EldoS | Feel safer!

Software components for data protection, secure storage and transfer

SmartCard PKCS11 access error using demos apps

Also by EldoS: Rethync
The cross-platform framework that simplifies synchronizing data between mobile and desktop applications and servers and cloud storages
Posted: 04/16/2009 08:26:48
by Pierre Costa (Basic support level)
Joined: 04/16/2009
Posts: 3


I am trying to access certificates located into French medical SmartCard (the doctor's one that own signature and authentication certificates, protected by PIN code). I want to get to make SSL connection using the authent certificate protected by a PIN code.

I am looking for the right product and actually found SecureBlackBox that looks easier than direct API calls to PKCS11 and SSL libs.

But when I try the two PKCS11 oriented demos, I get "PKCS11 Error in function #12 code 226" when I try to Open the SmartCard. PKCS11 DLL is loaded, and the card reader appear in available slots listbox as "PC/SC reader on GALSS".

I read somebody's else topic in this forum looking for information about Smart Card access and an Eldos staff member anwsered PC/SC is not supported, is this why I get the error ?

Posted: 04/16/2009 08:39:26
by Ken Ivanov (Team)

Thank you for your interest in our products.

"Error in function #12 code 226" stands for "Error in function PKCS11_OpenSession, code CKR_TOKEN_WRITE_PROTECTED". Please try to pass the True value to the ReadOnly parameter of the OpenSession() method explicitly (the demo chooses it according to the corresponding flag of the slot object, but some tokens may expose wrong value through it).

SecureBlackbox does not support PC/SC, but it does support PKCS11. So if the token supports PKCS11, SecureBlackbox will be able to use it.
Posted: 04/16/2009 09:11:41
by Pierre Costa (Basic support level)
Joined: 04/16/2009
Posts: 3


Thank you for this fast answer,

The token support PKCS11 so it should be ok, I did the trick and now it goes a bit further but this time error is code 6 in function #26.

Posted: 04/16/2009 09:27:58
by Ken Ivanov (Team)

It stands for CKR_FUNCTION_FAILED error in PKCS11_FindObjectsInit function. Are there any objects (certificates, private keys) available on the token? Actually, CKR_FUNCTION_FAILED is a non-conformant return value for PKCS11_FindObjectsInit() function (and that's why an exception is thrown), but I assume that some tokens may return it if no objects are available on the token.
Posted: 04/16/2009 13:14:01
by Pierre Costa (Basic support level)
Joined: 04/16/2009
Posts: 3

The SmartCard contain two X.509 certificates one for signing and one for authentication.
Posted: 04/17/2009 00:03:13
by Ken Ivanov (Team)

Hmm, it's quite strange then. I have one idea actually. Let's continue the conversation in the Helpdesk (the forum does not allow to post big files). I've created a helpdesk ticket for you.
Also by EldoS: RawDisk
Access locked and protected files in Windows, read and write disks and partitions and more.



Topic viewed 3101 times

Number of guests: 1, registered members: 0, in total hidden: 0


Back to top

As of July 15, 2016 EldoS business operates as a division of /n software, inc. For more information, please read the announcement.

Got it!