Kaining Gu wrote:
> Hi, > > I have a program that needs to do DES encryption/decryption on a > string. It uses only two openssl functions: > > des_set_key_unchecked(); > des_ncbc_encrypt( DES_ENCRYPT or DES_DECRYPT ); PK11_CreateContextByRawKey(); /* create an encryption context from raw key data */ PK11_Op() /* encrypt/decrypt using the above context * PK11_DestroyContext(); /* destroy the context when you are through */ NOTE: PK11_CreateContextByRawKey() will fail if you are running in FIPs mode. FIP does not allow you to import or export raw key material into a token. If you need to allow the token to manage or generate the requested key. NSS has functions (called SDR_ functions) which are designed to manage DES keys used to wrap important content like web passwords. These keys are stored in the softoken, protected by the same PBE used to protect the user's private keys. > > Could someone please tell me what the NSS counterparts (i.e. > encrypt/decrypt a string with DES key) are? > > Any help is appreciated, > Kaining > >
