On 22 sep, 21:19, Nelson B Bolyard <[EMAIL PROTECTED]> wrote: > Paco wrote, On 2008-09-21 23:46: > > > I read the elf headers for every > > shared library distributed with firefox and the symbol > > SEC_PKCS12AddCertAndKey was defined, but SEC_PKCS12AddCert and > > SEC_PKCS12AddKeyForCert weren't (neither the function that derives > > key thumbprint from the cert). > > This ishttps://bugzilla.mozilla.org/show_bug.cgi?id=311483which is > stalled for reasons I don't now recall.
Sure, but there are more consequences for this bug like, in example, you can't also export a pkcs12 containing just CA certifcates, which I belive is something accepted in the pkcs12 standard, or you can't guess the certificate thumbprint if you need it. Anyway, there's no need to alter the function's signature; they just need to export lower level functions in nss distributions and let people create their own methods (like I was trying). I don't see the point in distributing a library which exports just the symbols used by firefox (except, of course, load time efficiency), dramatically reducing its usability by third-part developers, who would want to add new functionality to such an extensible architecture. Sorry for the whining, I wish It didn't bother anyone. By now, I've fulfilled my needs by implementing my own methods to discard CAs from the PKCS12. Thanks for all your help. Regards. _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
