On 09/04/2009 12:42 PM, Klaus Heinrich Kiwi wrote:
On 09/03/2009 07:37 AM, Marc Kaeser wrote:
I'm still trying to get those things fixed, but I thought I give you a
feedback before you think I gave up ^^
Marc,
There's another thread on this list where I'm trying to test the
opencryptoki + NSS integration. I admit that I haven't been able to load
opencryptoki's swtok via the Firefox 'load security module' function
myself. Would be logical to test the TPM token after that.
I'm afraid I have to ask for a little patience and more time to sort out
the issues. Any help is also appreciated.
I don't know what it was, but now I can load opencryptoki as a PKCS#11
modules in my systems. I've tried with the software token, TPM token and
the ICA token. Loaded the modules with modutil and generated key
pairs/certificates/cert requests using certutil. I was also able to load
them using Firefox 3.5.2.
Note that "some" NSS versions will require the following patch to
opencryptoki in order to work:
http://permalink.gmane.org/gmane.comp.encryption.opencryptoki.tech/2
(but I was able to use the distro version shipped with Fedora11 without
problems - don't know exactly why atm)
I'm still looking for a way to test NSS while offloading crypto
operations to opencryptoki though.
-Klaus
--
Klaus Heinrich Kiwi | kla...@br.ibm.com | http://blog.klauskiwi.com
Open Source Security blog : http://www.ratliff.net/blog
IBM Linux Technology Center : http://www.ibm.com/linux/ltc
--
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
