Wan-Teh,
Thanks for all the advice. I checked out and compiled JSS 4.2.5 along
with NSS 3.11.4 and NSPR 4.6.4. Unfortunately I have a new problem. As
soon as I start the program on Linux I get:
java.security.GeneralSecurityException: Failed to toggle FIPS mode
Stack Trace:
org.mozilla.jss.CryptoManager.enableFIPS(Native Method)
org.mozilla.jss.CryptoManager.initialize(CryptoManager.java:856)
We develop on windows but intend for the app to be used on Linux as well
and one of our test boxes runs RHEL4. That's the box I made the custom
JSS on (because building NSS/JSS on windows is not trivial). Just to
make sure that by some strange chance it didn't have something to do
with my changes I copied the release libjss4.so in place and I got the
same error.
Each time the application starts up it creates a new database and sets
the password. We get the CryptoToken with
CryptoManager.getInternalKeyStorageToken() and then set the password
with CryptoToken.initPassword.
This works fine on Windows XP but I'm getting the above exception here
on RHEL4. There's no difference in whether I'm running the application
as a normal user or root (as expected). I know this is working on
Windows XP by using modutil while the java app is running (I know, I
know...db corruption possible):
modutil -list -dbdir .
Using database directory ....
Listing of PKCS #11 Modules
-----------------------------------------------------------
1. NSS Internal FIPS PKCS #11 Module
slots: 1 slot attached
status: loaded
slot: NSS FIPS 140-2 User Private Key Services
token: NSS FIPS 140-2 Certificate DB
Thanks,
Dave
_______________________________________________
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
