Epass2003 not detected in fortify web component
rossinicolas opened this issue · 6 comments
Hi, the Epass2003 tokens are not detected in the Fortify Web-Compent list if we setup the onlySmartcards in true.
Could you tell us what's could be the problem.
TIA
Do you see this token without that flag?
Fortify reads information about the token and detects if the token is removable. Fortify Web-Compent uses this information for filtering. So it's possible that your token returns another value.
Please share some information about your environment.
- What is the version of your operating system?
- What is the version of Fortify?
- What PKCS11 library does Fortify use to work with your token? This information can be obtained from the logs of the application
~/.fortify/fortify.log.
Do you see this token without that flag?
Fortify reads information about the token and detects if the token is removable. Fortify Web-Compent uses this information for filtering. So it's possible that your token returns another value.
Please share some information about your environment.
- What is the version of your operating system?
Windows 10 Pro Versión: 1903- What is the version of Fortify?
1.8.4- What PKCS11 library does Fortify use to work with your token? This information can be obtained from the logs of the application
~/.fortify/fortify.log.
**{"level":"info","message":"Logging status changed","source":"logging","timestamp":"2023-02-23T16:05:02.649Z","value":true} {"level":"info","message":"Create a new connection","origin":"https://myurl.com","source":"server","timestamp":"2023-02-23T16:11:47.065Z"} {"level":"info","message":"Push session to stack","origin":"https://myurl.com","source":"server","timestamp":"2023-02-23T16:11:47.067Z"} {"level":"warn","message":"Cannot parse MessageSignedProtocol","source":"server","timestamp":"2023-02-23T16:11:47.090Z"} {"authorized":true,"level":"info","message":"Initialize secure session","origin":"https://myurl.com","session":"334865dc4bbe38ceacd8342d76971f0feaeb434a508b45a99edf3a565550c694","source":"server","timestamp":"2023-02-23T16:11:47.133Z"} {"action":"server/isLoggedIn","level":"info","message":"Run action","session":"334865dc4bbe38ceacd8342d76971f0feaeb434a508b45a99edf3a565550c694","source":"server","timestamp":"2023-02-23T16:11:47.135Z"} {"action":"provider/action/info","level":"info","message":"Run action","session":"334865dc4bbe38ceacd8342d76971f0feaeb434a508b45a99edf3a565550c694","source":"server","timestamp":"2023-02-23T16:11:47.149Z"} {"level":"info","message":"Close window","name":"preferences","source":"windows","timestamp":"2023-02-23T16:14:33.286Z"} {"level":"error","message":"Server event error","source":"server","timestamp":"2023-02-23T16:14:33.840Z"} {"level":"info","message":"Closing open disposable windows","origin":"https://myurl.com:54167","source":"server","timestamp":"2023-02-23T16:14:33.840Z"} {"description":"","event":"close","level":"info","message":"Close session","reasonCode":1005,"remoteAddress":"https://myurl.com:54167","source":"server","timestamp":"2023-02-23T16:14:33.841Z"}**
{"authorized":true,"level":"info","message":"Initialize secure session","origin":"https://tools.fortifyapp.com","session":"d231a62d2513074ec86168338d27a5ddeb4fa3905349fa7944fed769110863d0","source":"server","timestamp":"2023-02-24T15:10:49.712Z"} {"action":"server/isLoggedIn","level":"info","message":"Run action","session":"d231a62d2513074ec86168338d27a5ddeb4fa3905349fa7944fed769110863d0","source":"server","timestamp":"2023-02-24T15:10:49.714Z"} {"action":"provider/action/info","level":"info","message":"Run action","session":"d231a62d2513074ec86168338d27a5ddeb4fa3905349fa7944fed769110863d0","source":"server","timestamp":"2023-02-24T15:10:49.754Z"} {"action":"provider/action/getCrypto","level":"info","message":"Run action","session":"d231a62d2513074ec86168338d27a5ddeb4fa3905349fa7944fed769110863d0","source":"server","timestamp":"2023-02-24T15:10:49.787Z"} {"action":"crypto/isLoggedIn","level":"info","message":"Run action","provider":"dd1464a08e1c30e61c399faa2b650b3803650312","session":"d231a62d2513074ec86168338d27a5ddeb4fa3905349fa7944fed769110863d0","source":"server","timestamp":"2023-02-24T15:10:49.812Z"} {"crypto":"Windows