EldoS | Feel safer!

Software components for data protection, secure storage and transfer

PKCS11 Cert Storage with 64 bits dll

Also by EldoS: CallbackFilter
A component to monitor and control disk activity, track file and directory operations (create, read, write, rename etc.), alter file data, encrypt files, create virtual files.
#17045
Posted: 07/14/2011 17:31:21
by Ken Ivanov (EldoS Corp.)

I did some deeper investigations of the issue. While the crash is immediately caused by a missing exception handler in the proxy DLL (I've fixed this), the overall result is not that optimistic. The problem is that the LoadLibrary() call fails for the driver DLL (i.e. the DLL just can't be loaded into the address space of the process). I checked the driver with Dependency Walker, and it reported a bunch of mistakes, namely
Quote
Error: At least one module has an unresolved import due to a missing export function in an implicitly dependent module.
Error: Modules with different CPU types were found.
Warning: At least one delay-load dependency module was not found.
Warning: At least one module has an unresolved import due to a missing export function in a delay-load dependent module.


Note that I've installed the complete driver package from ActivIdentity, so all the necessary dependency DLLs should have been added to the system. For now the problem seems to be related to some driver problem for me, like a compilation issue or some missing files in the distribution.

I am attaching the fixed driver DLL that is free of the crash issue. It works fine with a number of 64 bit PKCS11 drivers (e.g. with the one from Athena) for us.


[ Download ]
#17050
Posted: 07/15/2011 04:05:22
by Jose Aznar (Standard support level)
Joined: 02/14/2008
Posts: 14

I have tested several PKCS#11 driver DLLs and the message of incorrect program format remains.

I have copied ACPKCS211RC.dll (Active identity PKCS#11 DLL) to system32 folder. Testing this DLL (with dependency walker) results no dependencies missing and no different CPU formats, so I think that's alright from this side.

The CryptoTokenDemo is x64 compiled as usual.

Could be possible that proxy DLL is for 32 bits and not for 64? How can I check if proxy dll is for 32 or 64? (dependency walker doesn't open it)

I have tested with Aladdin etoken, Active identity and spanish id card with the same results.

Thanks.
#17053
Posted: 07/15/2011 07:08:47
by Jose Aznar (Standard support level)
Joined: 02/14/2008
Posts: 14

I tried to attach bit4ipki.dll, the DLL which is trying to use the final customer, but it's too big.

Anyway, you can download it from:
http://www.bit4id.com/Espanol/descargas_file/middleware/1.2.14.0/Kit_Bit4id_2.8.exe

Hope it will be useful. Thanks.
#17055
Posted: 07/15/2011 10:02:45
by Ken Ivanov (EldoS Corp.)

Thank you for the link. I have installed the bit4id driver and... sadly (or happily), it worked fine for me. I was unable to check it with a token, but at least the sample displayed a list of installed slots for me, indicating that the proxy DLL and the driver do work together.

Please find attached the compiled application that works fine for us. Please unpack it to some temporary location and run the executable. Then select the driver DLL and try to open it.

The driver DLL attached here has logging capabilities. If the sample won't work for you, please enable logging in the following way:
1) Create a HKEY_CURRENT_USER\Software\EldoS\PKCS11ID registry key,
2) Add a "LogFile" string value to the created key, and assign it with a path to the log file (e.g. E:\Temp\PKCS11Log.txt),
3) Start the application again and lead it to a crash. Then check the log file.

UPD: the sample is too big to be accepted by the forum. I've created a Helpdesk ticket for you and will post the file there.

Reply

Statistics

Topic viewed 8389 times

Number of guests: 1, registered members: 0, in total hidden: 0




|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!