Daniel Etzold wrote:
What to you return for flags for C_GetTokenInfo(). Make sure you aren't returning CKF_READONLY if you want NSS to store certs in your card.Hi,I'm developing a security module for Mozilla which communicates with a basic card which I want to use as a container for keys and certificates. I am able to load the module and to login into the token. Now, I want to import a certificate and want to store it on the token but I am only able to store it in the software security device.Did I forget to set and status bits or flags?
You will need to implement C_CreateObject(). If you want the keys generated on your token, you will need to implement C_GenerateKeyPair(). To use your cert and key you will need C_SignInit(), C_Sign() and C_UnwrapKey() or C_DecryptInit() and C_Decrypt(). NSS will primarily use CKM_RSA_PKCS for most tokens.
bob
On C_GetSessionInfo I return pInfo->state = CKS_RW_USER_FUNCTIONS; pInfo->flags = CKF_RW_SESSION | CKF_SERIAL_SESSION; On C_GetMechanismList I return the following 10 mechanisms: pMechanismList[ 0 ] = CKM_RSA_PKCS_KEY_PAIR_GEN; pMechanismList[ 1 ] = CKM_RSA_PKCS; pMechanismList[ 2 ] = CKM_RSA_9796; pMechanismList[ 3 ] = CKM_RSA_X_509; pMechanismList[ 4 ] = CKM_MD2_RSA_PKCS; pMechanismList[ 5 ] = CKM_MD5_RSA_PKCS; pMechanismList[ 6 ] = CKM_SHA1_RSA_PKCS; pMechanismList[ 7 ] = CKM_MD2; pMechanismList[ 8 ] = CKM_MD5; pMechanismList[ 9 ] = CKM_SHA_1; Thank you Daniel _______________________________________________ mozilla-crypto mailing list [email protected] http://mail.mozilla.org/listinfo/mozilla-crypto
smime.p7s
Description: S/MIME Cryptographic Signature
