Docker. Ошибки PCSCD

Добрый день!

Решили протестировать работу ЕГАИС в контейнере. Версии установленного ПО и ОС в контейнере:
Linux test 5.10.0-21-amd64 #1 SMP Debian 5.10.162-1 (2023-01-21) x86_64 GNU/Linux

Package: libccid
Status: install ok installed
Priority: optional
Section: libs
Installed-Size: 570
Maintainer: Ludovic Rousseau <rousseau@debian.org>
Architecture: i386
Source: ccid
Version: 1.4.34-1
Provides: pcsc-ifd-handler
Depends: libc6 (>= 2.15), libusb-1.0-0 (>= 2:1.0.9)
Suggests: pcmciautils

Package: libpcsclite1
Status: install ok installed
Priority: optional
Section: libs
Installed-Size: 105
Maintainer: Ludovic Rousseau <rousseau@debian.org>
Architecture: i386
Multi-Arch: same
Source: pcsc-lite
Version: 1.9.1-1
Depends: libc6 (>= 2.28)
Suggests: pcscd (= 1.9.1-1)
Breaks: libpcsclite-dev (<< 1.9.1-1), pcscd (<< 1.9.1-1)

Package: pcscd
Status: install ok installed
Priority: optional
Section: misc
Installed-Size: 214
Maintainer: Ludovic Rousseau <rousseau@debian.org>
Architecture: i386
Multi-Arch: foreign
Source: pcsc-lite
Version: 1.9.1-1
Depends: libccid (>= 1.4.1~) | pcsc-ifd-handler, libc6 (>= 2.15), libsystemd0, libudev1 (>= 183), lsb-base (>= 3.0-6), libpcsclite1 (= 1.9.1-1)
Pre-Depends: init-system-helpers (>= 1.54~)
Suggests: systemd

Package: pcsc-tools
Status: install ok installed
Priority: optional
Section: utils
Installed-Size: 587
Maintainer: Ludovic Rousseau <rousseau@debian.org>
Architecture: i386
Version: 1.5.7-1
Depends: libc6 (>= 2.4), libpcsclite1 (>= 1.3.0), libpcsc-perl
Recommends: libgtk3-perl


Package: opensc
Status: install ok installed
Priority: optional
Section: utils
Installed-Size: 1609
Maintainer: Debian OpenSC Maintainers <pkg-opensc-maint@lists.alioth.debian.org>
Architecture: i386
Multi-Arch: foreign
Version: 0.21.0-1
Depends: opensc-pkcs11 (= 0.21.0-1), libc6 (>= 2.7), libreadline8 (>= 6.0), libssl1.1 (>= 1.1.1), zlib1g (>= 1:1.1.4)
Recommends: pcscd
Conflicts: mozilla-opensc


libusb-0.1-4:i386                 2:0.1.12-32                  i386         userspace USB programming library
libusb-1.0-0:i386                 2:1.0.24-3                   i386         userspace USB programming library
libusb-dev                        2:0.1.12-32                  i386         userspace USB programming library development files


Токен пробрасывается в контейнер следующим образом:
volumes:
     - /dev/bus/usb:/dev/bus/usb
     - /run/udev:/run/udev


В процессе работы с какой-то периодичностью на веб морде ЕГАИС показывает, что не видит сертификаты на токене . В логах PCSCD видим следующую ошибку (LIBUSB_ERROR_TIMEOUT):

00000004 ifdhandler.c:1332:IFDHTransmitToICC() usb:0a89/0030:libudev:0:/dev/bus/usb/003/004 (lun: 0)
00031417 SW: 90 00
00000009 winscard.c:1648:SCardTransmit() UnrefReader() count was: 2
00000003 winscard_svc.c:691:ContextThread() TRANSMIT rv=0x0 for client 12
00000210 winscard_svc.c:361:ContextThread() Received command: TRANSMIT from client 12
00000009 readerfactory.c:852:RFReaderInfoById() RefReader() count was: 1
00000002 winscard.c:1595:SCardTransmit() Send Protocol: T=1
00000004 APDU: 00 2A 9E 9A 01 00 00
00000003 ifdhandler.c:1332:IFDHTransmitToICC() usb:0a89/0030:libudev:0:/dev/bus/usb/003/004 (lun: 0)
04372739 ccid_usb.c:897:ReadUSB() read failed (3/4): -7 LIBUSB_ERROR_TIMEOUT
00000183 SW:
00000063 ifdwrapper.c:543:IFDTransmit() Card not transacted: 612
00000055 winscard.c:1620:SCardTransmit() Card not transacted: 0x80100016
00000051 winscard.c:1648:SCardTransmit() UnrefReader() count was: 2
00000052 winscard_svc.c:691:ContextThread() TRANSMIT rv=0x80100016 for client 12
00000138 winscard_svc.c:361:ContextThread() Received command: TRANSMIT from client 12
00000089 readerfactory.c:852:RFReaderInfoById() RefReader() count was: 1
00000057 winscard.c:1595:SCardTransmit() Send Protocol: T=1
00000052 APDU: 80 40 00 00 00

