Bonjour, Le lundi 3 mars 2014 13:31:20 UTC+1, Raad Bahmani a écrit : > I need to implement a PKCS11-library which simulates a smart-card and > responds to login attempts with SSL certificates.
Your simulated smartcard won't do any login with SSL cert (it won't go that high). When the Mozilla product will perform the TLS handshake and the server asks for a client authentication, it will search for acceptable certificates in all the connected devices and display a list to the user. If the user chooses a certificate whose private key is stored in your simulated smartcard, the Mozilla product will ask your simulated smartcard to perform a signature operation. > I have found out that SSL needs the following mechanisms, so the > "C_GetMechanismList" of my library specifies them as supported. > > - CKM_SSL3_PRE_MASTER_KEY_GEN > - CKM_SSL3_MASTER_KEY_DERIVE > - CKM_SSL3_KEY_AND_MAC_DERIVE > - CKM_SSL3_MD5_MAC > - CKM_SSL3_SHA1_MAC You obviously also need to implement them, not only declare them as supported. And I don't think those are necessary at all for client auth. > When trying to login using SSL the following functions are called before > the firefox crashes ! :/ > > These are my questions: > > 1) What are these objects: ce534354, ce534353, b316030, > 102, 318c8130, e0d0302 These are pointers. Please read PKCS#11 v2+. -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
