On 2009-07-22 06:09 PDT, nk wrote: >> Is there any way I can reproduce what you're seeing? >> I would probably require me to be able to access your CA server, >> and perhaps also to trust your root cert for the test. > > There is no CA server involved at this point. All I am doing is > supplying a Base-64 encoded certificate to encrypt the private key > with. Here is the value:
[Snipped] > Then I pass it to generateCRMFRequest() like so: > > var crmfObject = window.crypto.generateCRMFRequest ('CN=Test > CRMF', null, null, bigString > '', > 1024, null, 'rsa-ex'); > > the request is then placed on a form and sent to a servlet where I > retrieve the CRMF from the HTTP request and decode it. > > Can you generate a CRMF request yourself with my cert and analyze the > POP section of the generated CRMF request ? Please email me a copy of the entire web page with the above javascript in it and whatever else it has. I may be able to trace through it. > Or perhaps you could decode the CRMF request I get and see if you > observe the same ? [snipped] Alas, NSS's utility programs do not include any tools to decode and print CRMF requests and CMMF responses. > Please note that the ArchiveControl structure is generated ok and > seems to contain the generated private key (I have not tried to > actually decrypt it) so I would rule out that the generation or > encryption part fails. > > Thanks, > Nikolai. -- 12345678901234567890123456789012345678901234567890123456789012345678901234567890 00000000011111111112222222222333333333344444444445555555555666666666677777777778 -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto