RE: Question about JSS FIPS compliance

2008-07-29 Thread David Stutzman
-Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] la.org] On Behalf Of Nelson B Bolyard Sent: Monday, July 28, 2008 6:48 PM To: mozilla's crypto code discussion list Subject: Re: Question about JSS FIPS compliance JSS also provides an interface for putting

Re: Question about JSS FIPS compliance

2008-07-29 Thread Dean
On Jul 28, 6:47 pm, Nelson B Bolyard [EMAIL PROTECTED] wrote: Dean wrote, On 2008-07-28 13:50: If an application wants to claim FIPS compliance does it have to be implemented following all the guidelines set out in the FIPS certified applications Security Policy document? Specifically

Re: Question about JSS FIPS compliance

2008-07-29 Thread Wan-Teh Chang
On Tue, Jul 29, 2008 at 5:59 AM, Dean [EMAIL PROTECTED] wrote: So the question I have is really that the JSS source code does not appear to actually call any FC_ functions. If that really is the case then is JSS really a FIPS compliant implementation? Or, more likely, the JSS code really is

Re: Question about JSS FIPS compliance

2008-07-29 Thread Nelson B Bolyard
Wan-Teh Chang wrote, On 2008-07-29 09:51: NSS treats its own software crypto module (softoken) as a PKCS #11 module. ... because it IS a PKCS#11 module. :) NSS calls the functions of a PKCS #11 module through function pointers. Here is an example:

Question about JSS FIPS compliance

2008-07-28 Thread Dean
If an application wants to claim FIPS compliance does it have to be implemented following all the guidelines set out in the FIPS certified applications Security Policy document? Specifically I suppose I'm trying to confirm that JSS is a FIPS compliant library and, if a Java application can be

Re: Question about JSS FIPS compliance

2008-07-28 Thread Nelson B Bolyard
Dean wrote, On 2008-07-28 13:50: If an application wants to claim FIPS compliance does it have to be implemented following all the guidelines set out in the FIPS certified applications Security Policy document? Specifically I suppose I'm trying to confirm that JSS is a FIPS compliant

Re: Question about JSS

2007-05-15 Thread Dennis Sinelnikov
Hello Diego, You should be able to see the public info of the certificates without specifying the password. For example, this worked for me: // initialize cryptomanager... CryptoManager manager = CryptoManager.getInstance(); CryptoToken token = manager.getInternalKeyStorageToken();

Question about JSS

2007-05-11 Thread Diego Augusto
Hi all! I'm using JSS and I have a question: Is there a way of get information of certificates without enter the password of a token? We have identified some points that the password callback is called. See the following example: //initialization code... CryptoManager cryptoManagerInstance =