Wan-Teh Chang wrote: > On Mon, Jul 7, 2008 at 6:40 AM, avih <[EMAIL PROTECTED]> wrote: >> 2. Use NSS pkcs11 test tools (preferably pre-compiled for win32) for >> testing compliancy of our implementation with Firefox. I know this isn't >> a formal compliancy test, but it would be a good start. I saw several >> threads on this subject, but thus far, none was explicit enough as for >> the procedures one should use to achieve that goal. also, in conjunction >> with my 1st question, can this compliancy test be used with the above >> mentioned soft-token+pkcs11 implementation? > > The NSS PKCS #11 compliance test suite > (http://www.mozilla.org/projects/security/pki/pkcs11/netscape/) > is not usable right now for two reasons: > 1. It is out of date, and no longer reflects how the Mozilla clients > (Firefox, Thunderbird, etc.) are using PKCS #11 libraries. > 2. It is missing two or three test tools. We never had the time > to clean up the source code of those test tools and open-source > them. > > You can modify the pk11mode.c test program I mentioned > in my previous reply to test your PKCS #11 library. There is > also a pk11util.c test program that you may be able to use: > http://lxr.mozilla.org/security/source/security/nss/cmd/pk11util/ > > Wan-Teh
Thank you very much for both your replies. Looks like good starting points, which I'll start to explore. avih _______________________________________________ dev-tech-crypto mailing list [email protected] https://lists.mozilla.org/listinfo/dev-tech-crypto
