EldoS | Feel safer!

Software components for data protection, secure storage and transfer

.Net security violation in PKI BlackBox demo

Also by EldoS: Callback File System
Create virtual file systems and disks, expose and manage remote data as if they were files on the local disk.
Posted: 11/03/2014 05:42:59
by Andy Calvert (Standard support level)
Joined: 11/07/2007
Posts: 16

Just downloaded and installed v12 of PKI BlackBox.

Built the CertTokenDemo.

As soon as I try to select a PKCS#11 library DLL the code fails with:

Attempt by security transparent method "SBPKCS11Base.__Global.PKCS11CheckError(Int64,Int32,UInt320" to call native code through method "SBPKCS11Base.__Global.GetLastPKCS11ErrorInfo(Int64,IntPtr,Int32 ByRef)". Methods must be security critical or security safe-critical to call native code.

Any advice you could give please ?
Posted: 11/03/2014 05:49:57
by Eugene Mayevski (EldoS Corp.)

Given that the code works for us and for other customers, that must be something specific to your project. Can you please check and tell us whether your project is configured to run in some restricted way?

Another possible reason is that you link .NET 2.0 assemblies to .NET 4.x project. You need to ensure that correct assemblies are loaded (we provide separate assembly set for each version of .NET Framework).

Sincerely yours
Eugene Mayevski
Posted: 11/03/2014 05:55:00
by Andy Calvert (Standard support level)
Joined: 11/07/2007
Posts: 16

Hi Eugene,

This is your provided project, not my code. The only change I made was to change the PlatformTarget in Visual Studio from AnyCPU to x86, as the PKCS#11 library that we use is 32-bit (and otherwise you get the message about incompatible formats when trying to load the DLL).

So I have not linked any assembles, they have already been done in your project. I can see that the correct .Net 4 assembles were selected.
Posted: 11/03/2014 06:32:05
by Eugene Mayevski (EldoS Corp.)

Unfortunately it doesn't seem to be possible to reproduce the issue in real-life conditions (we tried). We will add the extra safety measures (security attributes) in a couple of places and I hope that those additions would address the problem. The change will go to the next build, which will happen in about two weeks.

Sincerely yours
Eugene Mayevski



Topic viewed 467 times

Number of guests: 1, registered members: 0, in total hidden: 0


Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!