Bob Relyea wrote:
Sideswipe wrote:
10: C_OpenSession
[in] slotID = 0x0
[in] flags = 0x6
pApplication=0295D808
Notify=6019DC70
[out] *phSession = 0x0
Returned: 0 CKR_OK
Here's your problem. '0' is reserved as and invalid session handle. See
Section 6.7.5 Session and Object handles in the PKCS #11 spec.
(Note '0' is also a reserved object handle).
Perhaps NSS should handle a C_OpenSession call that stores
CK_INVALID_HANDLE (0) in *phSession as a failure.
Another problem with the PKCS #11 module is that C_GetTokenInfo
returns ulMaxRwSessionCount=2 > ulMaxSessionCount=1. ulMaxSessionCount
should be >= ulMaxRwSessionCount.
Since NSS doesn't use ulMaxRwSessionCount, this problem isn't
the cause for the infinite loop. NSS does look at ulMaxSessionCount:
http://lxr.mozilla.org/security/source/security/nss/lib/pk11wrap/pk11slot.c#1296
http://lxr.mozilla.org/security/source/security/nss/lib/pk11wrap/pk11slot.c#1304
The first LXR link shows that ulMaxSessionCount=1 is handled as a
special case.
Wan-Teh
_______________________________________________
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
