from:"Opa114"

Re: NSS open multiple NSS-Databses at once?

2017-01-11 Thread Opa114

Am Mittwoch, 11. Januar 2017 14:23:45 UTC+1 schrieb John Dennis:
> On 01/11/2017 03:21 AM, Opa114 wrote:
> > Am Mittwoch, 11. Januar 2017 00:45:45 UTC+1 schrieb Robert Relyea:
> >> On 01/10/2017 02:07 PM, Opa114 wrote:
> >>> Am Dienstag, 10. Januar 2017 22:24:10 UTC+1 schrieb Robert Relyea:
> >>>> On 01/10/2017 10:18 AM, Opa114 wrote:
> >>>>> thanks, but these facts i know.
> >>>>> I don't want top let multiple applications open one Database, i want to 
> >>>>> open multiple different Mozilla databases, in the old standard format, 
> >>>>> with one (my) application.
> >>>>>
> >>>>> I tried to use the NSS_Init functions. These works with openening one 
> >>>>> database, but when i open a second one the whole application crashes,so 
> >>>>> that's why i asked the question and may be get some working example c++ 
> >>>>> code?
> >>>> 1) Where are you crashing (it's not expected to work, but I don't expect
> >>>> a crash because you called NSS_Init again).
> >>>>
> >>>> 2) To open additional databases you want to use SECMOD_OpenUserDB:
> >>>>
> >>>> https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/PKCS11_Functions#SECMOD_OpenUserDB
> >>>>
> >>>> You can call that multiple times.
> >>>> Once the database is opened any of the NSS find functions will find all
> >>>> the certs in both databases. The slot returned from SECOMD_OpenUserDB
> >>>> can be used in functions that take a slot to narrow the operations just
> >>>> to that particular database.
> >>>>
> >>>> To NSS each database will look basically like a smart card.
> >>>>
> >>>> When you are through with that database you can use SECMOD_CloseUserDB()
> >>>>
> >>>> bob
> >>>
> >>> thanks for reply. Here are first some little code of which did not work, 
> >>> that means it crashes:
> >>>
> >>> functionLoadFirefox() {
> >>> SECStatus rv = NSS_InitReadWrite(PATH_TO_FF_DB);
> >>> ... if success load Certificates with PK11_ListCerts(PK11CertListAll, 
> >>> NULL);
> >>> NSS_Shutdown();
> >>> }
> >>>
> >>> functionLoadThunderbird() {
> >>> SECStatus rv = NSS_InitReadWrite(PATH_TO_TB_DB);
> >>> ... if success load Certificates with PK11_ListCerts(PK11CertListAll, 
> >>> NULL);
> >>> NSS_Shutdown();
> >>> }
> >>>
> >>> So these are my two functions in which i opened and clos the databases 
> >>> and retrieve the certificates.
> >> So the certs you got from the first call is likely preventing
> >> NSS_Shutdown from completing. The certs hold references to the
> >> respective slots. Those references prevent NSS_Shutdown from closing
> >> completely. The will prevent the second NSS_Init from succeeding, so you
> >> probably crash in your second shutdown. You can detect this happened by
> >> looking at the return value from NSS_Shutdown().
> >>>
> >>> --> 2) To open additional databases you want to use SECMOD_OpenUserDB
> >>> So this means. First i have to call NSS_Init with let's say firefox 
> >>> database ad the i have to call SECMOD_OpenUserDB with the 
> >>> thudnerbirddatabse, right? Or must i load both with the SECMOD_OpenUserDB?
> >> You can either use NSS_Init with no database and then call
> >> SECMOD_OpenUserDB() for both, or you can call NSS_Init with one database
> >> and then call SECMOD_OpenUserDB with the other.
> >>>
> >>> --> Once the database is opened any of the NSS find functions will find 
> >>> all the certs in both databases
> >>> But i have to know from which databse the certificates are coming from. 
> >>> So i need to know that let's say Certificate ABC ist stored inside 
> >>> Firefox Databse and Certificate 123 is stored in Thunerbird Database. How 
> >>> can i do that? or is this not possible?
> >> The slot the database can be found in the cert->slot entry, but this
> >> will only give you ONE of the slots the cert lives in. If a cert exists
> >> in both databases, it will have a single entry on the list and be
> >> "somewhat" random which slot is listed (If you open one database with
> >> NSS_Init and the second with SECMOD_OpenUserDB()

Re: NSS open multiple NSS-Databses at once?

2017-01-11 Thread Opa114

Am Mittwoch, 11. Januar 2017 00:45:45 UTC+1 schrieb Robert Relyea:
> On 01/10/2017 02:07 PM, Opa114 wrote:
> > Am Dienstag, 10. Januar 2017 22:24:10 UTC+1 schrieb Robert Relyea:
> >> On 01/10/2017 10:18 AM, Opa114 wrote:
> >>> thanks, but these facts i know.
> >>> I don't want top let multiple applications open one Database, i want to 
> >>> open multiple different Mozilla databases, in the old standard format, 
> >>> with one (my) application.
> >>>
> >>> I tried to use the NSS_Init functions. These works with openening one 
> >>> database, but when i open a second one the whole application crashes,so 
> >>> that's why i asked the question and may be get some working example c++ 
> >>> code?
> >> 1) Where are you crashing (it's not expected to work, but I don't expect
> >> a crash because you called NSS_Init again).
> >>
> >> 2) To open additional databases you want to use SECMOD_OpenUserDB:
> >>
> >> https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/PKCS11_Functions#SECMOD_OpenUserDB
> >>
> >> You can call that multiple times.
> >> Once the database is opened any of the NSS find functions will find all
> >> the certs in both databases. The slot returned from SECOMD_OpenUserDB
> >> can be used in functions that take a slot to narrow the operations just
> >> to that particular database.
> >>
> >> To NSS each database will look basically like a smart card.
> >>
> >> When you are through with that database you can use SECMOD_CloseUserDB()
> >>
> >> bob
> >
> > thanks for reply. Here are first some little code of which did not work, 
> > that means it crashes:
> >
> > functionLoadFirefox() {
> > SECStatus rv = NSS_InitReadWrite(PATH_TO_FF_DB);
> > ... if success load Certificates with PK11_ListCerts(PK11CertListAll, NULL);
> > NSS_Shutdown();
> > }
> >
> > functionLoadThunderbird() {
> > SECStatus rv = NSS_InitReadWrite(PATH_TO_TB_DB);
> > ... if success load Certificates with PK11_ListCerts(PK11CertListAll, NULL);
> > NSS_Shutdown();
> > }
> >
> > So these are my two functions in which i opened and clos the databases and 
> > retrieve the certificates.
> So the certs you got from the first call is likely preventing 
> NSS_Shutdown from completing. The certs hold references to the 
> respective slots. Those references prevent NSS_Shutdown from closing 
> completely. The will prevent the second NSS_Init from succeeding, so you 
> probably crash in your second shutdown. You can detect this happened by 
> looking at the return value from NSS_Shutdown().
> >
> > --> 2) To open additional databases you want to use SECMOD_OpenUserDB
> > So this means. First i have to call NSS_Init with let's say firefox 
> > database ad the i have to call SECMOD_OpenUserDB with the 
> > thudnerbirddatabse, right? Or must i load both with the SECMOD_OpenUserDB?
> You can either use NSS_Init with no database and then call 
> SECMOD_OpenUserDB() for both, or you can call NSS_Init with one database 
> and then call SECMOD_OpenUserDB with the other.
> >
> > --> Once the database is opened any of the NSS find functions will find all 
> > the certs in both databases
> > But i have to know from which databse the certificates are coming from. So 
> > i need to know that let's say Certificate ABC ist stored inside Firefox 
> > Databse and Certificate 123 is stored in Thunerbird Database. How can i do 
> > that? or is this not possible?
> The slot the database can be found in the cert->slot entry, but this 
> will only give you ONE of the slots the cert lives in. If a cert exists 
> in both databases, it will have a single entry on the list and be 
> "somewhat" random which slot is listed (If you open one database with 
> NSS_Init and the second with SECMOD_OpenUserDB() then the one you opened 
> with SECMOD_OpenUserDB() will be the slot that shows up.
> 
> To fix this issue, there's a function called PK11_GetAllSlotsForCert() 
> which returns a slotList and will return all the slots that hold this 
> cert. The slots map one for one to the databases you opened (or any 
> smart cards you have loaded). You can control the 'tokenName' of each 
> slot with the string arguments you pass to SECMOD_OpenUserDB(), and you 
> can get the token name with PK11_GetTokenName() on each slot on the list..
> 
> You could also use PK11_ListCertsInSlot() which takes a slot 
> (SECMOD_OpenUserDB() will return a slot for you) and lists only those 
> certs in that slot.
> 
> Be sure to f

