Hi
I finally discovered what is the issue here. In appears that in case
of unsigned applets, the code is unable to access SunJCE provider
which contains most of the ciphers used by SSL protocol. This means
that a session with SSL server is broken and effectively applet is not
initialised.
So noth
2008/9/6 Graham Leggett <[EMAIL PROTECTED]>:
>
> Hmmm - I spent last weekend going through the PKCS #11 standard, which
> defines an API that seems different to the PK11_CipherOp and friends that I
> was seeing in the examples.
Right. Each crypto module exports the PKCS #11 API, with function nam
Wan-Teh Chang wrote:
For questions like this, you can sometimes find the answers in
the PKCS #11 standard.
Searching for the string "CKM_AES_ECB" in PKCS #11 v2.20,
I found Section 12.12.4 AES-ECB on page 270, and its Table
86 shows that for C_Encrypt, the input must be a multiple of
block size
2008/9/5 Graham Leggett <[EMAIL PROTECTED]>:
> Hi all,
>
> I am struggling to understand the relationship between a CK_MECHANISM_TYPE
> and a SECOidTag and how they relate to one another.
>
> For example, CKM_AES_ECB and SEC_OID_AES_[128|192|256]_ECB constants seem to
> be related to one another.
2008/9/6 Graham Leggett <[EMAIL PROTECTED]>:
> Hi all,
>
> In my epic quest to make NSS encrypt a string, I have managed to
> successfully create a key from a passphrase, and I have successfully managed
> to call PK11_CreateContextBySymKey to create an encryption context.
>
> The next error happens
2008/9/6 Graham Leggett <[EMAIL PROTECTED]>:
>
> 472 SECStatus s = PK11_CipherOp(block->ctx, *out, &outl, outl,
> (unsigned char*)in, inlen);
> (gdb)
> 474 if (s != SECSuccess) {
> (gdb)
> 475 PRErrorCode perr = PORT_GetError();
> (gdb)
> 476 if (perr) {
> (g
2008/9/6 Graham Leggett <[EMAIL PROTECTED]>:
> Hi all,
>
> Using PK11_GetPadMechanism(), and passing it a cipher mechanism, it as I
> understand returns a variation of the mechanism capable of supporting
> padding.
>
> Is this understanding correct?
>
> I have noticed that when CKM_AES_ECB is passe
Hi all,
Using PK11_GetPadMechanism(), and passing it a cipher mechanism, it as I
understand returns a variation of the mechanism capable of supporting
padding.
Is this understanding correct?
I have noticed that when CKM_AES_ECB is passed to PK11_GetPadMechanism,
I get the same mechanism in
Hi all,
In my epic quest to make NSS encrypt a string, I have managed to
successfully create a key from a passphrase, and I have successfully
managed to call PK11_CreateContextBySymKey to create an encryption context.
The next error happens at the PK11_CipherOp stage, and resolves to
SEC_ERR
9 matches
Mail list logo
