Dear NSS gurus, what do you think, would it really be a bad idea to use
the key from another token, but still use the internal token to encrypt?
When SDR is called, I could check if the token I want to use also
provides the encryption mechanism I need. If it doesn't, I could use the
internal token, which should always be present anyway. So I could be
able to save the key wherever I want, even if the token doesn't provide
the algorithms I need. I don't know if it is legal in the view of NSS or
PKCS11 to use 2 Tokens for the same operation.
I guess I can't just change the mechanism and use another one, I don't
see all the dependencies, but maybe there would be an overflow
somewhere, if the cyphered text exeeds a given length, if I use another
symetric encryption algorithm.
What do you think?
--
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
