On Thu, Nov 20, 2008 at 9:32 PM, NZzi <[EMAIL PROTECTED]> wrote: > > yeah, in order to get the "real reason" of the problem, i had to > compile NSS from source and debug my program with NSS code, then > i found why i got 8192 error. It's because the "length thing" of > data and signed data.
I'm sorry that you had to go through this trouble. I have just checked in three patches that should improve the error reporting of our PK11_ crypto functions. Since you had done the work of compiling NSS from source, you can help me verify if my patches would have helped in your situation, in two ways. 1. In your current NSS source tree, please let me know where in the source code (source file and line number) it failed due to the length of data and signed data. With this info, I can tell if my patches will propagate that error up to the PK11_ function. Or 2. Build the tip of the NSS source tree, and see if you get a better NSS error code than -8192 (SEC_ERROR_IO) now. Hopefully you'll get SEC_ERROR_INPUT_LEN (-8188) or SEC_ERROR_OUTPUT_LEN (-8189) instead. You can check out the tip of the NSS source tree as follows: export CVSROOT=:pserver:[EMAIL PROTECTED]:/cvsroot cvs -q co -A NSPR NSS > I think Chang's current work on doc is great, a detailed Docs about > NSS API(each level, including PKCS#11, Crypto Wrapper, and etc) will > help people like me(know the basic cryptography knowledge, but not good > at it) a lot. Documentation is important, but informative error codes are also important. This is why I hope you can help me verify my patches would have helped you. Thanks! Wan-Teh _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto