[Tokend-Dev] Unable to decrypt message from Mail.app using iKey tokens and tokend

Harsh Sangal hsangal at gmail.com
Tue Jun 15 01:00:06 PDT 2010


We are testing our PKI SDK on MAC 10.6 which includes a TOKEND module to
sign and decrypt mails using Mail.app.

To support apple’s native applications, we supply a TOKEND module which
creates a keychain corresponding to the attached smart card/token.

During testing on MAC v10.6, the operation fails while decrypting mails from
the apple MAIL application. It says that no valid cert is found in the

In spite of the fact, that there is a valid and trusted certificate is
present on the token/smart card.
While debugging the tokend module, it is observed that decryption was
actually successfully took place on the token but still the MAIL APP failed
to decrypt the mail.

The following callback function of the tokend module was called upon
receiving the decryption request from MAIL APP,

*void SFDKeyHandle::decrypt(const Context &context,*

*    const CssmData &cipher, CssmData &clear)*

And the above function executed successfully and returned the decrypted data
of length 24 bytes.

But the MAIL APP ignored the success result and displayed the error.

We also tried to sign a mail and signed mails without any issue.

Please let me how can i get this issue resolved? Can some body provide some
pointer to find out the cause of this error?

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.macosforge.org/pipermail/tokend-dev/attachments/20100615/0160d903/attachment.html>

More information about the Tokend-Dev mailing list