On 2009-07-22 06:09 PDT, nk wrote:
>> Is there any way I can reproduce what you're seeing?
>> I would probably require me to be able to access your CA server,
>> and perhaps also to trust your root cert for the test.
>
> There is no CA server involved at this point. All I am doing is
> supplying a Base-64 encoded certificate to encrypt the private key
> with. Here is the value:
[Snipped]
> Then I pass it to generateCRMFRequest() like so:
>
> var crmfObject = window.crypto.generateCRMFRequest ('CN=Test
> CRMF', null, null, bigString
> '',
> 1024, null, 'rsa-ex');
>
> the request is then placed on a form and sent to a servlet where I
> retrieve the CRMF from the HTTP request and decode it.
>
> Can you generate a CRMF request yourself with my cert and analyze the
> POP section of the generated CRMF request ?
Please email me a copy of the entire web page with the above javascript
in it and whatever else it has. I may be able to trace through it.
> Or perhaps you could decode the CRMF request I get and see if you
> observe the same ?
[snipped] Alas, NSS's utility programs do not include any tools to decode
and print CRMF requests and CMMF responses.
> Please note that the ArchiveControl structure is generated ok and
> seems to contain the generated private key (I have not tried to
> actually decrypt it) so I would rule out that the generation or
> encryption part fails.
>
> Thanks,
> Nikolai.
--
12345678901234567890123456789012345678901234567890123456789012345678901234567890
00000000011111111112222222222333333333344444444445555555555666666666677777777778
--
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
