[EMAIL PROTECTED] wrote:
On Oct 28, 5:10 pm, Nelson B Bolyard <[EMAIL PROTECTED]> wrote:[EMAIL PROTECTED] wrote, On 2008-10-28 13:29:From what I have read, the internal pkcs 11 data store is protected by 1 master password. Is there a way to store my keys in the firefox pkcs 11 data store with their own password [...]?No, at the present time, there is not.Could I get around this problem by creating a new pkcs 11 data store for my extension? (with code reuse from certutil.c) Or will calling NSS_Initialize from within the extension cause problems with the rest of Firefox...
NSS_Initialize will not add a new database, but there is a call that will.: https://developer.mozilla.org/en/NSS_PKCS11_Functions#SECMOD_OpenUserDB Some caveats:While the database is open, those keys and certs are accessible to mozilla. It will look like a new token to NSS (just as if you inserted a smart card). If Mozilla desides to use one of the certs, it may ask the user to log into your token (if you aren't already logged in).
That token can have a different password that the firefox built-in store. When you are through you can get rid of close the database with: https://developer.mozilla.org/en/NSS_PKCS11_Functions#SECMOD_CloseUserDBClosing the database will act just as if it were a smart card that was suddenly removed.
bob
Dan _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