В логах ЕГАИС:

ERROR ru.centerinform.transport.backbone.schedule.Receiver - [RESTful] Ошибка при получении документов с сервера
org.springframework.web.client.ResourceAccessException: I/O error on GET request for "https://exchanger-nd.utm.egais.ru:6443/ … 0000635476": java.security.ProviderException: sun.security.pkcs11.wrapper.PKCS11Exception: CKR_DEVICE_ERROR; nested exception is javax.net.ssl.SSLException: java.security.ProviderException: sun.security.pkcs11.wrapper.PKCS11Exception: CKR_DEVICE_ERROR
        at org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:784)
        at org.springframework.web.client.RestTemplate.execute(RestTemplate.java:710)
        at org.springframework.web.client.RestTemplate.exchange(RestTemplate.java:601)
        at ru.centerinform.transport.rest.sender.RestReceiver.a(RestReceiver.java:278)
        at ru.centerinform.transport.backbone.schedule.Receiver.b(Receiver.java:764)
        at ru.centerinform.transport.backbone.schedule.WSExchangeJob.execute(WSExchangeJob.java:1080)
        at org.quartz.core.JobRunShell.run(JobRunShell.java:202)
        at org.quartz.simpl.SimpleThreadPool$WorkerThread.run(SimpleThreadPool.java:573)
Caused by: javax.net.ssl.SSLException: java.security.ProviderException: sun.security.pkcs11.wrapper.PKCS11Exception: CKR_DEVICE_ERROR
        at sun.security.ssl.Alert.createSSLException(Alert.java:133)
        at sun.security.ssl.TransportContext.fatal(TransportContext.java:370)
        at sun.security.ssl.TransportContext.fatal(TransportContext.java:313)
        at sun.security.ssl.TransportContext.fatal(TransportContext.java:308)
        at sun.security.ssl.SSLSocketImpl.handleException(SSLSocketImpl.java:1504)
        at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:432)
        at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:389)
        at org.apache.http.conn.ssl.SSLConnectionSocketFactory.createLayeredSocket(SSLConnectionSocketFactory.java:396)
        at org.apache.http.conn.ssl.SSLConnectionSocketFactory.connectSocket(SSLConnectionSocketFactory.java:355)
        at org.apache.http.impl.conn.DefaultHttpClientConnectionOperator.connect(DefaultHttpClientConnectionOperator.java:142)
        at org.apache.http.impl.conn.PoolingHttpClientConnectionManager.connect(PoolingHttpClientConnectionManager.java:373)
        at org.apache.http.impl.execchain.MainClientExec.establishRoute(MainClientExec.java:381)
        at org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.java:237)
        at org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:185)
        at org.apache.http.impl.execchain.RedirectExec.execute(RedirectExec.java:111)
        at org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:185)
        at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:83)
        at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:56)
        at org.springframework.http.client.HttpComponentsClientHttpRequest.executeInternal(HttpComponentsClientHttpRequest.java:87)
        at org.springframework.http.client.AbstractBufferingClientHttpRequest.executeInternal(AbstractBufferingClientHttpRequest.java:48)
        at org.springframework.http.client.AbstractClientHttpRequest.execute(AbstractClientHttpRequest.java:66)
        at org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:775)
        ... 7 common frames omitted
Caused by: java.security.ProviderException: sun.security.pkcs11.wrapper.PKCS11Exception: CKR_DEVICE_ERROR
        at sun.security.pkcs11.P11Signature.engineSign(P11Signature.java:617)
        at java.security.Signature$Delegate.engineSign(Signature.java:1382)
        at java.security.Signature.sign(Signature.java:698)
        at sun.security.ssl.CertificateVerify$T12CertificateVerifyMessage.<init>(CertificateVerify.java:609)
        at sun.security.ssl.CertificateVerify$T12CertificateVerifyProducer.produce(CertificateVerify.java:761)
        at sun.security.ssl.SSLHandshake.produce(SSLHandshake.java:420)
        at sun.security.ssl.ServerHelloDone$ServerHelloDoneConsumer.consume(ServerHelloDone.java:182)
        at sun.security.ssl.SSLHandshake.consume(SSLHandshake.java:376)
        at sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:479)
        at sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:457)
        at sun.security.ssl.TransportContext.dispatch(TransportContext.java:200)
        at sun.security.ssl.SSLTransport.decode(SSLTransport.java:155)
        at sun.security.ssl.SSLSocketImpl.decode(SSLSocketImpl.java:1320)
        at sun.security.ssl.SSLSocketImpl.readHandshakeRecord(SSLSocketImpl.java:1233)
        at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:417)
        ... 23 common frames omitted
Caused by: sun.security.pkcs11.wrapper.PKCS11Exception: CKR_DEVICE_ERROR
        at sun.security.pkcs11.wrapper.PKCS11.C_Sign(Native Method)
        at sun.security.pkcs11.wrapper.PKCS11$SynchronizedPKCS11.C_Sign(PKCS11.java:1770)
        at sun.security.pkcs11.P11Signature.engineSign(P11Signature.java:608)
        ... 37 common frames omitted