Re: NSS open multiple NSS-Databses at once?

2017-01-10 Thread Opa114

Am Dienstag, 10. Januar 2017 22:24:10 UTC+1 schrieb Robert Relyea:
> On 01/10/2017 10:18 AM, Opa114 wrote:
> > thanks, but these facts i know.
> > I don't want top let multiple applications open one Database, i want to 
> > open multiple different Mozilla databases, in the old standard format, with 
> > one (my) application.
> >
> > I tried to use the NSS_Init functions. These works with openening one 
> > database, but when i open a second one the whole application crashes,so 
> > that's why i asked the question and may be get some working example c++ 
> > code?
> 1) Where are you crashing (it's not expected to work, but I don't expect 
> a crash because you called NSS_Init again).
> 
> 2) To open additional databases you want to use SECMOD_OpenUserDB:
> 
> https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/PKCS11_Functions#SECMOD_OpenUserDB
> 
> You can call that multiple times.
> Once the database is opened any of the NSS find functions will find all 
> the certs in both databases. The slot returned from SECOMD_OpenUserDB 
> can be used in functions that take a slot to narrow the operations just 
> to that particular database.
> 
> To NSS each database will look basically like a smart card.
> 
> When you are through with that database you can use SECMOD_CloseUserDB()
> 
> bob


thanks for reply. Here are first some little code of which did not work, that 
means it crashes:

functionLoadFirefox() {
SECStatus rv = NSS_InitReadWrite(PATH_TO_FF_DB);
... if success load Certificates with PK11_ListCerts(PK11CertListAll, NULL);
NSS_Shutdown();
}

functionLoadThunderbird() {
SECStatus rv = NSS_InitReadWrite(PATH_TO_TB_DB);
... if success load Certificates with PK11_ListCerts(PK11CertListAll, NULL);
NSS_Shutdown();
}

So these are my two functions in which i opened and clos the databases and 
retrieve the certificates.

--> 2) To open additional databases you want to use SECMOD_OpenUserDB
So this means. First i have to call NSS_Init with let's say firefox database ad 
the i have to call SECMOD_OpenUserDB with the thudnerbirddatabse, right? Or 
must i load both with the SECMOD_OpenUserDB?

--> Once the database is opened any of the NSS find functions will find all the 
certs in both databases
But i have to know from which databse the certificates are coming from. So i 
need to know that let's say Certificate ABC ist stored inside Firefox Databse 
and Certificate 123 is stored in Thunerbird Database. How can i do that? or is 
this not possible?
-- 
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto

NSS open multiple NSS-Databses at once?

2017-01-08 Thread Opa114

Hi there,

i have to use NSS in one of my applications and therefor i have to open 
multiple databases (for example Firefox and Thunderbird) at once to read and 
write into these. How can i do this programatically in C++? Some exmaple Code 
would be very helpful because the whole NSS-Stuff is not very well documented. 

