Hello. I have noticed that softoken's C_Sign() (and C_SignFinal too) terminates signing operation if called with too small output buffer [http://bonsai.mozilla.org/cvsblame.cgi?file=mozilla/security/nss/lib/softoken/pkcs11c.c&rev=1.111&mark=2277-2280,2292-2296#2260].
This seems to be incompatible with PKCS#11 since version >= 2 (15 Apr 1997). Here is a cite from C_Sign definition: -- A call to C_Sign always terminates the active signing operation unless it returns CKR_BUFFER_TOO_SMALL or is a successful call (i.e., one which returns CKR_OK) to determine the length of the buffer needed to hold the signature. Even worse, PK11_SignatureLen()->pk11_backupGetSignLength() relies on that behavior, so the conformant PKCS#11 tokens will have stale signing operation after PK11_SignatureLen() returns [http://bonsai.mozilla.org/cvsblame.cgi?file=mozilla/security/nss/lib/pk11wrap/pk11obj.c&rev=1.21&mark=536-538#510]. Are there strong reasons for this incompatibility, and should this be changed to conformant behavior ? Best regards, -- Konstantin Andreev, software engineer. Swemel JSC -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
