On 2010/04/23 11:37 PDT, Robert Relyea wrote: > On 04/23/2010 09:19 AM, Tomas Kubina wrote: >> Hi all, >> >> I am developing new PKCS11 module and I would appreciate help with this. >> When I want to see certificate on my token, firefox get all attributes >> of the >> certificate, which it wants, but then tries to find objects with >> CKA_CLASS = ce534353. It searches these objects several times but each >> attempt is with different CKA_ISSUER value. After few seconds firefox shows >> my certificate finally. >> > > This is expected. FF uses a set of "Vendor Defined" mechanisms, > attributes and objects. You are perfectly entitled to barf all over > these with "CKR_MECHANISM_INVALID", "CKR_ATTIBUTE_TYPE_INVALID", and > "CRK_ATTRIBUTE_VALUE_INVALID" as well as in this case, just not > returning any objects. NSS (and thus FF) should be able to handle it.
:) You and I said the same thing. It's funny how differently we expressed it. "handle as defined in the spec" vs. "barf all over these". :) I like it. -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
