David Stutzman wrote: > As an additional note on this I tried extending PBEAlgorithm so I could > create one using the constructor and I passed in 8 for the salt length > instead of the 20 that is passed in by default with the > PBE_SHA1_DES3_CBC static I am using. JSS still gave me the longer salt > when I viewed it with dumpasn1. So unless I'm totally off base in > assuming that 3rd SEQUENCE is the salt, I'm at a loss here.
David, for about 10 years now, the NSS team's answer to inquiries about PKCS#8 have been that: - NSS doesn't support bare PKCS#8 for key import or key export. - PKCS#12 is the protocol/format which all major PKI/SSL implementations agree to support, and for which they test interoperability. - NSS team recommends that you use PKCS#12. /Nelson _______________________________________________ dev-tech-crypto mailing list [email protected] https://lists.mozilla.org/listinfo/dev-tech-crypto