С чем может быть связана данная проблема?

Re: Docker. Ошибки PCSCD

Здравствуйте, asd,
пришлите пожалуйста вывод команды pcsc_scan в Терминале как описано в инструкции.

Re: Docker. Ошибки PCSCD

Фатеева Светлана пишет:

Здравствуйте, asd,
пришлите пожалуйста вывод команды pcsc_scan в Терминале как описано в инструкции.

Using reader plug'n play mechanism
Scanning present readers...
0: Aktiv Rutoken ECP 00 00

Mon Apr 10 20:04:30 2023
Reader 0: Aktiv Rutoken ECP 00 00
  Event number: 0
  Card state: Card inserted, Shared Mode,
  ATR: 3B 8B 01 52 75 74 6F 6B 65 6E 20 44 53 20 C1

ATR: 3B 8B 01 52 75 74 6F 6B 65 6E 20 44 53 20 C1
+ TS = 3B --> Direct Convention
+ T0 = 8B, Y(1): 1000, K: 11 (historical bytes)
  TD(1) = 01 --> Y(i+1) = 0000, Protocol T = 1
-----
+ Historical bytes: 52 75 74 6F 6B 65 6E 20 44 53 20
  Category indicator byte: 52 (proprietary format)
+ TCK = C1 (correct checksum)

Possibly identified card (using /usr/share/pcsc/smartcard_list.txt):
3B 8B 01 52 75 74 6F 6B 65 6E 20 44 53 20 C1
       Aktiv Rutoken ECP
       https://www.rutoken.ru/products/all/rutoken-ecp/

Re: Docker. Ошибки PCSCD

asd,
пришлите файл конфигурации УТМ (transport.properties) или его содержание.

Re: Docker. Ошибки PCSCD

Фатеева Светлана пишет:

asd,
пришлите файл конфигурации УТМ (transport.properties) или его содержание.

###############################################
# Web server
###############################################
web.server.port=8080
###############################################
# GOST keystore passwords
###############################################
crypto.lib.gost.keystorePassword=12345678
crypto.lib.gost.keyPassword=12345678
###############################################
# PKI keystore passwords
###############################################
crypto.lib.pki.keystorePassword=12345678
crypto.lib.pki.keyPassword=12345678
###############################################
# Proxy
###############################################
proxy.host=
proxy.port=
proxy.user=
proxy.password=
###############################################
# Cross-origin resource sharing
###############################################
access.control.allow.origin=
###############################################
# Ports for service negotiations
###############################################
transport.service.port=8192
updater.connector=127.0.0.1:8193
agent.connector.port=127.0.0.1:8194
###############################################
# Path to libraries
###############################################
rsa.library.path=/opt/utm/lib/librtpkcs11ecp.so
gost.library.path=
gost.pkcs11.library.path=/opt/utm/lib/librtpkcs11ecp-replica.so
gost.pkcs11.model=
web.server.attempt.ip =