Thnaks in advice! :)
-- 
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto

Re: LIBPKIX How To Use? (Windows)

2016-11-10 Thread Opa114

Am Mittwoch, 9. November 2016 23:10:36 UTC+1 schrieb Julien Pierre:
> Which LIB file are you using ? If it is a small LIB file, it is probably 
> just the import library for the DLL .
> 
> PKIX_PL functions are internal functions not exported from NSS3.dll . 
> Why do you want to use those functions directly ?
> 
> There is a public PKIX API, CERT_PKIXVerifyCert, which you should use.
> 
> Julien
> 
> 
> On 11/9/2016 05:56, Opa114 wrote:
> > Hi there,
> >
> > how can i use the LIBPKIX Library on Windows? Did it everytime only compile 
> > a *.lib file instead of a *.dll file like the nss3.dll? Everytime i try to 
> > use the PKIX_PL_Cert_VerifySignature Function for example i got the error 
> > that the reference to the function is undefined, which tells me that it has 
> > a problem with linking to the library - right?
> >
> > Anybody out there who can help?

because i want not not to verify the with it's usage. i want to check ifa cert 
was / has signed another certificate. There i no such function in NSS or 
haven't i seen that? So that why i wanted to use the 
PKIX_PL_Cert_VerifySignature function. or is there a public function which 
check the same?

The LIB was the pkixpki.lib.
-- 
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto

LIBPKIX How To Use? (Windows)

2016-11-09 Thread Opa114

Hi there,

how can i use the LIBPKIX Library on Windows? Did it everytime only compile a 
*.lib file instead of a *.dll file like the nss3.dll? Everytime i try to use 
the PKIX_PL_Cert_VerifySignature Function for example i got the error that the 
reference to the function is undefined, which tells me that it has a problem 
with linking to the library - right?

Anybody out there who can help?
-- 
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto

How are the private keys associated with the certificates in the NSS Database?

2016-06-17 Thread Opa114

Hi,

can someone tell me more about some technical detail. I want to know how the 
private keys stored ind the key3.db are associated / linked with the 
corresponding certificate stored in the cert8.db?

I could not find any detail how that was implemented. Hope someone could give 
me more information about this. Thanks a lot!
-- 
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto

How to use NSS in my C++ Project?

2015-11-10 Thread Opa114

Hi, 

can someone explain me how i use NSS and NSPR in my C++ Project? I'm new to C++ 
and want use in project the NSS libraries, so i thought i could include the 
header files i need, but did not work, so what's the right way?

Must i compile NSS and NSPR first and the use the DLL / Libs? Would be very 
helpful if someone could explain it in detail.

Thanks a lot!
-- 
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto

Re: New JSS Version?

2015-08-05 Thread Opa114

Am Dienstag, 14. Juli 2015 14:45:20 UTC+2 schrieb Opa114:
 Hi,
 
 when will be a new release of JSS come out? The last Version is very old and 
 did not support some features of latest NSS, which are very important for me. 
 And the JSS should be improved, because some methods are very bad or not 
 implemented.
 
 Any information?

is there no one who has information???
-- 
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto

New JSS Version?

2015-07-14 Thread Opa114

Hi,

when will be a new release of JSS come out? The last Version is very old and 
did not support some features of latest NSS, which are very important for me. 
And the JSS should be improved, because some methods are very bad or not 
implemented.

Any information?
-- 
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto

Re: How is it possible to instantiate multiple instances of CryptoManager in Java (JSS)?

2015-06-24 Thread Opa114

now i got the CloseDBs Code working and it will close the Database. But i could 
not create a second or third instance of CryptoManager again. Is this possible??
-- 
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto

How do I convert org.mozilla.jss.pkix.cert to org.mozilla.jss.crypto.X509Certificate?

2015-06-20 Thread Opa114

Just a simple question: How do I convert org.mozilla.jss.pkix.cert to 
org.mozilla.jss.crypto.X509Certificate?

I haveseen that there is a small notice on official JSS FAQ which says i should 
use: Cryptomanager.importCertPackage()

But this method did not work. I got NoSuchItemException, because the if did not 
found a matching private Key. But it has to work without a private key.

So is there another way? I need tis because all my Certificates are in 
java.security.X509Certificate and i have to convert it to 
org.mozilla.jss.crypto.X509Certificate because some JSS functions work only 
with this type of Certificate.

Thanks!
-- 
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto

Re: [ANNOUNCE] NSS 3.19.2 Release

2015-06-20 Thread Opa114

Am Samstag, 20. Juni 2015 04:04:34 UTC+2 schrieb Ryan Sleevi:
The NSS Development Team announces the release of NSS 3.19.2

Network Security Services (NSS) is a patch release for NSS 3.19.

