On 01/16/11 08:34 AM, Newsha Ardalani wrote:
Thanks everybody for your helpful comments,
Fortunately I could find another server which supports n2cp0. but I have faced
with a
new problem that have made me crazy. I have a code that runs on one server with
no
problem, gives error on the other, I know it must be something dependent on the
configuration of my systems, but I don't know what I have missed or what I
should check?
Let's assume I have two systems, system 1 without hardware support which has
only one
slot and that is slot 0 (metaslot) and system 2 with 4 slots. To check there is
no
problem with my code, I decided to try it for the slot 0 in the first place.
When I run
my program on the first server it compiles and runs successfully but when I try
to run
it on the second system it gives the CKR_ARGUMENTS_BAD error on C_EncryptUpdate
function
call.
Hi Newsha -
A few things about slot IDs - you can never count on them being the same,
as they will vary from system to system. That is, you can never hardcode
in a value. Not all systems will have a slot '0', for example (only
when metaslot is active).
You need to call C_GetSlotList and find the slot you want from there
(you can look for the token label) and then use that slot ID.
Many things can cause slot order to vary from hardware to hardware,
like availability of underlying hardware (for example, an x86 box
will not have n2cp).
Also, a system with only one slot should *not* have metaslot enabled,
unless pkcs11_kernel is showing multiple slots (in which case, there
is more than one slot enabled :-)
There are plugins and then there are slots. Some plugins may
present multiple slots to the framework, which will then enable
metaslot (and then hide the slot it is using as a keystore, see:
http://blogs.sun.com/ktung/entry/sun_metaslot_and_my_missing )
Hope that helps! There were some coding examples up on docs.sun.com,
but those have just moved to Oracle sites somewhere and I no longer
have the links. Good luck!
Valerie
--
Valerie Fenwick, http://bubbva.blogspot.com/ @bubbva
Solaris Security Technologies, Developer, Oracle Corporation
4180 Network Circle, Santa Clara, CA, 95054.
_______________________________________________
crypto-discuss mailing list
crypto-discuss@opensolaris.org
http://mail.opensolaris.org/mailman/listinfo/crypto-discuss
