Hello there, It's great to see this work progressing!
For technical questions about the behaviour of our crypto code, you are more likely to find help in the mozilla.dev.tech.crypto newsgroup than you are here in mozilla.dev.security.
I suggest repeating your question there. Cheers, Johnathan On 4/14/2010 5:22 AM, wei deng wrote:
Hi, I am an engineer working in mozilla China, I'm going to provide a solution for Chinese banks which support IE only in China now. The problem I met is that: There are many vendors who supply smart-cards for banks, they have implemented the pkcs#11 modules(maybe implemented most parts of pkcs#11).There are two kinds of certificates in the smart-card, one for personals, and one for bank which should be added to the clients' trusted certificates list. We can add their pkcs#11 security module into the secmod.db which is done by an installer made by banks. So, when starting Fx, it loads all the security modules in the secmod.db and load certificates into certificates list through PKCS#11 APIs aotumatically. Then we can see the security modules in the Fx security devices list and the personal certificat in the certificates list. I am not familiar with the PKCS#11 APIs, maybe they did not implenment some, so Fx could not load the certificat for bank into the trusted certificates list. We can get the certificate for bank now, how to load it into Fx as root certificate by other programme, not automatically? I have read the file of "cert.h", there is a function prototype SECStatus CERT_ImportCerts(CERTCertDBHandle *certdb, SECCertUsage usage, unsigned int ncerts, SECItem **derCerts, CERTCertificate ***retCerts, PRBool keepCerts, PRBool caOnly, char *nickname); Could I invoke it to solve the problem ? But the page https://developer.mozilla.org/en/NSS/Certificate_functions said the function is not available,I am very confused. Could you give me some advices? Best Wishes wdeng 2010.04.13 _______________________________________________ dev-security mailing list dev-security@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security
_______________________________________________ dev-security mailing list dev-security@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security