Subrata Mazumdar wrote:
Thanks Wan-Teh for the suggestion.
No, requiring custom version of Firefox to use ECC key based certificate
enrollment is not realistic.
It just does not seem right to disable access to all licensed ECC
implementation just because Mozilla wants to disable the ECC
Thanks Wan-Teh for the suggestion.
No, requiring custom version of Firefox to use ECC key based certificate
enrollment is not realistic.
It just does not seem right to disable access to all licensed ECC
implementation just because Mozilla wants to disable the ECC
implementation in the NSS
Subrata Mazumdar wrote, On 2009-05-14 20:53:
I just have another question. According to the source code
(http://mxr.mozilla.org/security/source/security/nss/lib/cryptohi/secsign.c#92)
signing with EC key is disabled irrespective of underlying security
device. What about if I am using a
Kaspar Brand wrote, On 2009-05-13 22:16:
Subrata Mazumdar wrote:
As I have said in the earlier message, I have no problem in generating
EC key-pair. I get error when I try to sign the request using the
private key.
Maybe you're falling prey to this bug?
Nelson B Bolyard wrote:
Kaspar Brand wrote, On 2009-05-13 22:16:
Subrata Mazumdar wrote:
As I have said in the earlier message, I have no problem in generating
EC key-pair. I get error when I try to sign the request using the
private key.
Maybe you're falling prey to this
Hi,
I am not able generate key using window.crypto.generateCRMFRequest()
method. I have tried all there possible types : rsa, dsa, and ec.
I am attached my test code fragment. I am running the test within an
add-on - on Firefox 3.0.10/Fedora8.
I am getting NS_ERROR_FAILURE in exception
On further testing and reading the description of generateCRMFRequest()
method doc, I figured out why the key generation was failing.
I have to pass keySize as integer type not string type.
function testKeyGeneration()
{
doGenerateCRMFCSRByCryptoTest(cn=xxx,o=abc.com, rsa',
parseInt(1024));
Subrata Mazumdar wrote:
On further testing and reading the description of generateCRMFRequest()
method doc, I figured out why the key generation was failing.
I have to pass keySize as integer type not string type.
The key genartion now works for RSA and DSA key types but it still fails
for
On Wed, May 13, 2009 at 08:16:39AM -0400, Subrata Mazumdar wrote:
Hi,
I am not able generate key using window.crypto.generateCRMFRequest()
check:
https://developer.mozilla.org/En/JavaScript_crypto/GenerateCRMFRequest
this works for me:
m=crypto.generateCRMFRequest(CN=vvv, regToken, null,
Thanks David.
For EC, if no curve name is given then the type of keysize is used to
pick either P-256 or P-384 curve. I tried with and without curve name -
it fails both cases.
I also looked into the source code
(.../security/manager/ssl/src/nsCrypto.cpp) of PSM for FF3. The support
for EC
Subrata Mazumdar wrote, On 2009-05-13 06:45 PDT:
The key genartion now works for RSA and DSA key types but it still fails
for EC key type.
else if (keyType == dsa) {
keyGenAlg = dsa-sign-nonrepudiation;
keyParams = null;
}
That's strange. Your DSA test code should
Nelson B Bolyard wrote:
Subrata Mazumdar wrote, On 2009-05-13 06:45 PDT:
The key genartion now works for RSA and DSA key types but it still fails
for EC key type.
else if (keyType == dsa) {
keyGenAlg = dsa-sign-nonrepudiation;
keyParams = null;
}
According to
Subrata Mazumdar wrote, On 2009-05-13 17:58:
Nelson B Bolyard wrote:
That's strange. Your DSA test code should NOT have worked. I wonder
how it could have worked, given that you supplied no params.
According to the source code
Subrata Mazumdar wrote:
As I have said in the earlier message, I have no problem in generating
EC key-pair. I get error when I try to sign the request using the
private key.
Maybe you're falling prey to this bug?
https://bugzilla.mozilla.org/show_bug.cgi?id=367577
Kaspar
--
14 matches
Mail list logo