> NSS_Initialize will not add a new database, but there is a call that
> will.:https://developer.mozilla.org/en/NSS_PKCS11_Functions#SECMOD_OpenUserDB
> When you are through you can get rid of close the database
> with:https://developer.mozilla.org/en/NSS_PKCS11_Functions#SECMOD_CloseUserDB
On Oct 28, 5:10 pm, Nelson B Bolyard <[EMAIL PROTECTED]> wrote:
> [EMAIL PROTECTED] wrote, On 2008-10-28 13:29:
>
> > From what I have read, the internal pkcs 11 data store is protected by 1
> > master password. Is there a way to store my keys in the firefox pkcs 11
>
Hi All,
To securely store my public / private key pairs for my firefox
extension it seems like I have two options - 1) to create pkcs 12
password protected files for each one or 2) to add the keys to the
internal pkcs 11 data store in firefox. I would prefer to use a data
store as opposed to indi
new slot?
Thanks,
Dan
On Oct 14, 2:18 pm, Robert Relyea <[EMAIL PROTECTED]> wrote:
> Nelson B Bolyard wrote:
> > [EMAIL PROTECTED] wrote, On 2008-10-13 13:52:
>
> >> I have a crypto library which I connect to a Firefox extension using
> >> Xpcom. The libr
Hi,
I have a crypto library which I connect to a Firefox extension using
Xpcom. The library generates custom size public and private key pairs
which I would like to store securely in Firefox. How would this be
done?
Thanks,
Dan
___
dev-tech-crypto ma
On Aug 9, 10:48 pm, "L. David Baron" <[EMAIL PROTECTED]> wrote:
> On Sunday 2007-07-22 04:40 -0400, Mike Connor wrote:
>
> > On 22-Jul-07, at 2:59 AM, Robert Sayre wrote:
> > > That doesn't sound reasonable. We are going to accept a very large
> > &g
Nelson,
* Many thanks for the reply. I thought that "PvkTmp:
99ace907-0a0c-4066-bd60-751431d09f92" is too complex for the NSS and
tried to do something with it.
Problem was solved by changing friendly name of the cert. I added my
cert into IE certificates db, corrected field "friendly name" (the
Hi
I'm trying to sign Firefox plugin with a certificate. Cert is located
in .pfx file. I successfully created local db and added my cert into
it. "certutil -L -d ." shows the following:
PvkTmp:99ace907-0a0c-4066-bd60-751431d09f92 u,u,u.
When I try to sign my dir with
signtool -d . -
Hi, all gurus on board,
I guess this must be the right group for my question.
I am working on a web-based certification authority application, from
where users can apply for X.509 digital certificates.
On the certificate application web form, I have a dropdown list of
cryptographic providers. T
Hello,
The BBC news articles below address privacy concerns
over states' and corporations' use of personal data.
I think you will find the links useful.
Thanks,
Mashi
The basic summary is the following:
1. States collect personal info by various methods
(eg:CCTV/closed-circuit TV in roadways).
Co
Wan-Teh Chang wrote:
> Allan (beaufour), you should be able to build the CFB128 mode
> yourself using the ECB mode as a primitive. It seems
> straightforward to me (because 128 is the block size, you
> don't need to shift). This way you don't need to wait for
> the support of AES in CFB128 mode
Nelson B wrote:
> Frank Lee wrote:
> > Found Cl to be from Microsoft Visual Studio 8
>
> Right. It's Microsoft's version of "cc", the c compiler.
>
> > cl -Fonow.obj -c -W3 -nologo -GF -Gy -MD -O2 -UDEBUG -U_DEBUG -UWINNT
> > -DNDEBUG=1 -DXP_PC=1 -DWIN32=1 -DWIN95=1 -D_PR_GLOBAL_THREADS_ON
Julien Pierre wrote:
> Frank,
>
> Frank Lee wrote:
> > sh ../../build/cygwin-wrapper
> > cl -Fonow.obj -c -W3 -nologo -GF -Gy -MD -O2 -UDEBUG -U_DEBUG -UWINNT
> > -DNDEBUG=1 -DXP_PC=1 -DWIN32=1 -DWIN95=1 -D_PR_GLOBAL_THREADS_ONLY=1
> > -D_X86_=1
> > -DFORCE_PR_LOG
> > /cygdrive/c/Frank_L
Hi,
I noticed that the certhigh/ and certdb/ provide some certificate
related APIs. But there is not API in signing a certificate. In the
cmd/certutil.c, it has a few functions that sign certificates and
certificate request.
Shall we provide some cert signing API from the NSS library itself?
W
done for NSS lib
and I am not good at gmake to be able to change gmake rules. Please
let me know if you get pass this problem.