CryptoAPI","level":"info","message":"crypto/isLoggedIn","source":"server-api","timestamp":"2023-02-24T15:10:49.815Z"} {"action":"provider/action/getCrypto","level":"info","message":"Run action","session":"d231a62d2513074ec86168338d27a5ddeb4fa3905349fa7944fed769110863d0","source":"server","timestamp":"2023-02-24T15:10:49.825Z"} {"action":"crypto/isLoggedIn","level":"info","message":"Run action","provider":"a7370eae6951997646c5bfedf8f3df0d8b8b698d","session":"d231a62d2513074ec86168338d27a5ddeb4fa3905349fa7944fed769110863d0","source":"server","timestamp":"2023-02-24T15:10:49.837Z"} {"crypto":"NSS Certificate DB","level":"info","message":"crypto/isLoggedIn","source":"server-api","timestamp":"2023-02-24T15:10:49.838Z"} {"action":"provider/action/getCrypto","level":"info","message":"Run action","session":"d231a62d2513074ec86168338d27a5ddeb4fa3905349fa7944fed769110863d0","source":"server","timestamp":"2023-02-24T15:10:49.856Z"} {"action":"crypto/isLoggedIn","level":"info","message":"Run action","provider":"a7370eae6951997646c5bfedf8f3df0d8b8b698d","session":"d231a62d2513074ec86168338d27a5ddeb4fa3905349fa7944fed769110863d0","source":"server","timestamp":"2023-02-24T15:10:49.868Z"} {"crypto":"NSS Certificate DB","level":"info","message":"crypto/isLoggedIn","source":"server-api","timestamp":"2023-02-24T15:10:49.869Z"} {"action":"provider/action/getCrypto","level":"info","message":"Run action","session":"d231a62d2513074ec86168338d27a5ddeb4fa3905349fa7944fed769110863d0","source":"server","timestamp":"2023-02-24T15:10:49.887Z"} {"action":"crypto/isLoggedIn","level":"info","message":"Run action","provider":"dd1464a08e1c30e61c399faa2b650b3803650312","session":"d231a62d2513074ec86168338d27a5ddeb4fa3905349fa7944fed769110863d0","source":"server","timestamp":"2023-02-24T15:10:49.901Z"} {"crypto":"Windows CryptoAPI","level":"info","message":"crypto/isLoggedIn","source":"server-api","timestamp":"2023-02-24T15:10:49.902Z"} {"action":"crypto/keyStorage/keys","level":"info","message":"Run action","provider":"dd1464a08e1c30e61c399faa2b650b3803650312","session":"d231a62d2513074ec86168338d27a5ddeb4fa3905349fa7944fed769110863d0","source":"server","timestamp":"2023-02-24T15:10:49.913Z"} {"crypto":"Windows CryptoAPI","level":"info","message":"keyStorage/keys","source":"server-api","timestamp":"2023-02-24T15:10:49.915Z"} {"action":"crypto/certificateStorage/keys","level":"info","message":"Run action","provider":"dd1464a08e1c30e61c399faa2b650b3803650312","session":"d231a62d2513074ec86168338d27a5ddeb4fa3905349fa7944fed769110863d0","source":"server","timestamp":"2023-02-24T15:10:49.927Z"} {"crypto":"Windows CryptoAPI","level":"info","message":"certStorage/keys","source":"server-api","timestamp":"2023-02-24T15:10:49.929Z"} {"action":"crypto/certificateStorage/getItem","level":"info","message":"Run action","provider":"dd1464a08e1c30e61c399faa2b650b3803650312","session":"d231a62d2513074ec86168338d27a5ddeb4fa3905349fa7944fed769110863d0","source":"server","timestamp":"2023-02-24T15:10:49.941Z"} {"crypto":"Windows CryptoAPI","index":"x509-e0be82aa-4e4a25fbc4755ae29f3e4124417552cfd74906a0","level":"info","message":"certStorage/getItem","source":"server-api","timestamp":"2023-02-24T15:10:49.945Z"} {"cert":{"publicKey":{"algorithm":{"hash":"SHA-256","name":"RSASSA-PKCS1-v1_5","sensitive":false,"token":true},"extractable":true,"id":"4e4a25fbc4755ae29f3e4124417552cfd74906a0","type":"public","usages":["encrypt","verify","wrapKey"]},"subjectName":"2.5.4.5=CUIL 20220677797, C=AR, CN=MESSINA Fabricio Raúl","token":true,"type":"x509"},"crypto":"Windows CryptoAPI","level":"info","message":"certStorage/getItem","source":"server-api","timestamp":"2023-02-24T15:10:50.003Z"} {"action":"crypto/certificateStorage/export","level":"info","message":"Run action","provider":"dd1464a08e1c30e61c399faa2b650b3803650312","session":"d231a62d2513074ec86168338d27a5ddeb4fa3905349fa7944fed769110863d0","source":"server","timestamp":"2023-02-24T15:10:50.021Z"} {"cert":{"publicKey":{"algorithm":{"hash":"SHA-256","name":"RSASSA-PKCS1-v1_5","sensitive":false,"token":true},"extractable":true,"id":"4e4a25fbc4755ae29f3e4124417552cfd74906a0","type":"public","usages":["encrypt","verify","wrapKey"]},"subjectName":"2.5.4.5=CUIL 