On Mon, Jul 7, 2008 at 6:40 AM, avih <[EMAIL PROTECTED]> wrote: > > 2. Use NSS pkcs11 test tools (preferably pre-compiled for win32) for > testing compliancy of our implementation with Firefox. I know this isn't > a formal compliancy test, but it would be a good start. I saw several > threads on this subject, but thus far, none was explicit enough as for > the procedures one should use to achieve that goal. also, in conjunction > with my 1st question, can this compliancy test be used with the above > mentioned soft-token+pkcs11 implementation?
The NSS PKCS #11 compliance test suite (http://www.mozilla.org/projects/security/pki/pkcs11/netscape/) is not usable right now for two reasons: 1. It is out of date, and no longer reflects how the Mozilla clients (Firefox, Thunderbird, etc.) are using PKCS #11 libraries. 2. It is missing two or three test tools. We never had the time to clean up the source code of those test tools and open-source them. You can modify the pk11mode.c test program I mentioned in my previous reply to test your PKCS #11 library. There is also a pk11util.c test program that you may be able to use: http://lxr.mozilla.org/security/source/security/nss/cmd/pk11util/ Wan-Teh _______________________________________________ dev-tech-crypto mailing list [email protected] https://lists.mozilla.org/listinfo/dev-tech-crypto
