Bob Relyea wrote:
Wan-Teh Chang wrote:
itspki wrote:
Hi all:
I load my pkcs#11 modules to mozilla explore and it is worked. I log
all the calling process, I found when i login my token in the
security device manager, the function C_FindObjectsInit called, and
the CKA_CLASS is 0xce534353, ulCount is 1.
I'm very disbelieve about the CKA_CLASS is 0xce534353, but it's a
fact. Who can tell me why?
That must be one of the vendor-defined macros defined
by NSS:
http://lxr.mozilla.org/security/source/security/nss/lib/softoken/pkcs11n.h
The 0xce534353 CKA_CLASS value is CKO_NETSCAPE_TRUST.
Your token should return an appropriate CK_RV if it
doesn't recognize this CKA_CLASS value.
The appropriate RV is CKR_OK with a null list of objects. Anytime you
see and object class or attribute that is netscape specific, it's
perfectly OK for your module to ignore (not match) or for C_SetAttribute
or C_GetAttribute, set the CKR_INVALID_ATTRIBUTE error. As long as you
support the documented attributes, NSS will work fine (the Netscape
specific attributes are to support extended functions).
bob
Wan-Teh
_______________________________________________
mozilla-crypto mailing list
mozilla-crypto@mozilla.org
http://mail.mozilla.org/listinfo/mozilla-crypto
Hi bob:
Thank you very much for your answer my question.
Did you mean if my pkcs#11 modules work with Mozilla, it must support
Netscape specific objects such as CKO_NETSCAPE_TRUST, and other
attributes Netscape specified?
Best regards.
Itspki
_______________________________________________
mozilla-crypto mailing list
mozilla-crypto@mozilla.org
http://mail.mozilla.org/listinfo/mozilla-crypto