Anyone able to implement this or have any idea how to implement it for Network based Soft token repository, I am trying to see If I can write one using Software based implementation.
Has anyone from Apple replied to anyone's query above or via TSI?
Post
Replies
Boosts
Views
Activity
Can you please explain what is the actual reason behind the below error -
[client] Unable to connect to tokenServer even after retries. (ep=(null) uid=(null))
Some more information I got from system log -
2021-03-09 00:26:09.036130+0530 localhost ctkd[469]: ctkd [com.apple.CryptoTokenKit:tokenhost] Failed to communicate with driver (null), error: Error Domain=NSCocoaErrorDomain Code=4099 "The connection on anonymousListener or serviceListener from pid 21919 was invalidated." UserInfo={NSDebugDescription=The connection on anonymousListener or serviceListener from pid 21919 was invalidated.}
2021-03-09 00:26:09.036225+0530 localhost ctkd[469]: ctkd [com.apple.CryptoTokenKit:tokenhost] failed to acquire token from extension myTokenExtension, error:Error Domain=NSCocoaErrorDomain Code=4099 "The connection on anonymousListener or serviceListener from pid 21919 was invalidated." UserInfo={NSDebugDescription=The connection on anonymousListener or serviceListener from pid 21919 was invalidated.}
2021-03-09 00:26:09.036497+0530 localhost TokenShow[21975]: (CryptoTokenKit) CryptoTokenKit`-[TKClientToken ensureConnectionWithError:] [com.apple.CryptoTokenKit:client] reconnecting ctkd after invalidate, try 3
I get this intermittently when I unload the token by calling the removeTokenConfiguration and then again load it using addTokenConfiguration.
I have a requirement where I want to frequently call remove and add token configuration to sync keys and certificate to CTK multiple times, each time I would want to sync different set of keys+certificates.
Also, is there a way to make the keys+certificates/identities available to login or system keychain using CTK extension?
I have hit the same problem, apparantly when TokenExtension is trying to read values from Keychain it is failing with CSSMERR_CSP_NO_USER_INTERACTION .
logs -
2021-03-11 23:06:50.865217+0530 0x96754 Activity 0x750db 10567 0 TokenExtension: (Security) SecItemCopyMatching
2021-03-11 23:06:50.865297+0530 0x96754 Activity 0x750dc 10567 0 TokenExtension: (Security) SecItemCopyMatching_ios
2021-03-11 23:06:50.871820+0530 0x96754 Default 0x750db 10567 0 TokenExtension: (Security) [com.apple.securityd:security_exception] CSSM Exception: -2147415840 CSSMERR_CSP_NO_USER_INTERACTION
2021-03-11 23:06:50.871872+0530 0x96754 Default 0x750db 10567 0 TokenExtension: (Security) [com.apple.securityd:security_exception] CSSM Exception: -2147415840 CSSMERR_CSP_NO_USER_INTERACTION
2021-03-11 23:06:50.871908+0530 0x96754 Default 0x750db 10567 0 TokenExtension: (Security) [com.apple.securityd:integrity] caught CssmError: -2147415840 CSSMERR_CSP_NO_USER_INTERACTION
2021-03-11 23:06:50.872014+0530 0x96754 Default 0x750db 10567 0 TokenExtension: (Security) [com.apple.securityd:integrity] error while checking integrity, denying access: CSSM Exception: -2147415840 CSSMERR_CSP_NO_USER_INTERACTION
Can you help me here?
Hi Eskimo, Can you please help me with the issue I am facing with CryptoTokenKit? I have also raised TSI case but no reply as of now.
Regards,
Anshuman