Re: Docker. Ошибки PCSCD

Светлана, сейчас смотрел лог ЕГАИС и уже возникла ошибка подписания (при этом в логе pcscd тоже есть ошибка LIBUSB_ERROR_TIMEOUT):

ERROR ru.centerinform.transport.crypto.CryptographerWrapper - Ошибка подписи документа
java.lang.IllegalStateException: sun.security.pkcs11.wrapper.PKCS11Exception: CKR_DEVICE_ERROR
    at ru.centerinform.transport.crypto.p.a(SunSignerRutoken.java:86)
    at ru.centerinform.transport.crypto.q.a(SunStreamSigner.java:112)
    at ru.centerinform.transport.crypto.q.b(SunStreamSigner.java:69)
    at ru.centerinform.transport.crypto.q.a(SunStreamSigner.java:62)
    at ru.centerinform.transport.crypto.SunCryptographer.a(SunCryptographer.java:531)
    at ru.centerinform.transport.crypto.SunCryptographer.b(SunCryptographer.java:524)
    at ru.centerinform.transport.crypto.SunCryptographer.a(SunCryptographer.java:228)
    at ru.centerinform.transport.crypto.CryptographerWrapper.a(CryptographerWrapper.java:90)
    at ru.centerinform.transport.backbone.service.SignService.a(SignService.java:58)
    at ru.centerinform.transport.backbone.http.controller.workflow.WorkflowClientDocController.a(WorkflowClientDocController.java:1417)
    at sun.reflect.GeneratedMethodAccessor295.invoke(Unknown Source)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    at java.lang.reflect.Method.invoke(Method.java:498)
    at org.springframework.web.method.support.InvocableHandlerMethod.doInvoke(InvocableHandlerMethod.java:197)
    at org.springframework.web.method.support.InvocableHandlerMethod.invokeForRequest(InvocableHandlerMethod.java:141)
    at org.springframework.web.servlet.mvc.method.annotation.ServletInvocableHandlerMethod.invokeAndHandle(ServletInvocableHandlerMethod.java:106)
    at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.invokeHandlerMethod(RequestMappingHandlerAdapter.java:894)
    at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.handleInternal(RequestMappingHandlerAdapter.java:808)
    at org.springframework.web.servlet.mvc.method.AbstractHandlerMethodAdapter.handle(AbstractHandlerMethodAdapter.java:87)
    at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:1061)
    at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:961)
    at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:1006)
    at org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.java:909)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:652)
    at org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:883)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:733)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:231)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
    at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:53)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
    at ru.centerinform.transport.backbone.http.filter.WhiteListIPFilter.doFilter(WhiteListIPFilter.java:50)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:327)
    at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:115)
    at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:81)
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336)
    at org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:119)
    at org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:113)
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336)
    at org.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:126)
    at org.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:81)
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336)
    at org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:105)
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336)
    at org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:149)
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336)
    at org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:63)
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336)
    at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:103)
    at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:89)
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336)
    at org.springframework.security.web.header.HeaderWriterFilter.doHeadersAfter(HeaderWriterFilter.java:90)
    at org.springframework.security.web.header.HeaderWriterFilter.doFilterInternal(HeaderWriterFilter.java:75)
    at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336)
    at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:110)
    at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:80)
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336)
    at org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:55)
    at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336)
    at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:211)
    at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:183)
    at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:358)
    at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:271)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
    at org.springframework.web.filter.RequestContextFilter.doFilterInternal(RequestContextFilter.java:100)
    at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
    at org.springframework.web.filter.FormContentFilter.doFilterInternal(FormContentFilter.java:93)
    at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
    at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:201)
    at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
    at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:202)
    at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:97)
    at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:542)
    at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:143)
    at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:92)
    at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:78)
    at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:343)
    at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:374)
    at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:65)
    at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:888)
    at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1597)