Wei
Frank Lee wrote:
> Hi,
> while trying to build NSS using instructions from [EMAIL PROTECTED]'s
> thread below on "Help on building NSPR, NSS on Wind
Hi,
HASH_* APIs provide a good wrapper for the hashing algorithms.
But secsign.c does not use any of these. It instead calls
create/update/end directly on the hash context.
Would it be better to use HASH_* APIs in secsign.c?
Wei
___
dev-tech-crypto
own option
'/cygdrive/c/mozilla/m
ozilla/security/dbm/src/../../../dbm/src/h_bigkey.c'
cl : Command line error D8003 : missing source filename
VC++ is dumb and treat the path as an option.
Wei
[EMAIL PROTECTED] wrote:
> Thanks!
>
> It turns out that the file "configure" ha
drive/c/Program
Files/Microsoft Visual
Studio 8/SDK/v2.0/bin
is the path wrong?
Thanks,
Wei
Wan-Teh Chang wrote:
> [EMAIL PROTECTED] wrote:
> > I downloaded NSPR 4.6.1 and NSS 3.11 from CVS. But build on Windows
> > failed.
> >
> > I have cygwin, VC++ 2005 personal
I downloaded NSPR 4.6.1 and NSS 3.11 from CVS. But build on Windows
failed.
I have cygwin, VC++ 2005 personal edition, and moztools installed. OS
is Windows XP
It failed on nspr configure. Do I need autoconf on my Windows?
: command not found:
: command not found:
: command not found6:
: comm
Wan-Teh Chang wrote:
> [EMAIL PROTECTED] wrote:
> > NSS 3.11 is the most recent version is it not? Are there updated
> > release notes / build instructions somewhere?
>
> The most recent version of NSS is NSS 3.11.3. It should be
> used with NSPR 4.6.3. The CVS tag
NSS 3.11 is the most recent version is it not? Are there updated
release notes / build instructions somewhere?
http://www.mozilla.org/projects/security/pki/nss/ seems a little
outdated.
___
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
h
[EMAIL PROTECTED] wrote:
> Wan-Teh Chang wrote:
> > [EMAIL PROTECTED] wrote:
> > > Wan-Teh Chang wrote:
> > >> Why would you like to use the CFB mode?
> > >
> > > Because that's what the current (non-NSS) code does. I'd rather just
> &g
Wan-Teh Chang wrote:
> [EMAIL PROTECTED] wrote:
> > Wan-Teh Chang wrote:
> >> Why would you like to use the CFB mode?
> >
> > Because that's what the current (non-NSS) code does. I'd rather just
> > port, not change, the code.
>
> Is the C
Wan-Teh Chang wrote:
> [EMAIL PROTECTED] wrote:
> > Is it possible to use AES in CFB128 mode using NSS? If yes, how? :)
> >
> > (if no, why not? :) )
>
> No, CFB128 mode is not implemented. You can only use
> AES in ECB or CBC mode.
>
> Nobody asked for CFB
Is it possible to use AES in CFB128 mode using NSS? If yes, how? :)
(if no, why not? :) )
___
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
[EMAIL PROTECTED] wrote:
> Wan-Teh Chang wrote:
> > [EMAIL PROTECTED] wrote:
> > > I've followed the build instructions on checkout and building NSS
> > > (after giving up on getting it to build the cmd utils inside my main
> > > mozilla tree). It also com
Wan-Teh Chang wrote:
> [EMAIL PROTECTED] wrote:
> > I've followed the build instructions on checkout and building NSS
> > (after giving up on getting it to build the cmd utils inside my main
> > mozilla tree). It also compiles fine, but I cannot seem to actually run
>
om the lib
directory:
[EMAIL PROTECTED] /cygdrive/c/nss/mozilla/dist/WINNT5.1_DBG.OBJ/lib
$ ../bin/rsaperf.exe
Which only results in:
"The application failed to initialize properly (0xc022). Click on
OK to terminate the application."
My env. is (cygwin) Windows XP, and I'm usually a
Is the error message ("Dearpark and secureads.ft.com can not
communicate securily because they have no common encryption
algorithms?") generated from
http://news.ft.com/cms/s/257d272e-c665-11da-99fa-779e2340.html
anything to do with this?
___
dev-tec
You're aware that mozilla has an "ask every time" option, right?-YESBut options are for all user certificates. Automatic or manual.If a SERVER A request certificate of CA 2 (included in SERVER A ring) made for SERVER B, mozilla will send user certificate (and datum of SERVER B) for SERVER B to SERV
Hello, (I think that...)I see that mozilla in automatic mode, return certificate that server request. Is a good choice for easy use of user certificates. But if server is not very clean in use of datum of certificate can be a compromise of privacy.I think that could be a good choice that mozilla on
31 matches
Mail list logo