We use the OpenSC PKCS#11 library to control our NitroKey HSM.
This is on Ubuntu 20-04 with OpenSC 0.20.
We perform the following operations:
One user creates a Session and then Login with the User PIN.
No error is returned by the C_OpenSession (CKF_SERIAL_SESSION | CKF_RW_SESSION)
and the subsequent C_Login().
The session handle returned seems to be correct.
Then another user uses that session to create a key pair.
It seems that sometimes this 2nd user gets the error #257: User Not Logged returned from C_GenerateKeyPair.
It is not clear what is causing this but on the failure case, there was a delay between the C_Login and the C_GenerateKeyPair call.
Is there a time out on the session login if it’s not used to create keys or do other operations (like signing)? If not, what could be the explanation? And if there’s a time out, what is the recommended technique to keep the login alive?