Session management in IAIK/NSS

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

Session management in IAIK/NSS

cryptonewbie
I have been desperately trying to find answer to this issue we are facing. Setup: We have 2 Java processes each using IAIK PKCS#11 Wrapper (iaik.pkcs.pkcs11) to talk to a shared single token NSS (softokn3.dll) . Each of these Java processes are Http Jetty servers which create the iaik.pkcs.pkcs11.Session and logs in ( at the time jetty server starts ) : session = token.openSession(Token.SessionType.SERIAL_SESSION, Token.SessionReadWriteBehavior.RW_SESSION, null, null); session.login(Session.UserType.USER, XXXX); When Jetty servers are shutdown, respective iaik.pkcs.pkcs11.Session are closed. Problem : We were expecting that when a Java process (jetty server) updates/creates the token objects Example: Java process 1 adds Secret key -> AESSecretKey aesKeyTemplate = new AESSecretKey(); aesKeyTemplate.getToken().setBooleanValue(true); AESSecretKey aesKeyNew = (AESSecretKey) session.generateKey(keyGenerationMechanism, aesKeyTemplate) The other java/Jetty server process 2 would be able to find and retrieve newly added/updated key that was added by Java Process 1 through it's session Example: KeyHandle keyHandle = null; keyTemplate.getToken().setBooleanValue(true); session.findObjectsInit(keyTemplate); Unfortunately, that doesn't seem to be the case. I had to shutdown the 2nd Jetty server and then it was able to see the find the key that was added by 1st Java jetty process. My confusion: Wasn't underlying token/device getting modified by the 1st java/Jetty process. if so, wouldn't those created token objects be visible throughout all sessions from all others processes/applications. Please do correct me if I'm thinking wrong. Would truly appreciate your help. Thanks..