I've created a test class and a db to be used with it that shows the following issues I get while exporting credentials to PKCS12 files using JSS.
1) FIPS enabled generates PBA key error (this issue was first mentioned in a separate thread) 2) 4 of the 8 PBEAlgorithms won't export the EPKI (though I don't really care so much about these personally) 3) 3 of the 4 that will export the EPKI(PBEAlgorithm.PBE_SHA1_DES3_CBC works) generate incompatible PKCS12 files (as long as certs area also included with key, see note in code) 4) The "default" and supplied CharToByteConverter (PasswordConverter from pkcs12 package) do not work with EPKI's passed back from NSS. A "custom" one must be written. I'm just asking here first to see where you want this info. I filed a bug for the previously mentioned salt size issue but never made one for any of the other problems. How would you like me to handle this? Thanks, Dave _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
