Bug 42342

Summary:	Не работает ГОСТовый слот в токенах Jacarta с p11-kit-proxy
Product:	Sisyphus	Reporter:	Белаш Константин <bk>
Component:	libjcpkcs11	Assignee:	manowar <manowar>
Status:	CLOSED FIXED	QA Contact:	qa-sisyphus
Severity:	normal
Priority:	P5	CC:	klark, manowar
Version:	unstable
Hardware:	x86
OS:	Linux

Description Белаш Константин 2022-04-05 13:43:17 MSK

Смотрим доступные слоты для Jacarta-2 SE через p11-kit-proxy.so:
# pkcs11-tool --module /usr/lib64/p11-kit-proxy.so -T
Available slots:
Slot 0 (0x11): Aladdin R.D. JaCarta 00 00
  token label        :  STANDART.SE
  token manufacturer : Aladdin R.D.
  token model        : eToken GOST
  token flags        : login required, rng, token initialized, user PIN count low, PIN initialized
  hardware version   : 1.0
  firmware version   : 1.6
  serial num         : 6082004469937675
  pin min/max        : 6/32
Slot 1 (0x12): Aladdin R.D. JaCarta 00 00
C_GetTokenInfo() failed: rv = unknown PKCS11 error
Slot 2 (0x13): Aladdin R.D. JaCarta 00 00
  token label        : STANDART.SE
  token manufacturer : Aladdin R.D.
  token model        : JaCarta Laser
  token flags        : login required, rng, token initialized, PIN initialized
  hardware version   : 1.1
  firmware version   : 1.0
  serial num         : 6082004469937675
  pin min/max        : 4/10

"Slot 1" (token model: JaCarta GOST 2.0) не доступен.

Создание модуля (/etc/pkcs11/modules/libjckt2.module) со след. содержимым:
# cat /etc/pkcs11/modules/libjckt2.module
module: /usr/lib64/libjckt2.so
не решает проблему.

Проблему решает создание симлинка в каталоге /usr/lib64/pkcs11/ на /usr/lib64/libjckt2.so, и тогда слот становится доступным:
# cd /usr/lib64/pkcs11/
# ln -s ../libjckt2.so .
# pkcs11-tool --module /usr/lib64/p11-kit-proxy.so -T
Available slots:
Slot 0 (0x11): Aladdin R.D. JaCarta 00 00
  token label        :  STANDART.SE
  token manufacturer : Aladdin R.D.
  token model        : eToken GOST
  token flags        : login required, rng, token initialized, user PIN count low, PIN initialized
  hardware version   : 1.0
  firmware version   : 1.6
  serial num         : 6082004469937675
  pin min/max        : 6/32
Slot 1 (0x12): Aladdin R.D. JaCarta 00 00
  token label        : STANDART.SE
  token manufacturer : Aladdin R.D.
  token model        : JaCarta GOST 2.0
  token flags        : login required, rng, token initialized, user PIN count low, PIN initialized, user PIN locked, other flags=0x800
  hardware version   : 1.0
  firmware version   : 2.55
  serial num         : 6082004469937675
  pin min/max        : 6/32
Slot 2 (0x13): Aladdin R.D. JaCarta 00 00
  token label        : STANDART.SE
  token manufacturer : Aladdin R.D.
  token model        : JaCarta Laser
  token flags        : login required, rng, token initialized, PIN initialized
  hardware version   : 1.1
  firmware version   : 1.0
  serial num         : 6082004469937675
  pin min/max        : 4/10

Comment 1 manowar@altlinux.org 2022-04-07 15:37:24 MSK

https://git.altlinux.org/tasks/298023/

Comment 2 Repository Robot 2022-04-07 18:55:46 MSK

libjcpkcs11-2.7.4-alt6 -> sisyphus:

 Thu Apr 07 2022 Paul Wolneykien <manowar@altlinux> 2.7.4-alt6
 - Make symlinks to all installed libraries from the pkcs11/ subdir
   (closes: 42342).

Comment 3 Leonid Krivoshein 2022-04-07 23:01:02 MSK

Спасибо!