robert dugal wrote: > I want to configure Firefox 1.5 to use my own PKCS11 provider as the > default for all algorithms supported by my provider. I cannot appear to > do this from the "Device Manager" dialog as that dialog has no way to > set specify which algorithms should default to my library. The NSS > utility modutil has the ability to install the p11 provider and > configure which algorithms are default. Unfortunately modutil is not > distributed with Firefox. When I got the v1.5 source tarball modutil > source is there but I cannot get it to build. I tried several different > binary releases NSS (3.9, 3.10,3.11) but in all cases modutil only > allows specifying some algorithms as the default mechanisms. AES is not > one of these so the internal NSS provider always ends up being the default.
You found a bug! AES wasn't added to modutil when it was added to everything else in NSS. Please file a bug about this in bugzilla.mozilla.org, product NSS, component tools. And CC me in the bug report. (Remove NO and SPAM from my email address to get the real one) > Is there any other way to configure my provider as the default? Are you sure that's really what you want to do? Does your module implement all the SSL-related PKCS#11 mechanisms? If not, it may be necessary to move keys from one module to another, which is typically quite costly (in terms of performance). -- Nelson B _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
