On Wed, 2012-11-14 at 15:15 +0000, Gustavo Homem wrote: > So I need to find out how to call libnss se actually generate a key for > key3.db. But I'm half amazed that it isn't possible via certutil or other CLI > interface.
We'll see, maybe it is, but first we need to identify exactly what you want to do. > > Mozilla's application passwords aren't stored in key3.db. Rather, > > key3.db contains a symmetric key for symmetric encryption. > > > > Precisely. That's what I want to generate programatically. Have you seen "symkeyutil" provided by NSS? You get it if you build NSS on its own. It might not be built by default from within the Mozilla application builds - but you should be able to build it by extending mozilla/security/build/Makefile.in appropriately (add new rules similar to certutil). Use "symkeyutil -d directory -L" to see a list of keys contained in a NSS DB. -H for help -K to generate a new key. Look at the Mozilla and the list output to deduce what parameters you need. Does this help? Kai
smime.p7s
Description: S/MIME cryptographic signature
-- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
