Re: AES in CFB128 mode?

2006-09-25 Thread [EMAIL PROTECTED]
Wan-Teh Chang wrote: [EMAIL PROTECTED] wrote: Wan-Teh Chang wrote: Why would you like to use the CFB mode? Because that's what the current (non-NSS) code does. I'd rather just port, not change, the code. Is the CFB mode used in your implementation of some standard? Just curious.

Re: AES in CFB128 mode?

2006-09-25 Thread [EMAIL PROTECTED]
[EMAIL PROTECTED] wrote: Wan-Teh Chang wrote: [EMAIL PROTECTED] wrote: Wan-Teh Chang wrote: Why would you like to use the CFB mode? Because that's what the current (non-NSS) code does. I'd rather just port, not change, the code. Is the CFB mode used in your implementation of

Re: How to map a selected certificate into a pkcs11 module?

2006-09-25 Thread ben
Nelson, Thanks a lot for your helps. Now I have found and fixed my problem. It comes from a CKA_VALUE checking, not from the CKA_ID checking. Nelson B wrote: ben wrote: In my case both the attributes CKA_ID and CKA_LABEL are set to a same unique name regardless whether the cert subject

How to disable the SSL cache?

2006-09-25 Thread ben
Hi there, I am running a Client-side SSL connection using Firefox browser 1.5. I found a problem with it is the SSL caching. Open an FF browser and started a Client-side SSL connection to a web server. It's fine. Now I want to open a different SSL connection with a different user account and

Re: How to disable the SSL cache?

2006-09-25 Thread Julien Pierre
ben wrote: Hi there, I am running a Client-side SSL connection using Firefox browser 1.5. I found a problem with it is the SSL caching. Open an FF browser and started a Client-side SSL connection to a web server. It's fine. Now I want to open a different SSL connection with a different user

Re: AES in CFB128 mode?

2006-09-25 Thread Nelson B
[EMAIL PROTECTED] wrote: Why would you like to use the CFB mode? Because that's what the current (non-NSS) code does. I'd rather just port, not change, the code. Is the CFB mode used in your implementation of some standard? Just curious. No, it is not a standard. But it is used by SNMP

Re: handshake, next handshake, security handshake

2006-09-25 Thread Nelson B
Peter Djalaliev wrote: Hello, I have a question about something I don't understand in the SSL implementation of NSS. When ssl_Do1stHandshake is called, it checks three handshake function pointers in the sslSocket struct: handshake, nextHandshake and securityHandshake. What is the

Re: export web sites certificate

2006-09-25 Thread Nelson B
Kaspar Brand wrote: https://bugzilla.mozilla.org/show_bug.cgi?id=315871 Would it make sense to create a separate bug entry for the getPKCS7() patch, since this is actually a backend-only thing? Kaspar, let me suggest that you write to Kai and ask him directly how to proceed. -- Nelson B