Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

c_initialize_ex() from the basic example returns an error #39

Open
E-genin opened this issue Oct 24, 2022 · 9 comments
Open

c_initialize_ex() from the basic example returns an error #39

E-genin opened this issue Oct 24, 2022 · 9 comments

Comments

@E-genin
Copy link

E-genin commented Oct 24, 2022

Hi,

When trying to run the basic example in the readme file, the function call c_initialize_ex() returns the following error :
... configparser.NoSectionError: No section: 'Chrystoki2'

image

I am using Pyhton 3.9.2 on a windows machine

Thanks in advance

@astraw38
Copy link
Contributor

It's looking for a section in the crystoki.ini that comes with LunaClient installations on Windows. Do other lunaclient binaries work? What is the content of the crystoki.ini? Regardless, you can specify an exact path to the shared lib by setting the environment variable CHRYSTOKI_CONF_DLL to the path to the lib.

@E-genin
Copy link
Author

E-genin commented Oct 25, 2022

Thanks @astraw38 for the reply,

I created the environment variable CHRYSTOKI_CONF_DLL with the path to *.dll library of the PKCS_11 library, but I still get the same error.

For the crystoki.ini, could you specify where I can find it ?

@astraw38
Copy link
Contributor

https://thalesdocs.com/gphsm/luna/7/docs/network/Content/install/client_install/config-file_summary.htm

And per the following code:

            #  depends on different product, lib path could be configured by pointing to path, or stored in a file
            dll_path = os.environ.get(CRYSTOKI_CONF_DLL, parse_chrystoki_conf())

It should never search in crystoki.ini if you set the envvar correctly.

@E-genin
Copy link
Author

E-genin commented Oct 25, 2022

@astraw38 thanks for the reply,

So I added your suggestion and run the following script :

import os
from pycryptoki.default_templates import *
from pycryptoki.defines import *
from pycryptoki.key_generator import *
from pycryptoki.session_management import *
from pycryptoki.encryption import *
from pycryptoki.cryptoki.helpers import *


#  depends on different product, lib path could be configured by pointing to path, or stored in a file
dll_path = os.environ.get('CHRYSTOKI_CONF_DLL', parse_chrystoki_conf())

c_initialize_ex()

CHRYSTOKI_CONF_DLL being the env variable containing the path where the *.dll file is.

Somehow I still get the same issue :

image

It seems I am still unable to to prevent it from looking for that crystoki.ini file

@astraw38
Copy link
Contributor

The code I copy/pasted is from pycryptoki (https://github.com/ThalesGroup/pycryptoki/blob/master/pycryptoki/cryptoki/helpers.py#L189), showing you how it works internally. If it's still reading from the config file, then you do not have the environment variables set. You can view envvars by just printing os.environ.

Again, check the link I pasted before for info about crystoki.ini.

@E-genin
Copy link
Author

E-genin commented Oct 26, 2022

Thanks @astraw38 for the reply,

I checked that the env var is correctly set, what I noticed is that the parse_chrystoki_conf() is called even if the var is found (weird, right? ).

I had to change the line :

#  depends on different product, lib path could be configured by pointing to path, or stored in a file
dll_path = os.environ.get('CHRYSTOKI_CONF_DLL', parse_chrystoki_conf())

to :

#  depends on different product, lib path could be configured by pointing to path, or stored in a file
dll_path = os.environ.get('CHRYSTOKI_CONF_DLL)

Only then, the c_initialize_ex() worked, but I do get a general error now in:
pubkey, privkey = c_generate_key_pair_ex(auth_session, CKM_RSA_PKCS_KEY_PAIR_GEN, pub_template, priv_template)

image

@astraw38
Copy link
Contributor

That session # is rather high - what HSM are you using? And do other tools like ckdemo work?

@E-genin
Copy link
Author

E-genin commented Oct 26, 2022

I am using an HSM simulator from UTIMACO, I haven't tested yet with Luna as I am not familiar with the tool/environment (hence the absence of crystoki.ini) .

@astraw38
Copy link
Contributor

I believe there's ways to demo DPOD? I can make no guarantees whatsosever about Utimaco HSMs & this project - there's a lot of Luna-specific handling. It's pretty close to pure P11, but I know defaults and a lot of constants are vendor-specific, and pretty much all CA_ functions would be purely luna-only.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants