PK11_ReadRawAttribute and PK11_WriteRawAttribute would probably work.
Unfortunately, they are also not exported. :(
http://mxr.mozilla.org/mozilla-beta/search?string=PK11_WriteRawAttribute&find=nss
http://mxr.mozilla.org/mozilla-beta/source/security/build/nss.def
Sean
On 10/7/2014 1:23 AM, helpcrypto helpcrypto wrote:
As NSS doesnt expose that function (IMHO it Should), couldnt you use
PK11_Read/WriteRawAttribute? (Apart this should being fixed or not)
On Tue, Oct 7, 2014 at 10:20 AM, helpcrypto helpcrypto <helpcry...@gmail.com
wrote:
On Tue, Oct 7, 2014 at 10:02 AM, Sean Leonard <dev+mozi...@seantek.com>
wrote:
Thanks, but the need is to change the nickname. It is displayed in
Mozilla apps for various purposes. The nickname is also known as the
"friendly name" on other platforms (e.g., MS CryptoAPI) and in other
standards (e.g., PKCS #9).
The nickname is the CKA_LABEL (0x00000003) attribute. That is exactly
what NSS maps it to (see the implementation of PK11_SetObjectNickname), and
for good reason. See pkcs11t.h and PKCS #11 v2.20 Section 10.4. Note that
CKA_LABEL is defined as a UTF-8 encoded string.
Oh, I see. Then you could use C_G/SetAttributeValue with CKA_LABEL, isnt
it?
Sean
On 10/7/2014 12:38 AM, helpcrypto helpcrypto wrote:
IIRC, nicknames aren't part of PKCS#11 standard, so i would suggest
instead
using CKA_ID (hash of public key; certificate, public and private keys
have
the same)
On Tue, Oct 7, 2014 at 9:15 AM, Sean Leonard <dev+mozi...@seantek.com>
wrote:
Hi Mozilla/Firefox crypto people:
In Firefox 33 (and generally Mozilla toolkit apps, including
Thunderbird)
on Windows, it appears that nss3.dll is folded and only a subset of
functions are exposed. See <http://mxr.mozilla.org/
mozilla-beta/source/security/build/nss.def>.
Among the functions that are not exported are PK11_SetPublicKeyNickname
and PK11_SetPrivateKeyNickname. Removal of these functions causes
significant hardship for our code, because those are the only
abstraction-safe ways to do those things. Internally they call
PK11_SetObjectNickname but PK11_SetObjectNickname has not historically
been
exported. Worse, these functions are still exported on Mac OS X and
Linux
builds; it is rather crazy that there are basic functions that one can
do
on some platforms but not all.
I have managed to cobble together a solution together for Windows, but
it
involves having knowledge of the layout of PK11SlotInfoStr (to get
things
like the slot and session variables) which has not been considered
"public": it is in secmodti.h.
Can these two functions please be added back to
mozilla/security/build/nss.
def?
Thank you,
Sean
--
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
--
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
--
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
