On 06/24/2016 06:29 PM, Andrew Cagney wrote:
Hi, according to the NSS documentation, the functions for getting
CKAIDs are deprecated vis:

/**********************************************************************
  * New functions which are already deprecated....
  **********************************************************************/
SECItem *
PK11_GetLowLevelKeyIDForCert(PK11SlotInfo *slot,
                                         CERTCertificate *cert, void *pwarg);
SECItem *
PK11_GetLowLevelKeyIDForPrivateKey(SECKEYPrivateKey *key);

I'm just wondering what I should be using instead?
What are you after? They are deprecated mostly because they provide access to low level PKCS #11 values.
 If you are after the actual PKCS #11 CKA_ID attribute then you could use:

PK11_ReadRawAttribute() for the key. Unfortunately useing PK11_ReadRawAttribute() for cert doesn't work yet, but could be added.

bob


Andrew

PS: What does CKA actually stand for :-)
CryptoKi Attribute All PKCS #11 attributes start with CKA_ .


Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

-- 
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto

Reply via email to