Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Nitrokey HSM: invalid serial number after a heavy load #79

Open
szszszsz opened this issue Jan 16, 2021 · 0 comments
Open

Nitrokey HSM: invalid serial number after a heavy load #79

szszszsz opened this issue Jan 16, 2021 · 0 comments
Labels
bug device/Nitrokey HSM

Comments

@szszszsz
Copy link
Member

Summary

After a heavy load (full smart card populating) the serial number for the device presented in the USB descriptor is different than the HSM smart card's serial number. E.g. instead of DENK00123123, the returned one is 00001010101.

Possible Cause

This is probably caused by the HSM smart card not replying to Nitrokey HSM's request for the serial number due to internal cleanup operations, similarly to #78.

Workaround

Wait until internal processing is finished and reinsert the device. Subsequent boot should result in the proper serial number.

Possible solution

On timeout / invalid serial number prefix use the previously stored serial number. On success, compare the resulting serial number with the one stored, and update the latter on change (e.g. after HSM smart card firmware update, where the serial number is changed).

Details

Frequency: 1/5
HSM smart card firmware: v3.4

Scenario

See #78.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug device/Nitrokey HSM
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@szszszsz