On 03/10/2014 12:48 AM, Leon Brits wrote: > Hi Robert, > > Thanks for the reply. > >> ...I'm assuming we are talking >> about an RSA operation here and not an symetric key operation like AES or >> DES. > Yes RSA. > >> Yes, I just checked. We we are unwrapping a key (which is what the logical >> function RSA Decrypt supports), We check to see if the token support >> unwrap with the target mechanism.... > We do support the "Unwrap" function and the sequence of function calls in my > original mail is steps after a successful unwrap. I guess thunderbird now > wants to use the unwrapped key to decrypt the email. > > So the question remains: Why if C_DecryptUpdate() is called, is > C_DecryptFinal() not called? If there is only one block then C_Decrypt() > should have been called - right? I don't know why you are seeing C_DecryptUpdate() because the code doesn't call it when doing unwrap, it only calls C_Decrypt. > > We do implement C_Decrypt(), C_DecryptUpdate() and C_DecryptFinal() (we have > to support PKCS#11 v2.2 and up). > I've verified that the order of the functions (in CK_FUNCTION_LIST) is > correct. C_Sign() works, which is define after C_DecryptFinal().
So I don't understand why you are seeing C_DecryptUpdate() in this case, unless you call C_DecryptUpdate() internally from your PKCS #11 module from C_Decrypt(). If you could build or acquire a debug version of Firefox and set a break point in C_DecryptUpdate() and give a stack traceback, that would be helpful to understanding what is going on. bob > > Regards, > LJB >
smime.p7s
Description: S/MIME Cryptographic Signature
-- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
