Hello,
I'm using a PKCS #11 module with Mozilla 1.7.12 for
email/authentication. The token at hand *require* message digest to be
calculated in the token, so the MechanismInfo for CKM_RSA_PKCS indicates
this by the setting these flags only: CKF_HW | CKF_DECRYPT | CKF_UNWRAP.
(Not CKF_SIGN!). Further the MechanismInfo for CKM_SHA1_RSA_PKCS sets
the flags: CKF_HW | CKF_SIGN. Nevertheless, when signing an email with
mail tool, it does C_SignInit with Mechanism type = CKM_RSA_PKCS, which
then returns CKR_MECHANISM_INVALID. After this the mail tool gives up.
The question is: Is there any way to make NSS to use CKM_SHA1_RSA_PKCS
for signing rather than CKM_RSA_PKCS?
Regards,
Helge Bragstad
_______________________________________________
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
