Emilio Perez wrote:
Hello.
Is there any way to create a new Software security device besides the
one that is bundled with Mozilla/Firefox?
The Software security device is basically a PKCS #11 module. You can
load additional pkcs #11 modules to support external hardware or your
own idea of the cert store. There is nothing magic about hardware, the
same interface works for all new security devices.
NSS uses the following criteria to decide what security device it will
use for a given task:
1) If there is a key involved in the operation, NSS checks to see if the
device which holds the key can do the given operation, if it can NSS
continues to use that device.
2) If there is no key involved, or the key is a public key, or the
device in which the key lives cannot do the given operation, NSS will
select the 'default' device for that operation. In practice this is
almost always the software security device. It is possible to select
another device as the default device for certain operations (like an RSA
accellerator, for instance). NSS's behavior is undefined if you have
more than one default device.
3) Certain operation involving creation or import of cert and keys, the
application typically prompts the user for where to import the key.
I know it is possible to add new hardware security devices, and then
choose among all of them.
And I need to do it in the same profile. I am doing some tests and
need to select between security devices (this is the important part
for my tests).
The best way to handle your tests is to import different keys and certs
into each of your test security devices, then use the appropriate key or
cert to select your security device.
Thank you in advance.
Emilio Perez.
_______________________________________________
mozilla-crypto mailing list
mozilla-crypto@mozilla.org
http://mail.mozilla.org/listinfo/mozilla-crypto
_______________________________________________
mozilla-crypto mailing list
mozilla-crypto@mozilla.org
http://mail.mozilla.org/listinfo/mozilla-crypto
