On 2010/05/07 12:16 PDT, Klaus Heinrich Kiwi wrote: > On Tue, 04 May 2010 09:28:58 -0700 > Nelson B Bolyard <nel...@bolyard.me> wrote:
>> It's all handled by the SSL library. > > Nelson, > > but when implementing a PKCS#11 token, we should be performing the > PKCS#11 v1.5 padding for the CKM_RSA_PKCS method, right? Your PKCS#11 module must implement the mechanisms as defined by PKCS#11. It's up to NSS's SSL library to choose the right mechanism for the job at hand. For SSL 3.0, it will choose CKM_RSA_PKCS. For SSL 2, it will choose CKM_RSA_X_509 so that it can handle the non-standard padding. > Should we worry about the PKCS padding specified in SSLv2 > "compatibility mode"? > Should we use the 'all random' version or the 'last 8 bytes with 0x03' > version? See above. > We're trying to identify why our implementation works OK with TLSv1 > while it fails with SSLv3. It all looks the same from a PKCS#11 > point-of-view None of the issues above differ between SSL3 and TLS. They differ between SSL2 and SSL3/TLS. I think you should focus on the areas that differ between SSL3 and TLS, which are numerous, but not here. Key derivations are all different. I'd look there next. -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto