HI!
I'd like to generate and verify a detached signature (in a separate
file) with a key from my Seamonkey profile. Is this approach with
cmsutil ok (single command-line wrapped here)?
cmsutil -S -d ~/.mozilla/xxxxxxx/ -N "cert nickname" -G -H SHA1 -T -i
name.tar.gz -o name.tar.gz.p7m
From my understanding this accesses the cert/key DB only for reading.
Is it a problem if the Seamonkey is still running?
How about verifying it? I've tried this command which does not output
any verification result:
cmsutil -D -d ~/.mozilla/xxxxxxx/ -c name.tar.gz -i name.tar.gz.p7m -o test
I also tried signver but this hangs:
signver -V -v -d ~/.mozilla/xxxxxxx/ -i name.tar.gz -s name.tar.gz.p7m
strace output of hanging signver:
------------------------- snip -------------------------
open("name.tar.gz", O_RDONLY|O_LARGEFILE) = 5
open("name.tar.gz.p7m", O_WRONLY|O_CREAT|O_TRUNC, 0666) = 6
read(0,
------------------------- snip -------------------------
This is all done with openSUSE 11.0 packages:
mozilla-nss-3.12.0-23.4
mozilla-nss-tools-3.12.0-23.4
Ciao, Michael.
_______________________________________________
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
