bec2436d615d892ff58a9 crypto/certificateStorage/export","level":"info"}
{"message":"Server: session:b54d6bead93b47547a862ec29131ea648ebef3c61fa0e83f6acc1bf95da5edb7 provider:68020fd23079a8741a2bec2436d615d892ff58a9 crypto/certificateStorage/export","level":"info"}
{"message":"Server: session:b54d6bead93b47547a862ec29131ea648ebef3c61fa0e83f6acc1bf95da5edb7 provider:68020fd23079a8741a2bec2436d615d892ff58a9 crypto/certificateStorage/export","level":"info"}
{"message":"Server: session:b54d6bead93b47547a862ec29131ea648ebef3c61fa0e83f6acc1bf95da5edb7 provider:68020fd23079a8741a2bec2436d615d892ff58a9 crypto/certificateStorage/export","level":"info"}
{"message":"Server: session:b54d6bead93b47547a862ec29131ea648ebef3c61fa0e83f6acc1bf95da5edb7 provider:68020fd23079a8741a2bec2436d615d892ff58a9 crypto/certificateStorage/export","level":"info"}
{"message":"Server: session:b54d6bead93b47547a862ec29131ea648ebef3c61fa0e83f6acc1bf95da5edb7 provider:68020fd23079a8741a2bec2436d615d892ff58a9 crypto/certificateStorage/export","level":"info"}
{"message":"Server: session:b54d6bead93b47547a862ec29131ea648ebef3c61fa0e83f6acc1bf95da5edb7 provider:68020fd23079a8741a2bec2436d615d892ff58a9 crypto/certificateStorage/export","level":"info"}
{"message":"Fortify: Create window settings","level":"info"}

@kmb64
Copy link
Author

kmb64 commented Sep 4, 2020

Screen Shot 2020-08-20 at 8 46 57 am

@kmb64
Copy link
Author

kmb64 commented Sep 4, 2020

Output form yubikey-piv-tool:

yubico-piv-tool --r=Yubikey --action=list-readers Yubico Yubikey NEO OTP+U2F+CCID

@microshine
Copy link
Contributor

@kmb64 Please try this v1.3.7 alfa version

I've tested it with my Yubico key and it works fine

{"message":"PCSCWatcher: New reader detected Yubico Yubikey NEO OTP+U2F+CCID","level":"info"}
{"message":"PCSCWatcher:Insert reader:'Yubico Yubikey NEO OTP+U2F+CCID' ATR:3bfc1300008131fe15597562696b65794e454f7233e1","level":"info"}
{"message":"Provider:Token:Insert: reader:'Yubico Yubikey NEO OTP+U2F+CCID' name:'Yubikey NEO, ECDSA P-256' atr:3bfc1300008131fe15597562696b65794e454f7233e1","level":"info"}
{"message":"Provider:Token:Insert: Loading PKCS#11 library from /Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so","level":"info"}
{"message":"Provider:Token:Insert: Looking for Yubico Yubikey NEO OTP+U2F+CCID into 1 slot(s)","level":"info"}
{"message":"Provider: Add crypto 'Yubikey NEO, ECDSA P-256' e96f0bd16bf92e3b4f1f6139ed6bc858bdb70eec6716530e2038c6ea17d4b5aa","level":"info"}
{"message":"Provider:AddCrypto: PKCS#11 '/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so' 'Yubikey NEO, ECDSA P-256'","level":"info"}
{"message":"Provider:Token Amount of tokens was changed (+1/-0)","level":"info"}

...

{"message":"Provider:Token:Remove reader:'Yubico Yubikey NEO OTP+U2F+CCID' name:'Yubikey NEO, ECDSA P-256' atr:3bfc1300008131fe15597562696b65794e454f7233e1","level":"info"}
{"message":"Provider:RemoveCrypto PKCS#11 '/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so' 'Yubikey NEO, ECDSA P-256'","level":"info"}
{"message":"Provider:RemoveCrypto PKCS#11 finalize '/Applications/Fortify.app/Contents/MacOS/opensc-pkcs11.so'","level":"info"}
{"message":"Provider:Token:Remove Crypto removed 'Yubikey NEO, ECDSA P-256' e96f0bd16bf92e3b4f1f6139ed6bc858bdb70eec6716530e2038c6ea17d4b5aa","level":"info"}
{"message":"Provider:Token Amount of tokens was changed (+0/-1)","level":"info"}

@kmb64
Copy link
Author

kmb64 commented Sep 7, 2020

@microshine I've updated to use v1.3.7 and now the Yubikey provider is being listed by the label of one of the certificates installed on the device?

Screen Shot 2020-09-07 at 10 12 16 am

'secure-operator9A' is the name of one of the certificates. Usually, it would display 'Yubico Yubikey NEO OTP+U2F+CCID' as the provider name in this dropdown. Is this a new separate issue?

@microshine
Copy link
Contributor

microshine commented Sep 7, 2020
edited
Loading

Interesting. I've started "@webcrypto-local/server". It shows the correct reader name

Looks like it's an issue

What about the previous issue. Is it listed twice?

@microshine
Copy link
Contributor

Here is a new issue PeculiarVentures/fortify#356 for that case

@kmb64
Copy link
Author

kmb64 commented Sep 7, 2020

The previous, original issue is hard to reproduce as it only happens after a period of time but I'm not sure what this period of time is and what causes it. I will keep working with it to see if it reoccurs.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@bls @kmb64 @rmhrisk @microshine