    at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
    at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
    at java.lang.Thread.run(Thread.java:750)
Caused by: sun.security.pkcs11.wrapper.PKCS11Exception: CKR_DEVICE_ERROR
    at sun.security.pkcs11.wrapper.PKCS11.C_Sign(Native Method)
    at sun.security.pkcs11.wrapper.PKCS11$SynchronizedPKCS11.C_Sign(PKCS11.java:1770)
    at ru.centerinform.transport.crypto.p.a(SunSignerRutoken.java:82)
    ... 96 common frames omitted
2023-04-10 18:59:23,838 INFO  ru.centerinform.transport.crypto.SunCryptographer - Инициализация криптобиблиотеки (token)
2023-04-10 18:59:26,926 INFO  ru.centerinform.transport.crypto.SunCryptographer - Используется сертификат SerialNumber: 170df50058af3ba2426d9441bdd2aed7
2023-04-10 18:59:26,926 ERROR ru.centerinform.transport.backbone.service.SignService - Ошибка подписи
java.lang.IllegalStateException: Не удалось подписать документ
    at ru.centerinform.transport.crypto.CryptographerWrapper.a(CryptographerWrapper.java:103)
    at ru.centerinform.transport.backbone.service.SignService.a(SignService.java:58)
    at ru.centerinform.transport.backbone.http.controller.workflow.WorkflowClientDocController.a(WorkflowClientDocController.java:1417)
    at sun.reflect.GeneratedMethodAccessor295.invoke(Unknown Source)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    at java.lang.reflect.Method.invoke(Method.java:498)
    at org.springframework.web.method.support.InvocableHandlerMethod.doInvoke(InvocableHandlerMethod.java:197)
    at org.springframework.web.method.support.InvocableHandlerMethod.invokeForRequest(InvocableHandlerMethod.java:141)
    at org.springframework.web.servlet.mvc.method.annotation.ServletInvocableHandlerMethod.invokeAndHandle(ServletInvocableHandlerMethod.java:106)
    at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.invokeHandlerMethod(RequestMappingHandlerAdapter.java:894)
    at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.handleInternal(RequestMappingHandlerAdapter.java:808)
    at org.springframework.web.servlet.mvc.method.AbstractHandlerMethodAdapter.handle(AbstractHandlerMethodAdapter.java:87)
    at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:1061)
    at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:961)
    at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:1006)
    at org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.java:909)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:652)
    at org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:883)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:733)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:231)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
    at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:53)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
    at ru.centerinform.transport.backbone.http.filter.WhiteListIPFilter.doFilter(WhiteListIPFilter.java:50)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:327)
    at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:115)
    at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:81)
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336)
    at org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:119)
    at org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:113)
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336)
    at org.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:126)
    at org.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:81)
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336)
    at org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:105)
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336)
    at org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:149)
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336)
    at org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:63)
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336)
    at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:103)
    at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:89)
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336)
    at org.springframework.security.web.header.HeaderWriterFilter.doHeadersAfter(HeaderWriterFilter.java:90)
    at org.springframework.security.web.header.HeaderWriterFilter.doFilterInternal(HeaderWriterFilter.java:75)
    at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336)
    at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:110)
    at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:80)
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336)
    at org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:55)
    at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336)
    at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:211)
    at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:183)
    at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:358)
    at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:271)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
    at org.springframework.web.filter.RequestContextFilter.doFilterInternal(RequestContextFilter.java:100)
    at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
    at org.springframework.web.filter.FormContentFilter.doFilterInternal(FormContentFilter.java:93)
    at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
    at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:201)
    at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
    at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:202)
    at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:97)
    at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:542)
    at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:143)
    at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:92)
    at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:78)
    at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:343)
    at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:374)
    at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:65)
