• Browser
  • Mail
  • News
  • Community
  • About
Register Login
HomeBlogsForumThemesContributeSocial

Vivaldi

  • Browser
  • Mail
  • News
  • Community
  • About

Navigation

    • Home
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Groups
    1. Home
    2. Everything else
    3. Security & Privacy
    4. Security device token support

    Security device token support

    Security & Privacy
    3
    4
    400
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • Luluka
      L
      Luluka
      last edited by

      Hello. I have a security device token (like a pendrive), with a user certificate inside. Typically a PKCS #11 compatible. But it's not been recognized by Vivaldi on Linux (debian-like). I would like to know if there is a way to specify or point a PKCS #11 module for these types of physical certificate token device.

      DoctorG
      D
             1 Reply Last reply       Reply Quote 0
      • stardepp
        S
        stardepp Translator Ambassador
        last edited by

        The Vivaldi team is already working on this, but there is no release date yet.

        🍀 Before you ask, use Vivaldi Help (F1🍀Search Engine Collection🍀My Themes🍀Windows11 24H2🍀Samsung Galaxy A55 5G Android 14🍀

        1 Reply Last reply Reply Quote 1
        • DoctorG
          D
          DoctorG Soprano Ambassador @Luluka
          last edited by DoctorG

          @Luluka Does not appear in internal page chrome://settings/securityKeys ?
          Had you tried?

          Perhaps you need some packages:
          sudo apt install opensc libccid opensc-pkcs11 pcscd

          Then you should be able to list the stick with:
          opensc-tool -l

          Worked for me with my Yubikey.

          To add all to your PKI you need to install this package:
          sudo apt install libnss3-tools

          Search for lib in shell with:
          sudo find / -name "opensc*pkcs*so"

          Add the lib for OpenSC to PKI (example):
          modutil -dbdir sql:.pki/nssdb/ -add "CAC Module" -libfile /usr/lib/x86_64-linux-gnu/opensc-pkcs11.so

          List PKCS module with:
          modutil -dbdir sql:.pki/nssdb/ -list

          Please tell if that works for you.

          I wrote a short article on my blog 🇩🇪 at
          https://labs.gwendragon.de/blog/Web/Browser/Vivaldi/yubikey-client-zertifikatspeicher-in-vivaldi

          _bug hunter · Volunteer helper · Sopranos tester · Language DE,EN · ♀👵
          Known old dragon lady: Gwen aka Dr. Gwen Agon aka GwenDragon aka DoctorGTesting

          Linux Debian 12 KDE X11 / Windows 11 Pro
          Intel i5-7400 / NVidia GT 710

          1 Reply Last reply Reply Quote 2
          • Luluka
            L
            Luluka
            last edited by

            The window chorme://settings/securityKeys appears. But works no options.

            So I followed the suggested steps and, during execution, I remembered that the device has its own linux driver to install.

            It's a very old model. It is a Watchdata Watchkey, a model that uses eSE (Embedded Secure Element) chip technology to store user certificates (https://www.watchdata.com/ese/).

            Restarting the Browser and the magic happens. Don't ask me how.

            After that, using the command:
            modutil -dbdir sql:.pki/nssdb/ -list

            I received the following list below (my device is the second 2. Watchdata):

            🤞 Now I will try in the other machine.

             Listing of PKCS #11 Modules

 1. NSS Internal PKCS #11 Module

 uri: pkcs11:library-manufacturer=Mozilla%20Foundation;library-description=NSS%20Internal%20Crypto%20Services;library-version=3.35
 slots: 2 slots attached
status: loaded

 slot: NSS Internal Cryptographic Services
token: NSS Generic Crypto Services
  uri: pkcs11:token=NSS%20Generic%20Crypto%20Services;manufacturer=Mozilla%20Foundation;serial=0000000000000000;model=NSS%203

 slot: NSS User Private Key and Certificate Services
token: NSS Certificate DB
  uri: pkcs11:token=NSS%20Certificate%20DB;manufacturer=Mozilla%20Foundation;serial=0000000000000000;model=NSS%203

 2. Watchdata
library name: /usr/lib/watchdata/ICP/lib/libwdpkcs_icp.so
   uri: pkcs11:library-manufacturer=WatchData%20;library-description=PKCS%2311%20cryptoki%20module;library-version=1.0
 slots: 1 slot attached
status: loaded

 slot: WatchData IC CARD Reader/Writer 0
token: ICP Token
  uri: pkcs11:token=ICP%20Token;manufacturer=Watchdata%20Corp.;serial=WDS01100035Dvfoj;model=TimeCos%2FPK
            1 Reply Last reply Reply Quote 1
            Loading More Posts
            • Oldest to Newest
            • Newest to Oldest
            • Most Votes
            Reply
            • Reply as topic
            Log in to reply
            • 1 / 1
            • First post
              Last post

            Looks like your connection to Vivaldi Forum was lost, please wait while we try to reconnect.

            Copyright © Vivaldi Technologies™ — All rights reserved. Privacy Policy | Code of conduct | Terms of use | Vivaldi Status