No new functionality is introduced in this release. This release addresses
a backwards compatibility issue with the NSS 3.19.1 release.

Notable Changes:
* In NSS 3.19.1, the minimum key sizes that the freebl cryptographic
implementation (part of the softoken cryptographic module used by default
by NSS) was willing to generate or use was increased - for RSA keys, to
512 bits, and for DH keys, 1023 bits. This was done as part of a security
fix for Bug 1138554 / CVE-2015-4000. Applications that requested or
attempted to use keys smaller then the minimum size would fail. However,
this change in behaviour unintentionally broke existing NSS applications
that need to generate or use such keys, via APIs such as
SECKEY_CreateRSAPrivateKey or SECKEY_CreateDHPrivateKey.

In NSS 3.19.2, this change in freebl behaviour has been reverted. The fix
for Bug 1138554 has been moved to libssl, and will now only affect the
minimum keystrengths used in SSL/TLS.

The full release notes are available at
https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.19.2_release_notes

In addition to this release, the release notes for NSS 3.19 and NSS 3.19.1
have been updated to highlight that both releases contain important
security fixes - CVE-2015-2721 in NSS 3.19, CVE-2015-4000 in NSS 3.19.1.

The updated release notes for NSS 3.19 are available at
https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.19_release_notes

The updated release notes for NSS 3.19.1 are available at
https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.19.1_release_notes

The HG tag for NSS 3.19.2 is NSS_3_19_2_RTM. NSS 3.19.2 requires NSPR
4.10.8 or newer.

NSS 3.19.2 source distributions are available on ftp.mozilla.org for
secure HTTPS download:
https://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_3_19_2_RTM/src/

A complete list of all bugs resolved in this release can be obtained at
https://bugzilla.mozilla.org/buglist.cgi?resolution=FIXEDclassification=Componentsquery_format=advancedproduct=NSStarget_milestone=3.19.2

very nice. But can you tell me, when JSS will be optimized and ported to a
newer version of NSS? JSS is at the moment not usable :(
--
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto

Re: importing leaf cert into NSS db via JSS

2015-06-20 Thread Opa114

how can i call the method: importCertPackageNative()? i got method not visible 
error :(
-- 
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto

Re: JSS - Open Multiple Truststores

2015-06-08 Thread Opa114

Am Montag, 23. April 2007 21:35:57 UTC+2 schrieb Glen Beasley:
 Dennis Sinelnikov wrote:
  Hello,
 
  Is there a way to open more than 1 NSS truststore using JSS? 
  Specifically, within the same lifecycle of the java application.

 
 At this time no.  The database NSS currently uses, can't be used by 
 multiple processes.
 
 The multiaccess database feature is planned but is not expected until 
 NSS 3.13. Once
 implemented JSS would then be able to use this feature.
 
 http://wiki.mozilla.org/NSS:Roadmap#SQLite-Based_Multiaccess_Certificate_and_Key_Databases
 
 
 -glen

when did JSS support this? i need this feature :) would be very helpful and a 
great gesture if some of the JSS / NSS developer could give me a feedback and 
infos about this. Thanks!
-- 
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto

Re: How is it possible to instantiate multiple instances of CryptoManager in Java (JSS)?

2015-06-01 Thread Opa114

i found a little bit of code and answers 
(https://bugzilla.mozilla.org/show_bug.cgi?id=378615), but did not work. get 
the alreadyInitializedException, too
-- 
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto

Build JSS on Windows Error

2015-06-01 Thread Opa114

Hi,

i tried to build the latest version of JSS on windows. but it did not work like 
the description here: 
https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/JSS/Build_instructions_for_JSS_4.3.x

i get the error: JavaBuild Error 2 when it tries to build the jss.jar.

but this file file i could download compiled from the mozilla ftp server, i 
only need the *.dll file. so how could i only compile the dll or coul i not 
compile this file alone? or has someone the jss4.dll for 32Bit in latest 
version 4.3.1?

