On 10/05/2009 10:42 AM, Robert Relyea wrote: > On 10/05/2009 09:27 AM, Konstantin Andreev wrote: > >> Hello. >> >> In the source code of the "softoken" library I see various conditional >> manipulations with CKA_NETSCAPE_DB attribute of private keys. >> >> Since I am adding a new (GOST) type of private key to NSS, I need to >> know how CKA_NETSCAPE_DB should apply to this key. >> >> But I haven't found enough information about the intended use of >> CKA_NETSCAPE_DB in neither MDC nor bugzilla. >> >> Could you, please, advice, how should I handle CKA_NETSCAPE_DB for >> GOST private keys ? >> > GOST private key? Are you talking about a new asymmetric algorithm > (a.la. RSA and DH)? If so, then you would need to worry about private > keys. If you are just talking about a symmetric algorithm, then there is > no need. You're key is a secret key, and should be handled automatically. >
I should add, that it sounds like you are trying to modify softoken, rather than try to implement GOST as an external token. I would highly suggest doing the latter. I intend to move SEED and CAMILLA out of softoken in the future, and would look very favorably on a patch that included GOST in it's own PKCS #11 module, and not so favorably on yet another non-FIPS algorithm that will be unnecessarily frozen when softoken is in FIPS freeze. (Also note: you will have your algorithm integrated into more applications sooner if you go the separate PKCS #11 route). bob > bob > > >
-- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
