Thanks again. One question, where could I notify this problem to confirm if that is a nss bug or the problem is in my pkcs11?.
Antonio.
Bob Relyea wrote:
Antonio Andr�s Espallardo wrote:
Hi. I've modified my C_DecryptUpdate method, and now it's returning the correct length, but I'm having a problem with the last block caused by PADDING I think. This is what I obtain when I try to decrypt a mail mesagge using 3DES mechanism:
And the last C_DecryptUpdate call:
C_DecryptUpdate. -->Input Data(8 bytes): <12> <65> <bc> <d2> <4> <17> <89> <20> --> Output Data (8 bytes): <d> <a> <6> <6> <6> <6> <6> <6> END C_DecryptUpdate.
Now I don't know what happens but Netscape don't finalize the decrypt operation correctly calling C_DecryptFinal, but he close the session. The message is showed decrypted in the mail manager, but Netscape hasn't finalized correctly the decrypt operation.
It's probably a bug in NSS. Once the session is closed, though, you should throw away all your decryptions state.
Always, in the last block decrypted, appear some bytes which I think it doesn't must appear (STX, SOH...). What can be happening?
Looks like the end of a message to me. <d><a> is \r\n (normal line termination) and the <6>'s are the padding bytes (you'll note
six of them).
Appart of this, How could I specify in a Windows 2000 operating system that netscape uses my pkcs11 module by default to develop all the operations needed?.
It's specified when you install your token into NSS. You'll have to use javascript or Modutil to do the actual install. I don't have the javascript instructions in front of me. For modultil is the -ciphers flag.
bob
Thanks in advance.
Antonio.
Nelson B wrote:
Antonio Andres Espallardo wrote:
Hi everybody. I'm having some problems with a PKCS11 module I've developed in encrypt/decrypt methods. I can't understand the behavior
C_DecryptUpdate.
--> Input Data(16 bytes): <22> <b2> <b5> <62> <f1> <8c> <c2> <11> <78> <2d> <88> <bd> <31> <4> <33> <5e>
--> Output data(8 bytes): <43> <6f> <6e> <74> <65> <6e> <74> <2d>
END C_DecryptUpdate.
Now Netscape close the session and finalizes the decrypt operation.
That last DecryptUpdate returned the wrong amount of output information IINM.
_______________________________________________ mozilla-crypto mailing list [email protected] http://mail.mozilla.org/listinfo/mozilla-crypto
_______________________________________________ mozilla-crypto mailing list [email protected] http://mail.mozilla.org/listinfo/mozilla-crypto
