The NSS software PKCS #11 provider has two tokens, a "crypto" token and a "database" token. Some algorithms that are supported by the crypto token are not supported by the database token. This is determined by the list of algorithms in http://lxr.mozilla.org/mozilla/source/security/nss/lib/softoken/pkcs11.c .
For example, DES3_CBC_PAD is supported by the database token, but DES_CBC_PAD is not. Why are not all algorithms supported by the database token?
