Subrata Mazumdar wrote:
I remembered that I had that working at one point, but it may have attropied... It may actually be an issue in the NSS wrapper rather than the CAPI pkcs #11 module itself. Does importing a keypair from PKCS #12 work?Hi Bob,I can neither generate key-pair nor use the private key to sign either a PKCS#10 CSR or another Cert.
It always prompts for (as mentioned in the README file) password with a smart card dialog window. I do not even know the password of MS Crypto store because MS Crypto tool (certmgr.msc) allows me to view and import cert without any password. I have to investigate this little bit more.So this prompt is actually a windows CAPI prompt. It's associated with the password on the private key in the CAPI database. The actual CAPI pkcs #11 module does not use a password.
A stack traceback might be useful. It shouldn't work, but it also shouldn't crash...If I cancel the password prompt, it crashed the browser.
Is there a way to avoid CAPI generated prompt for password?
I think you need to use Microsoft tools to do this...
Can I use nsIPK11Token.checkPassword() to explicitly login to the token forNo, because the prompt isn't a PKCS #11 prompt, its from the underlying CAPI module.MS Certificate store so that password propmt is not shown at all?
Have you able to do access the private key from the "MS certificate store" token?Yes, I was able to import my private key and use it from both EI and Firefox.
bob
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
