2

We have 2 Java processes each using IAIK (iaik.pkcs.pkcs11)to talk to a shared single token NSS/HSM/smartcard.

Each of these Java processes creates the IAIK session and logs in:

session = token.openSession(Token.SessionType.SERIAL_SESSION,
                    Token.SessionReadWriteBehavior.RW_SESSION, null, null);
session.login(Session.UserType.USER, XXXX);

We were expecting that when a Java process updates the token (for example: adds the certificate, keys), the other java process would be able to see the changes as well( for example: session.findObjectsInit(certTemplate) would find the certificate that was added by another Java process).

Unfortunately, that doesn't seem to be the case. Once the session is opened and logged in, it seems to have captured the information of the token at the time.

Is there a way to get update/refresh the IAIK session?

e-sushi
  • 13,786
  • 10
  • 38
  • 57
  • IMO this behavior has nothing to do with IAIK wrapper but completely depends on the implementation of PKCS#11 library you are using. You need to consult the documentation of NSS/HSM/smartcard for the answer. – jariq Aug 02 '17 at 09:30

1 Answers1

0

From looking at the IAIK's Session documentation here, looks like it doesn't provide an option to update/refresh the current session.

However, you can implement your own method that does the refresh for you. You can do it by closing the current session and logging back in with a new session.

always_a_rookie
  • 4,515
  • 1
  • 25
  • 46