Hi Roko, roko wrote: > I'm getting this error: > Caused by: sun.security.pkcs11.wrapper.PKCS11Exception: CKR_DATA_LEN_RANGE > > Is this maybe a known limitation for softhsm2 ? there is some workaround > ? Thx for your help.
I've had a quick look at the code, and this seems to be a bug; C_EncryptUpdate always checks if the input block adheres to the cipher's required block size. It should only do this if the cipher is used in ECB mode. I have created SOFTHSM-107 (https://issues.opendnssec.org/browse/SOFTHSM-107) in our issue tracking system for this bug, it will be addressed in the next version of SoftHSM v2. Meanwhile you could help us by testing this by doing the following: - Build SoftHSM v2 from source (instructions here: https://github.com/opendnssec/SoftHSMv2/blob/develop/README.md) - go to "src/lib" in the source tree - edit "SoftHSM.cpp" - go to line 2166 and comment it out (this is the check for block size matching) - re-run your test program and let us know the result Thanks in advance for reporting this issue. Best regards, Roland -- -- Roland M. van Rijswijk - Deij -- SURFnet bv -- w: http://www.surf.nl/en/about-surf/subsidiaries/surfnet -- e: roland.vanrijsw...@surfnet.nl Please note: As of 1 January 2015 SURFnet has a new address and telephone number: Kantoren Hoog Overborch (Hoog Catharijne) - Moreelsepark 48, 3511 EP Utrecht - PO Box 19035, 3501 DA Utrecht - Telephone: +31 88-7873000
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ Opendnssec-user mailing list Opendnssec-user@lists.opendnssec.org https://lists.opendnssec.org/mailman/listinfo/opendnssec-user
