On Tue, Oct 7, 2014 at 10:02 AM, Sean Leonard <dev+mozi...@seantek.com> wrote:
> Thanks, but the need is to change the nickname. It is displayed in Mozilla > apps for various purposes. The nickname is also known as the "friendly > name" on other platforms (e.g., MS CryptoAPI) and in other standards (e.g., > PKCS #9). > > The nickname is the CKA_LABEL (0x00000003) attribute. That is exactly what > NSS maps it to (see the implementation of PK11_SetObjectNickname), and for > good reason. See pkcs11t.h and PKCS #11 v2.20 Section 10.4. Note that > CKA_LABEL is defined as a UTF-8 encoded string. > Oh, I see. Then you could use C_G/SetAttributeValue with CKA_LABEL, isnt it? > Sean > > On 10/7/2014 12:38 AM, helpcrypto helpcrypto wrote: > >> IIRC, nicknames aren't part of PKCS#11 standard, so i would suggest >> instead >> using CKA_ID (hash of public key; certificate, public and private keys >> have >> the same) >> >> On Tue, Oct 7, 2014 at 9:15 AM, Sean Leonard <dev+mozi...@seantek.com> >> wrote: >> >> Hi Mozilla/Firefox crypto people: >>> >>> In Firefox 33 (and generally Mozilla toolkit apps, including Thunderbird) >>> on Windows, it appears that nss3.dll is folded and only a subset of >>> functions are exposed. See <http://mxr.mozilla.org/ >>> mozilla-beta/source/security/build/nss.def>. >>> >>> Among the functions that are not exported are PK11_SetPublicKeyNickname >>> and PK11_SetPrivateKeyNickname. Removal of these functions causes >>> significant hardship for our code, because those are the only >>> abstraction-safe ways to do those things. Internally they call >>> PK11_SetObjectNickname but PK11_SetObjectNickname has not historically >>> been >>> exported. Worse, these functions are still exported on Mac OS X and Linux >>> builds; it is rather crazy that there are basic functions that one can do >>> on some platforms but not all. >>> >>> I have managed to cobble together a solution together for Windows, but it >>> involves having knowledge of the layout of PK11SlotInfoStr (to get things >>> like the slot and session variables) which has not been considered >>> "public": it is in secmodti.h. >>> >>> Can these two functions please be added back to >>> mozilla/security/build/nss. >>> def? >>> >>> Thank you, >>> >>> Sean >>> -- >>> dev-tech-crypto mailing list >>> dev-tech-crypto@lists.mozilla.org >>> https://lists.mozilla.org/listinfo/dev-tech-crypto >>> >>> > -- > dev-tech-crypto mailing list > dev-tech-crypto@lists.mozilla.org > https://lists.mozilla.org/listinfo/dev-tech-crypto > -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