20220677797, C=AR, CN=MESSINA Fabricio Raúl","token":true,"type":"x509"},"crypto":"Windows CryptoAPI","level":"info","message":"certStorage/exportCert","source":"server-api","timestamp":"2023-02-24T15:10:50.024Z"} {"level":"info","message":"Create window","name":"preferences","source":"windows","timestamp":"2023-02-24T15:10:54.201Z"} {"level":"info","message":"Check for new update","source":"update","timestamp":"2023-02-24T15:10:54.499Z"} {"error":"tunneling socket could not be established, statusCode=407","jwsLink":"https://fortifyapp.com/packages/update.jws","level":"error","message":"JWS GET error","source":"update","stack":"Error: tunneling socket could not be established, statusCode=407\n at ClientRequest.o (C:\\Program Files\\Fortify\\resources\\app.asar\\out\\main.js:329:109106)\n at Object.onceWrapper (events.js:422:26)\n at ClientRequest.emit (events.js:315:20)\n at Socket.socketOnData (_http_client.js:547:11)\n at Socket.emit (events.js:315:20)\n at addChunk (internal/streams/readable.js:309:12)\n at readableAddChunk (internal/streams/readable.js:284:9)\n at Socket.Readable.push (internal/streams/readable.js:223:10)\n at TCP.onStreamRead (internal/stream_base_commons.js:188:23)","timestamp":"2023-02-24T15:10:54.549Z"} {"error":"Unable to connect to update server","level":"error","message":"Get info error","source":"update","stack":"UpdateError: Unable to connect to update server\n at h.getJWS (C:\\Program Files\\Fortify\\resources\\app.asar\\out\\main.js:103:166108)\n at processTicksAndRejections (internal/process/task_queues.js:93:5)\n at async h.getUpdateInfo (C:\\Program Files\\Fortify\\resources\\app.asar\\out\\main.js:103:166199)\n at async h.checkForUpdates (C:\\Program Files\\Fortify\\resources\\app.asar\\out\\main.js:103:166603)","timestamp":"2023-02-24T15:10:54.550Z"} {"error":"Unable to connect to update server","level":"error","message":"Update error","source":"update","stack":"UpdateError: Unable to connect to update server\n at h.getJWS (C:\\Program Files\\Fortify\\resources\\app.asar\\out\\main.js:103:166108)\n at processTicksAndRejections (internal/process/task_queues.js:93:5)\n at async h.getUpdateInfo (C:\\Program Files\\Fortify\\resources\\app.asar\\out\\main.js:103:166199)\n at async h.checkForUpdates (C:\\Program Files\\Fortify\\resources\\app.asar\\out\\main.js:103:166603)","timestamp":"2023-02-24T15:10:54.550Z"}
I don't see any logs about PKCS#11 providers. Looks like you took incorrect parts from the log file.
There must be information like this
{"atr":"3bfc1300008131fe15597562696b65794e454f7233e1","level":"info","message":"New token was added to the reader","reader":"Yubico Yubikey NEO OTP+U2F+CCID","source":"pcsc","timestamp":"2023-02-15T13:39:56.821Z"}
{"atr":"3bfc1300008131fe15597562696b65794e454f7233e1","level":"info","message":"Token was added to the reader","name":"Yubico Yubikey NEO OTP+U2F+CCID","reader":"Yubico Yubikey NEO OTP+U2F+CCID","source":"provider","timestamp":"2023-02-15T13:39:58.118Z"}
{"level":"info","library":"/usr/local/lib/libykcs11.dylib","message":"Loading PKCS#11 library","source":"provider","timestamp":"2023-02-15T13:39:58.119Z"}
{"level":"info","message":"Looking for slot","slots":1,"source":"provider","timestamp":"2023-02-15T13:39:59.422Z"}
{"level":"info","message":"Use ConfigTemplateBuilder","source":"provider","timestamp":"2023-02-15T13:40:00.051Z"}
{"cryptokiVersion":{"major":2,"minor":40},"firmwareVersion":{"major":1,"minor":0},"level":"info","library":"/usr/local/lib/libykcs11.dylib","libraryVersion":{"major":2,"minor":30},"manufacturerId":"Yubico (www.yubico.com)","message":"PKCS#11 library information","source":"provider","timestamp":"2023-02-15T13:40:00.052Z"}
{"id":"e96f0bd16bf92e3b4f1f6139ed6bc858bdb70eec6716530e2038c6ea17d4b5aa","level":"info","library":"/usr/local/lib/libykcs11.dylib","message":"Crypto provider was added to the list","name":"Yubico Yubikey NEO OTP+U2F+CCID","reader":"Yubico Yubikey NEO OTP+U2F+CCID","source":"provider","timestamp":"2023-02-15T13:40:00.053Z"}@microshine that info isn't the second log sended?
No, if you search for the keyword "library", you will see that there are no matches in your logs.