Or has someone a detailed and working solution on how to build JSS fully on 
windows (windows 8)?

thanks.
-- 
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto

How is it possible to instantiate multiple instances of CryptoManager in Java (JSS)?

2015-05-30 Thread Opa114

Hi,

i know how ot create a new Instance of CryptoManager in Java and it all works 
fine. But i want to access the Firefox and Thunderbird Key-/Certstore 
simultaneously. So i have two classes for my two applications and when i create 
new Objects of them i got the Exception that the Cryptomanager is already 
initialized: org.mozilla.jss.crypto.AlreadyInitializedException.

i searched a lot on the internet and on JSS documents, but did not found a 
solution for this. 

So is there a way to create multiple instance of CryptoManager? Or is there a 
way to close a CryptoManager? Or can NSS handle this? if yes, so i could maybe 
try to call the native C-Functions in Java which is not the problem.

Thanks!
-- 
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto

creating a java.security.cert.X509Certificate form PK11InternalTokenCert - public key export??

2015-05-07 Thread Opa114

Hi,

when i convert the PK11InternalTokenCert to a java X509Certificate and then i 
print out the certificate the public key is in this certificate as a: 
org.mozilla.jss.pkcs11.PK11RSAPublicKey@17050dc, but i want it thee i clear 
text and normal. How can i do this an my conversation?

i did it this way:

CryptoManager.initialize(profileFolder);
CryptoManager cm = CryptoManager.getInstance();

X509Certificate[] certs = cm.getPermCerts();
PK11InternalTokenCert cert = (PK11InternalTokenCert) certs[0];

CertificateFactory certFactory = CertificateFactory.getInstance(X.509);

java.security.cert.X509Certificate certificate = 
((java.security.cert.X509Certificate) certFactory.generateCertificate(new 
ByteArrayInputStream(certs[0].getEncoded(;

System.out.println(certificate);
-- 
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto

Re: Problem with importing Certificate into Firefox Keystore with JSS - Cast problem

2015-03-10 Thread Opa114

no one there who could help me to Cast from  java.security.cert.X509Certificate 
to org.mozilla.jss.crypto.X509Certificate ?
-- 
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto

Problem with importing Certificate into Firefox Keystore with JSS - Cast problem

2015-02-24 Thread Opa114

Hi there,

i have a little problem.

i want to add a certificate t the Firefox keystore this way:

X509Certificate certificate = (X509Certificate) 
CertificateFactory.getInstance(X.509).generateCertificate(new 
FileInputStream(src//Sohrabi.cer));

cm.importCertToPerm(certificate, testdummystuff);

but i have a problem with the casting of the Certificate. the importCertToPerm 
need a Certificate of Instance: org.mozilla.jss.crypto.X509Certificate but my 
created certificate is of instance: java.security.cert.X509Certificate.

When i try to cast it to the mozilla.jss.crypto.X509Certificate i get an error 
that this cast is not possible. so i need a little help from you..

thanks!
-- 
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto

Re: Get only personal certificates

2015-01-19 Thread Opa114

i have the same question. i tried it withthe code from your post above. but it 
returns on every check false.

Jss has only implemented the function getCACerts() which lists all CA-Certs and 
getPermCerts() which lists all CA-Certs and the personal certs.

but i want to read out every single tab (look at my attached screenshot: 
http://imgur.com/5VtcEpJ). or if this is not possible in any way i want an 
option to select onlythe personal certificates from the return of 
getPermCerts().

thanks for help.
-- 
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto

Mozilla-JSS not found

2015-01-17 Thread Opa114

Hi,

i tried this example Code from JSS 
(http://mxr.mozilla.org/security/source/security/jss/org/mozilla/jss/tests/KeyStoreTest.java).

When i run the Code i getthe following error:

java.security.KeyStoreException: Mozilla-JSS not found
Caused by: java.security.NoSuchAlgorithmException: Mozilla-JSS KeyStore not 
available

But when i output the provders the Mozilla-JSS is listed as frist element. so 
where is the problem?

thanks
-- 
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto

45 matches

Mail list logo