    at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:888)
    at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1597)
    at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
    at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
    at java.lang.Thread.run(Thread.java:750)
2023-04-10 18:59:28,253 ERROR ru.centerinform.transport.backbone.service.SignService - Вторая попытка подписать документ
2023-04-10 18:59:42,671 INFO  ru.centerinform.transport.backbone.schedule.WSExchangeJob - Начало задачи обмена документами с сервером ЕГАИС по расписанию
2023-04-10 18:59:42,671 INFO  ru.centerinform.transport.backbone.schedule.WSExchangeJob - Отправка данных на сервер ЕГАИС по расписанию
2023-04-10 18:59:42,671 INFO  ru.centerinform.transport.backbone.schedule.Publisher - Отправка данных на сервер ЕГАИС
2023-04-10 18:59:42,836 INFO  ru.centerinform.transport.backbone.schedule.Publisher - Публикация оптовых документов в кол-ве: 10
2023-04-10 18:59:44,801 INFO  ru.centerinform.transport.backbone.schedule.Publisher - Отправка документа через веб-сервис, Type: QueryFormF1
2023-04-10 18:59:44,801 INFO  ru.centerinform.transport.ws.sender.service.WebServiceSender - Отправка c uuid:85e3a191-50f2-47ae-aa9b-25726e8f6608 docType:QueryFormF1
2023-04-10 18:59:44,993 INFO  ru.centerinform.transport.ws.sender.service.WebServiceSender - Добавляем дополнительный заголовок к SOAP запросу [UTM-Version: 4.2.0b002531]
2023-04-10 18:59:50,730 INFO  ru.centerinform.transport.backbone.schedule.Publisher - Отправка документа через веб-сервис, Type: QueryFormF1
2023-04-10 18:59:50,730 INFO  ru.centerinform.transport.ws.sender.service.WebServiceSender - Отправка c uuid:155c8157-aad3-4548-9e0d-734375906569 docType:QueryFormF1
2023-04-10 18:59:50,829 INFO  ru.centerinform.transport.ws.sender.service.WebServiceSender - Добавляем дополнительный заголовок к SOAP запросу [UTM-Version: 4.2.0b002531]
2023-04-10 18:59:53,071 INFO  ru.centerinform.transport.backbone.schedule.Publisher - Отправка документа через веб-сервис, Type: QueryFormF1
2023-04-10 18:59:53,072 INFO  ru.centerinform.transport.ws.sender.service.WebServiceSender - Отправка c uuid:f88e759d-2a2a-4d35-ab69-e8894704911f docType:QueryFormF1
2023-04-10 18:59:53,158 INFO  ru.centerinform.transport.ws.sender.service.WebServiceSender - Добавляем дополнительный заголовок к SOAP запросу [UTM-Version: 4.2.0b002531]
2023-04-10 18:59:55,501 INFO  ru.centerinform.transport.backbone.schedule.Publisher - Отправка документа через веб-сервис, Type: QueryFormF1
2023-04-10 18:59:55,503 INFO  ru.centerinform.transport.ws.sender.service.WebServiceSender - Отправка c uuid:8e30043b-5cae-4f2a-ab25-0f6e017fed7d docType:QueryFormF1
2023-04-10 18:59:55,600 INFO  ru.centerinform.transport.ws.sender.service.WebServiceSender - Добавляем дополнительный заголовок к SOAP запросу [UTM-Version: 4.2.0b002531]
2023-04-10 18:59:57,841 INFO  ru.centerinform.transport.backbone.schedule.Publisher - Отправка документа через веб-сервис, Type: QueryFormF1
2023-04-10 18:59:57,841 INFO  ru.centerinform.transport.ws.sender.service.WebServiceSender - Отправка c uuid:a83a623c-93d8-4933-8f5e-986fbdfa03fd docType:QueryFormF1
2023-04-10 18:59:57,915 INFO  ru.centerinform.transport.ws.sender.service.WebServiceSender - Добавляем дополнительный заголовок к SOAP запросу [UTM-Version: 4.2.0b002531]
2023-04-10 19:00:00,033 INFO  ru.centerinform.transport.backbone.schedule.Publisher - Отправка документа через веб-сервис, Type: QueryFormF1
2023-04-10 19:00:00,033 INFO  ru.centerinform.transport.ws.sender.service.WebServiceSender - Отправка c uuid:52679e79-cdd9-4710-8125-cbd1cc8a91e3 docType:QueryFormF1
2023-04-10 19:00:00,094 INFO  ru.centerinform.transport.ws.sender.service.WebServiceSender - Добавляем дополнительный заголовок к SOAP запросу [UTM-Version: 4.2.0b002531]
2023-04-10 19:00:02,572 INFO  ru.centerinform.transport.backbone.schedule.Publisher - Отправка документа через веб-сервис, Type: QueryFormF1
2023-04-10 19:00:02,572 INFO  ru.centerinform.transport.ws.sender.service.WebServiceSender - Отправка c uuid:2c63659e-6bbf-47cb-90a7-561699795b24 docType:QueryFormF1
2023-04-10 19:00:02,656 INFO  ru.centerinform.transport.ws.sender.service.WebServiceSender - Добавляем дополнительный заголовок к SOAP запросу [UTM-Version: 4.2.0b002531]
2023-04-10 19:00:04,978 INFO  ru.centerinform.transport.backbone.schedule.Publisher - Отправка документа через веб-сервис, Type: QueryFormF1
2023-04-10 19:00:04,978 INFO  ru.centerinform.transport.ws.sender.service.WebServiceSender - Отправка c uuid:2effb42a-cc15-4a17-81c0-3e1a77521b52 docType:QueryFormF1
2023-04-10 19:00:05,041 INFO  ru.centerinform.transport.ws.sender.service.WebServiceSender - Добавляем дополнительный заголовок к SOAP запросу [UTM-Version: 4.2.0b002531]
2023-04-10 19:00:07,288 INFO  ru.centerinform.transport.backbone.schedule.Publisher - Отправка документа через веб-сервис, Type: QueryFormF1
2023-04-10 19:00:07,288 INFO  ru.centerinform.transport.ws.sender.service.WebServiceSender - Отправка c uuid:6dac2443-3662-4c8f-ae4f-b0cc487a3372 docType:QueryFormF1
2023-04-10 19:00:07,347 INFO  ru.centerinform.transport.ws.sender.service.WebServiceSender - Добавляем дополнительный заголовок к SOAP запросу [UTM-Version: 4.2.0b002531]
2023-04-10 19:00:09,691 INFO  ru.centerinform.transport.backbone.schedule.Publisher - Отправка документа через веб-сервис, Type: QueryFormF1
2023-04-10 19:00:09,691 INFO  ru.centerinform.transport.ws.sender.service.WebServiceSender - Отправка c uuid:7a890420-3613-4949-abb7-d61bf7e34bce docType:QueryFormF1
2023-04-10 19:00:09,746 INFO  ru.centerinform.transport.ws.sender.service.WebServiceSender - Добавляем дополнительный заголовок к SOAP запросу [UTM-Version: 4.2.0b002531]
2023-04-10 19:00:10,373 INFO  ru.centerinform.transport.backbone.schedule.Publisher - Конец публикации оптовых документов
2023-04-10 19:00:10,422 INFO  ru.centerinform.transport.backbone.schedule.Publisher - Завершение задачи отправки документов на сервер ЕГАИС
2023-04-10 19:00:10,422 INFO  ru.centerinform.transport.backbone.schedule.WSExchangeJob - Завершение задачи отправки документов на сервера ЕГАИС по расписанию

