Vivek,
Vivek Kumar wrote:
Hi,
I am currently working with a PKCS#11 library, have modified it to
support generation of public keys on the token.
When i try to delete the certificate from Mozilla
(Options->Advanced->Manage certificates), C_DestroyObject is getting
called only for the certificate and the private key objects and never
for the public key.
I wanted to know whether it is normal behaviour for the browser and my
library should go about deleting the public key?
If yes, could some one please tell me as to what would be the ideal
situtation to delete the public key, should I handle it during deletion
of the certificate object OR private key object OR not at all and leave
the public key as is on the token?
Regards,
Vivek Kumar
Mozilla/NSS creates a temporary session object for the public key from
the content of the certificate, usually in its internal module. Thus it
isn't aware that you have a public key object at all. Per the PKCS#11
spec you should leave the public key object alone in your token. If you
are only going to use the token with mozilla, you might as well not
create a public key object in the first place.
_______________________________________________
dev-tech-crypto mailing list
[email protected]
https://lists.mozilla.org/listinfo/dev-tech-crypto
