Hi, I'm using NSS 3.12.4 with NSPR 4.8 release from the Mozilla FTP site on Fedora 10. I'm interested in generating keys and certs with the basic NIST curves (nistp256, nistp384, nistp521) included in the softoken implementation when NSS is compiled with the "NSS_ENABLE_ECC" flag. I would greatly appreciate it if one could point out anything missing or incorrect in the provided steps below:
tar -xvf nss-3.12.4-with-nspr-4.8.tar. gz NSS_ENABLE_ECC=1; export NSS_ENABLE_ECC cd nss-3.12.4-with-nspr-4.8/mozilla/security/nss make nss_build_all alias certutil='home/user/Download/nss-3.12.4-with-nspr-4.8/mozilla/dist/Linux2.6_x86_glibc_PTH_DBG.OBJ/bin/certutil' cd ~/nss_ecc certutil -N -d . certutil -G -k ec -q nistp256 -d . Enter Password or Pin for "NSS Certificate DB": A random seed must be generated that will be used in the creation of your key. One of the easiest ways to create a random seed is to use the timing of keystrokes on a keyboard. To begin, type keys on the keyboard until this progress meter is full. DO NOT USE THE AUTOREPEAT FUNCTION ON YOUR KEYBOARD! Continue typing until the progress meter is full: |************************************************************| Finished. Press enter to continue: Generating key. This may take a few moments... certutil: unable to generate key(s) : security library failure. Thanks, Kai
-- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
