thanks a lot, now that you explain it again that clearly, I can see the
difference. Somehow, I had in mind that those "crypting-objects" are
wire-hard-coded, that the soft-toks just emulates some hardware, and
that you just could forward your requests to that hard-coded logic, and
get some answer. I didn't see that those algorithms could also be
instances/objects that do something, that you could use like instances
in the application code itself. I think I didn't figure that the tokens
themselves are oop-things. But that's great.
The tpm I use, as long as I know, as no crypto-instances or almost none.
Or calls to them aren't implemented in TrouSerS. That's something I read
when I installed opencryptoki and the tpm-kernelmodule.
I'll have to look at SDR again. Since I don't exactly understand how the
soft-token in NSS is implemented, I hope SDR doesn't make calls to that
token to encrypt, like if it was a crypto-device like you just
explained. It's true that I haven't been deep enough to find the DES
altorithm itself, in SDR. I hope it's somewhere in a library, not inside
a token. Otherwise, if I take the key from another token, but use the
soft-tok to encrypt, that's like if I used 2 different tokens and mixed
up the key from one with the functions of the other. Would not be a
great thing...
thanks!
--
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