Re: Docker. Ошибки PCSCD

asd,
уточните как часто возникает данная ошибка при подписании? В момент ошибки в УТМ токен виден командой pcsc_scan? при каких действиях возникает или исправляется эта ошибка (со временем или при переподключении токена)?

Re: Docker. Ошибки PCSCD

Фатеева Светлана пишет:

asd,
уточните как часто возникает данная ошибка при подписании? В момент ошибки в УТМ токен виден командой pcsc_scan? при каких действиях возникает или исправляется эта ошибка (со временем или при переподключении токена)?

Ошибка при подписи вчера появилась 1 раз. Сегодня:
2023-04-11 07:26:29,052 ERROR ru.centerinform.transport.crypto.CryptographerWrapper - Ошибка подписи документа
2023-04-11 09:39:50,490 ERROR ru.centerinform.transport.crypto.CryptographerWrapper - Ошибка подписи документа

К сожалению в моменте ошибки я не могу посмотреть вывод pcsc_scan, но т.к. никаких действий с токеном я не делаю, то токен как я понимаю автоматом пенеинициализируется во время ошибки подписи (ru.centerinform.transport.crypto.SunCryptographer - Инициализация криптобиблиотеки (token)).

Re: Docker. Ошибки PCSCD

asd,
рекомендуем проконсультироваться с технической поддержкой компании "ЦентрИнформ", которые являются разработчиками УТМ.