johst wrote, On 2008-09-11 16:39: > Ok, thanks for the reply. Slowly I will build my understanding of this > system and the tools. Attached is the output of modutil - i'm not too > sure how to interpret it though: > > Listing of PKCS #11 Modules > ----------------------------------------------------------- > 1. NSS Internal PKCS #11 Module > slots: 2 slots attached > status: loaded > > slot: NSS Internal Cryptographic Services > token: NSS Generic Crypto Services > > slot: NSS User Private Key and Certificate Services > token: NSS Certificate DB > -----------------------------------------------------------
OK, this tells us that you've got a very vanilla setup, one module, two slots, no FIPS mode. That eliminates a LOT of possible causes for failure. The problem you reported is: > signtool: can't generate digest context Unfortunately, Signtool doesn't report the error code that it received when it tried to generate that digest context. It tells us "it failed" but not why. :( That's a defect in signtool. But barring some hitherto undetected regression in NSS, there aren't very many reasons for a digest context creation to fail. I wonder if there's been a regression on Linux. This is one of two reports we've received in as many days of failure to generate a digest context on Linux. The other was reported by David Sadler in a thread with the subject "enabling crypto hardware for NSS". He reported the error: > [Thu Sep 11 17:19:22 2008] [error] SSL Library Error: -12215 MD5 digest > function failed Some questions for you: What flavor (distro) of Linux are you using? Did you get the NSS sources from mozilla.org or from the distributor of your distro? _______________________________________________ dev-tech-crypto mailing list [email protected] https://lists.mozilla.org/listinfo/dev-tech-crypto
