'Re: Another problem with my PKCS#11'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       mozilla-crypto
Subject:    Re: Another problem with my PKCS#11
From:       Bob Relyea <rrelyea () redhat ! com>
Date:       2005-10-26 3:49:18
Message-ID: 435EFCBE.4090903 () redhat ! com
[Download RAW message or body]

itspki wrote:
> Wan-Teh Chang wrote:
>> itspki wrote:
>>>
>>> Hi bob:
>>> The list is new log file content, you can see NSS call C_Initialize 
>>> on time, and load my pkcs#11 library twice(DLL_PROCESS_ATTACH and 
>>> DLL_THREAD_ATTACH), and the problem still exist - login failed.
>>
>> That doesn't mean your PKCS #11 library is loaded twice.
>> When a process loads your PKCS #11 library, you will get
>> a DLL_PROCESS_ATTACH and at least one DLL_THREAD_ATTACH,
>> because a process has at lease one thread.
>>
>> Wan-Teh
>>
> Hi Wan-Teh:
> see:http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dllproc/base/dllmain.asp 
>
> A thread calling the DLL entry-point function with DLL_PROCESS_ATTACH
> does not call the DLL entry-point function with DLL_THREAD_ATTACH.
>
> Now, my problem is:
> (1)When pkcs11 encrypt some data, we should call 
> C_EncryptInit->C_EncryptUpdate->C_EncryptFinal, or 
> C_EncryptInit->C_Encrypt; but mozilla call the 
> C_EncryptInit->C_EncryptUpdate, lost C_EncryptFinal calling, it this 
> right?
When your session closes, you should finalize all your state. If NSS 
tries to call C_EncryptInit or C_DecryptInit on that same session, then 
there can be trouble.
I'm not sure what is happening with the token that is causing NSS to 
behave this way. Is your token removable?
> (2)Mozilla close the session '1', which created by the main process of 
> mozilla(I think), and then use this session to do communication with 
> token(call C_FindObjectsInit), is this right?
I'm not sure why you are seeing this. I know our tokens would break 
horribly if we had our primary session closed out from underneath us. My 
best guess is that for some reason NSS thinks your token has 'gone away'.

It might be time to get a debugable version of mozilla...


bob
>
> thanks advanced,
>
> itspki
> _______________________________________________
> mozilla-crypto mailing list
> mozilla-crypto@mozilla.org
> http://mail.mozilla.org/listinfo/mozilla-crypto


["smime.p7s" (application/x-pkcs7-signature)]
_______________________________________________
mozilla-crypto mailing list
mozilla-crypto@mozilla.org
http://mail.mozilla.org/listinfo/mozilla-crypto

[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic