On 06/01/2010 07:47 AM, Konstantin Andreev wrote:
> Not a policy issue I suppose... Some days ago I have found that:
>
>No one block cipher MAC'ing mechanism is working in either current
> release or trunc NSS, in either mode.
>
> I've already investigated the issue and about to file a bug this
On 05/31/2010 02:02 AM, Sebastian Mayer wrote:
> Hi All,
>
> I'm having some difficulties in creating a simple AES key as follows:
>
> CK_OBJECT_HANDLE hKey;
> CK_OBJECT_CLASS keyClass = CKO_SECRET_KEY;
> CK_KEY_TYPE keyType = CKK_AES;
>
> CK_BYTE keyValue[] = {
> 0x01, 0x23,
On 2010/06/01 11:38 PDT, Kathleen Wilson wrote:
> Is there support in NSS to restrict an intermediate CA to only be able
> to issue SSL certificates within a specified domain?
Yes, the issuer of the intermediate CA cert can constrain the names that
may appear in certificates issued by that subord
On 2010/06/01 07:04 PDT, Sebastian Mayer wrote:
> Solved - and this was again a "FIPS issue". The AES_MAC is not in the
> list of support mechanism in the fips-related security policy.
That's strange. I'm not sure if that's intentional or a bug.
Bob, Glen, Do you know?
Is there a reason for th
Is there support in NSS to restrict an intermediate CA to only be able
to issue SSL certificates within a specified domain?
If yes, does this support apply to both SANs and CNs?
Can you point me to documentation on how to use this?
The reason that I’m asking is because there has been recent di
Not a policy issue I suppose... Some days ago I have found that:
No one block cipher MAC'ing mechanism is working in either current release
or trunc NSS, in either mode.
I've already investigated the issue and about to file a bug this or next day.
--
Konstantin Andreev.
On 06/01/10 18:04,
Sebastian Mayer wrote:
> Hi All,
>
> I have some problems in initializing a MAC-based signing operation. Here
> is the code snippet (nothing special, mostly put together from the PKCS
> spec samples):
>
> #define BLOCKSIZE 16;
>
> CK_ULONG ulMacLen=BLOCKSIZE;
> CK_BYTE mac[ulMacLen];
>
7 matches
Mail list logo
