Hi Eskimo, Can you please help me with the issue I am facing with CryptoTokenKit? I have also raised TSI case but no reply as of now. Regards, Anshuman

I have hit the same problem, apparantly when TokenExtension is trying to read values from Keychain it is failing with CSSMERR_CSP_NO_USER_INTERACTION . logs - 2021-03-11 23:06:50.865217+0530 0x96754 Activity 0x750db 10567 0 TokenExtension: (Security) SecItemCopyMatching 2021-03-11 23:06:50.865297+0530 0x96754 Activity 0x750dc 10567 0 TokenExtension: (Security) SecItemCopyMatching_ios 2021-03-11 23:06:50.871820+0530 0x96754 Default 0x750db 10567 0 TokenExtension: (Security) [com.apple.securityd:security_exception] CSSM Exception: -2147415840 CSSMERR_CSP_NO_USER_INTERACTION 2021-03-11 23:06:50.871872+0530 0x96754 Default 0x750db 10567 0 TokenExtension: (Security) [com.apple.securityd:security_exception] CSSM Exception: -2147415840 CSSMERR_CSP_NO_USER_INTERACTION 2021-03-11 23:06:50.871908+0530 0x96754 Default 0x750db 10567 0 TokenExtension: (Security) [com.apple.securityd:integrity] caught CssmError: -2147415840 CSSMERR_CSP_NO_USER_INTERACTION 2021-03-11 23:06:50.872014+0530 0x96754 Default 0x750db 10567 0 TokenExtension: (Security) [com.apple.securityd:integrity] error while checking integrity, denying access: CSSM Exception: -2147415840 CSSMERR_CSP_NO_USER_INTERACTION Can you help me here?

Can you please explain what is the actual reason behind the below error - [client] Unable to connect to tokenServer even after retries. (ep=(null) uid=(null)) Some more information I got from system log - 2021-03-09 00:26:09.036130+0530 localhost ctkd[469]: ctkd [com.apple.CryptoTokenKit:tokenhost] Failed to communicate with driver (null), error: Error Domain=NSCocoaErrorDomain Code=4099 "The connection on anonymousListener or serviceListener from pid 21919 was invalidated." UserInfo={NSDebugDescription=The connection on anonymousListener or serviceListener from pid 21919 was invalidated.} 2021-03-09 00:26:09.036225+0530 localhost ctkd[469]: ctkd [com.apple.CryptoTokenKit:tokenhost] failed to acquire token from extension myTokenExtension, error:Error Domain=NSCocoaErrorDomain Code=4099 "The connection on anonymousListener or serviceListener from pid 21919 was invalidated." UserInfo={NSDebugDescription=The connection on anonymousListener or serviceListener from pid 21919 was invalidated.} 2021-03-09 00:26:09.036497+0530 localhost TokenShow[21975]: (CryptoTokenKit) CryptoTokenKit`-[TKClientToken ensureConnectionWithError:] [com.apple.CryptoTokenKit:client] reconnecting ctkd after invalidate, try 3 I get this intermittently when I unload the token by calling the removeTokenConfiguration and then again load it using addTokenConfiguration. I have a requirement where I want to frequently call remove and add token configuration to sync keys and certificate to CTK multiple times, each time I would want to sync different set of keys+certificates. Also, is there a way to make the keys+certificates/identities available to login or system keychain using CTK extension?

Anyone able to implement this or have any idea how to implement it for Network based Soft token repository, I am trying to see If I can write one using Software based implementation. Has anyone from Apple replied to anyone's query above or via TSI?