Platform/OS: CentOS release 6.3 (Final) Linux xxxxx 2.6.32-279.el6.x86_64 #1 SMP Fri Jun 22 12:19:21 UTC 2012 x86_64 x86_64 x86_64 GNU/LinuxLinux
NSS Version: nss.x86_64 3.13.3-6.el6 nss-softokn.x86_64 3.12.9-11.el6 nss-softokn-freebl.x86_64 3.12.9-11.el6 Problem: We have a Java7 application that uses NSS (with FIPS mode enabled) for RSA based crypto operations via SunPKCS11 Java abstraction. The RSA key pairs and corresponding X.509 certs are generated and stored within NSS from Java application using SunPKCS11 APIs. What I am noticing is that key3.db file size grows with operations like RSA key lookup/encryption/decryption (running in FIPS mode) over a period of time with in the context of number of crypt operations. Typically I have observed that the file size grows in chunks of 4K bytes with just roughly 35/40 encryption/decryption operations. Why would key3.db file increase in size when nothing is being requested to be stored and the only operations that are being performed are - lookup or encryption/decryption. Does NSS store something within the database (key3.db) as part of cryption operations? NOTE: FYI, no change in size is observed in cert8.db file. Any help would be greatly appreciated. Please let me know if any other piece of information would be helpful in figuring out what might be going on. Regards, Prax -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto