Minor When using pkcs11-proxy, two processes using the same pkcs11 proxy lib will be using the same sessio, and one of the process process will already be logged in when started after the other. Thus, either the signer or the enforcer will be receiving the PKCS11 message CKR_USER_ALREADY_LOGGED_IN. This message should be ignored, since logging in is what we wanted to do, and if we are already logged in then the problem is solved.
This is true for version 1.3, 1.4 and 2.0.
This is a PKCS11 dump of the event:
OpenSC PKCS#11 spy:
Loaded: "/usr/local/lib/libpkcs11-proxy.so"
0: C_GetFunctionList
2015-07-18 13:32:21.054
Returned: 0 CKR_OK
1: C_Initialize
2015-07-18 13:32:21.054
[in] pInitArgs = 0xbfe9c914
flags: 2
CKF_OS_LOCKING_OK
Returned: 0 CKR_OK
2: C_GetSlotList
2015-07-18 13:32:21.130
[in] tokenPresent = 0x1
[out] pSlotList:
Count is 1
[out] *pulCount = 0x1
Returned: 0 CKR_OK
3: C_GetSlotList
2015-07-18 13:32:21.181
[in] tokenPresent = 0x1
[out] pSlotList:
Slot 0
[out] *pulCount = 0x1
Returned: 0 CKR_OK
4: C_GetTokenInfo
2015-07-18 13:32:21.252
[in] slotID = 0x0
[out] pInfo:
label: 'Cryptech Token '
manufacturerID: 'Cryptech Project '
model: ' 000000000000000'
serialNumber: '007 '
ulMaxSessionCount: 0
ulSessionCount: -1
ulMaxRwSessionCount: 0
ulRwSessionCount: -1
ulMaxPinLen: 4096
ulMinPinLen: 4
ulTotalPublicMemory: -1
ulFreePublicMemory: -1
ulTotalPrivateMemory: -1
ulFreePrivateMemory: -1
hardwareVersion: 0.0
firmwareVersion: 0.0
time: ' '
flags: 5
CKF_RNG
CKF_LOGIN_REQUIRED
Returned: 0 CKR_OK
5: C_OpenSession
2015-07-18 13:32:21.308
[in] slotID = 0x0
[in] flags = 0x6
pApplication=(nil)
Notify=(nil)
[out] *phSession = 0x3a
Returned: 0 CKR_OK
6: C_Login
2015-07-18 13:32:21.357
[in] hSession = 0x3a
[in] userType = CKU_USER
[in] pPin[ulPinLen] 09512720 / 4
00000000 31 32 33 34 1234
Returned: 256 CKR_USER_ALREADY_LOGGED_IN
7: C_CloseSession
2015-07-18 13:32:21.416
[in] hSession = 0x3a
Returned: 0 CKR_OK
8: C_Finalize
2015-07-18 13:32:21.468
Returned: 0 CKR_OK
Could not start signer