Hi Robert, One thing that might be helpful would be if you installed debugable versions on NSS under your mozilla. NSS debug and NSS optimized shared libraries are binary compatibable with each other so you can run debug versions of NSS with optimized versions of mozilla (I often do this so I don't have to build all of mozilla to debug problems in the latest builds).
One thing that we should verify, and that is is this a problem with importing through the PKCS #11 module, or a problem with the CERT or CRL itself. We can check that by trying to import and use the CA's and CRL's directly into the softoken. If they also crash then it is something about the CA and CRL itself that is causing the problem. The description below seems to indicate that there may be a bug in the CRL processing code for an empty CRL, the above test will show this. bob Robert List wrote: > Hallo! > > I have developed a Win32 PKCS#11 Library according to the Austrian Digitale > Signature Legislation. The library should work with at least Mozilla 1.0 + > NSS 3.4.2. Testing OS: Win 2000 professional German, SP2. > > The library establishes two slots. > One fixed slot, which contains all CA Certificates and the according CRLs > (One selfsigned Root and one intermediate CA certificate + CRLs). > The other slot is a hardware slot and contains a ISO 7816 smartcard token > (Private Key, Public Key + User Certificate). > > > If I select the "Manage CRLs" Button in the "Validation" dialog in the > "Preferences" dialog, the nss library (V3.4.2 Release Build) crashes at the > function PK11_TraverseSlotCerts+0x206, with an Access Violation Exception > c0000005. > I far as I checked the behavior of the CRL Parser, the code crashes, if it > tries to decode a CRL with no revoked certificate in it. > > > Robert List > >
