Wan-Teh Chang wrote:
itspki wrote:Hi all:I load my pkcs#11 modules to mozilla explore and it is worked. I log all the calling process, I found when i login my token in the security device manager, the function C_FindObjectsInit called, and the CKA_CLASS is 0xce534353, ulCount is 1. I'm very disbelieve about the CKA_CLASS is 0xce534353, but it's a fact. Who can tell me why?That must be one of the vendor-defined macros defined by NSS:http://lxr.mozilla.org/security/source/security/nss/lib/softoken/pkcs11n.hThe 0xce534353 CKA_CLASS value is CKO_NETSCAPE_TRUST. Your token should return an appropriate CK_RV if it doesn't recognize this CKA_CLASS value.
The appropriate RV is CKR_OK with a null list of objects. Anytime you see and object class or attribute that is netscape specific, it's perfectly OK for your module to ignore (not match) or for C_SetAttribute or C_GetAttribute, set the CKR_INVALID_ATTRIBUTE error. As long as you support the documented attributes, NSS will work fine (the Netscape specific attributes are to support extended functions).
bob
Wan-Teh _______________________________________________ mozilla-crypto mailing list mozilla-crypto@mozilla.org http://mail.mozilla.org/listinfo/mozilla-crypto
smime.p7s
Description: S/MIME Cryptographic Signature