I think the procedure of certificate enrollment should be like that: (1) NC generate the Key Pair using C_GenerateKeyPair, C_CreateObject; (2) generate the hash data using C_DigestInit, C_DigestUpdate,C_DigestFinal; (3) sign the hashed data using C_SignInit, C_sign; (4) send the signature and the public key to the Certificate Server; (5) after generating X509v3 certificate, CS send it back to NC, NC then call C_CreateObject to create certificate object.
After keeping the trace of this certificate enrollment procedure at https://digitalid.verisign.com/, I am confused: 1. Why did NC call the C_GetSessionInfo C_FindObjectsInit several times, 2. called C_GenerateKeyPair to create a public key and a private keyobject, use this private key and CKM_RSA_PKCS mechanism to call C_DecryptInit, C_Decrypt to Decrypt a data block of 128 bytes.but i can't get the right data. 3. I don't know which test or step(s) not suit the requirement of NC. The result is abnormal. Because no certificate was generated but the enrollment procedure was over at C_Decrypt. ============================DLL_PROCESS_ATTACH1======================= C_GetFunctionList Entry C_Initialize(CreateMutex=367d370 DestroyMutex=367d390 LockMutex=367d3b0 UnlockMutex=367d3d0 flags=3 pReserved=0) C_GetInfo entry C_GetSlotList Entry(tokenPresent=0x0) C_GetTokenInfo Entry (slotid = 0x1 pInfo=0x12efb8) C_GetMechanismList Entry(slotID=0x1),pMechanismList = 0x0, pulCount = 0x12ef80 C_OpenSession Entry(slotID=1,flags=4,pApplication=2c2fad0,Notify=368a6a0) C_GenerateRandom: 32 (pRandomData=6a,9e,f,a6,b1,15,66,57) C_SeedRandom (not support) C_FindObjectsInit Entry(hSession = 0x2c392e0,pTemplate[0].pValue= 0x12f04c,ulCount = 0x1) C_FindObjectsInit:Template(type=0,*pValue=ce534354) C_FindObjects Entry(hSession = 0x2c392e0) C_FindObjectsFinal Entry (hSession = 0x2c392e0) C_GetSlotInfo Entry(slotID=0x1 pInfo=0x12ef18) C_GetSessionInfo Entry(hSession=2c392e0 pInfo=12ef08) C_FindObjectsInit Entry(hSession = 0x2c392e0,pTemplate[0].pValue= 0x36abc38,ulCount = 0x2) C_FindObjectsInit:Template(type=1,*pValue=1) C_FindObjectsInit:Template(type=0,*pValue=1) C_FindObjects Entry(hSession = 0x2c392e0) C_FindObjectsFinal Entry (hSession = 0x2c392e0) C_GetSessionInfo Entry(hSession=2c392e0 pInfo=1e2f66c) C_FindObjectsInit Entry(hSession = 0x2c392e0,pTemplate[0].pValue= 0x36abc38,ulCount = 0x2) C_FindObjectsInit:Template(type=1,*pValue=1) C_FindObjectsInit:Template(type=0,*pValue=ce534353) C_FindObjects Entry(hSession = 0x2c392e0) C_FindObjectsFinal Entry (hSession = 0x2c392e0) C_GetSessionInfo Entry(hSession=2c392e0 pInfo=1e2f51c) C_GetSessionInfo Entry(hSession=2c392e0 pInfo=1e2f558) C_GetSessionInfo exit(crv=0x0) C_FindObjectsInit Entry(hSession = 0x2c392e0,pTemplate[0].pValue= 0x36abc38,ulCount = 0x2) C_FindObjectsInit:Template(type=1,*pValue=1) C_FindObjectsInit:Template(type=0,*pValue=ce534351) C_FindObjectsInit exit (crv = 0) C_FindObjects Entry(hSession = 0x2c392e0) C_FindObjectsFinal Entry (hSession = 0x2c392e0) C_GetSessionInfo Entry(hSession=2c392e0 pInfo=1e2f5dc) ============================DLL_THREAD_DETACH======================= ============================DLL_THREAD_DETACH======================= C_GetSessionInfo Entry(hSession=2c392e0 pInfo=1e2f66c) C_GetSlotInfo Entry(slotID=0x1 pInfo=0x1e2f6cc) C_GetSessionInfo Entry(hSession=2c392e0 pInfo=1e2f6bc) ============================DLL_THREAD_ATTACH======================= C_GetSlotInfo Entry(slotID=0x1 pInfo=0x12ebf4) C_GetSessionInfo Entry(hSession=2c392e0 pInfo=12ebe4) C_GetSessionInfo Entry(hSession=2c392e0 pInfo=12ecd8) C_GetSessionInfo Entry(hSession=2c392e0 pInfo=12ee98) ============================DLL_THREAD_ATTACH======================= C_GetMechanismInfo Entry (type = 0x1) C_OpenSession Entry(slotID=1,flags=6,pApplication=2c2fad0,Notify=368a6a0) C_GenerateKeyPair Entry(ulPublicKeyAttributeCount=8,ulPrivateKeyAttributeCount=7) C_GetAttributeValue Entry(hSession=2c392e0,hObject=288ffc0) C_GetAttributeValue Entry(hSession=2c392e0,hObject=288ffc0) C_GetAttributeValue Entry(hSession=2c392e0,hObject=288ffc0) C_GetAttributeValue pubkey(buffer=b9,fe,9d,ce,20,1f,63,fe) C_GetAttributeValue Entry(hSession=2c392e0,hObject=288ffc0) C_SetAttributeValue Entry (hSeesion=2cb9460,hObject=2be9aa0) C_SetAttributeValue Entry (hSeesion=2cb9460,hObject=288ffc0) C_CloseSession Entry (hSession = 0x2cb9460) C_GetAttributeValue Entry(hSession=2c392e0,hObject=2be9aa0) C_DestroyObject Entry (hSession=2c392e0,hObject=288ffc0) C_GetAttributeValue Entry(hSession=2c392e0,hObject=2be9aa0) C_GetAttributeValue Entry(hSession=2c392e0,hObject=2be9aa0) C_DecryptInit Entry(hSession=2c392e0,hKey=2be9aa0) C_Decrypt Entry
