IAIK/NSS

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

IAIK/NSS

cryptonewbie
Hello

I have been desperately trying to find answer to the issue we are facing.

Setup:

We have 2 Java processes each using IAIK PKCS#11 Wrapper (iaik.pkcs.pkcs11)
to talk to a shared single token NSS (softokn3.dll) .

Each of these Java processes are Http Jetty servers which create the
iaik.pkcs.pkcs11.Session and logs in ( at the time jetty server starts ) :

session = token.openSession(Token.SessionType.SERIAL_SESSION,
                    Token.SessionReadWriteBehavior.RW_SESSION, null, null);
session.login(Session.UserType.USER, XXXX);

When Jetty servers are shutdown, respective iaik.pkcs.pkcs11.Session are
closed.

Problem :

We were expecting that when a Java process (jetty server) updates/creates
the token objects

Example: Java process 1 adds Secret key ->

*AESSecretKey aesKeyTemplate = new AESSecretKey();*


*aesKeyTemplate.getToken().setBooleanValue(true);*

*AESSecretKey aesKeyNew = (AESSecretKey)
session.generateKey(keyGenerationMechanism, aesKeyTemplate)*


The other java/Jetty server process 2 would be able to find and retrieve
newly added/updated key that was added by Java Process 1 through it's
session

Example:

KeyHandle keyHandle = null; keyTemplate.getToken().setBooleanValue(true);

session.findObjectsInit(keyTemplate);


Unfortunately, that doesn't seem to be the case. I had to shutdown the 2nd
Jetty server and then it was able to see the find the key that was added by
1st Java jetty process.

My confusion:

Wasn't underlying token/device getting modified by the 1st java/Jetty
process. if so, wouldn't those created token objects be visible throughout
all sessions from all others processes/applications.

Please do correct me if I'm thinking wrong. Would truly appreciate your
help.

Thanks..
--
dev-tech-crypto mailing list
[hidden email]
https://lists.mozilla.org/listinfo/dev-tech-crypto