On 01/09/2015 08:03 AM, Opa114 wrote:
While there is some documentation on the format of cert8.db, If you are accessing it from Java inside firefox and you aren't accessing it from JSS, then you run the risk of corrupting the database.i do. but i want to parse the cert8.db or maybe access this fle in an easier way with JAVA. i have to read the file and maybe i have to remove and/or add new certificate to it.
If you are just accessing it standalone, then you may have more success, though that's a pretty complicated route. The file is in the old berkeley DB format, which means you'll need to access it some how. I doubt there are java bindings for that code, berkeley stopped maintaining it before Java existed (it eventually became sleepycat). So first you'd need the old DB format.
They way NSS uses the database records is documented here: http://www-archive.mozilla.org/projects/security/pki/nss/db_formats.html Even though this says cert7.db, it's basically the same, except cert 8 databases may contain crls (iirc).
This doesn't get you signing access. For that you'd need to also access key3.db, which has it's own set of 'row'/'payload' values, as well as PKCS5 encoded keys.
bob
smime.p7s
Description: S/MIME Cryptographic Signature
-- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
