I think this is the right place for this topic because:
1. When you ask "Can I sign something with Mozilla?" the answer is usually 'not quite'. This is due to bug 29152 still not fixed althogh it has a patch (for an anciant mozilla branch).
2. When the answer to the above question is "YES" it is either for S/MIME with mozilla mail, or YES using SECCLAB component (which is just a wrapper for already existing mozilla code - to expose it to JavaScript), or YES with the WAMCOM build and crypto.signText .
I myself maybe stupid but looking for a way to verify signatures created by Mozilla code (yet exposoed to JavaScript via SECCLAB) i looked at the secclab sources. It doesn't contain anything special - just calls to e.g. nsICMSMessage... etc. So the code we had already written to verify other signatures (created with MS IE and MS CAPICOM (MS CryptoAPI) was using Bouncy Castle's JCE Crypto provider (because it's pure java) had problems parsing the PKCS7 (or CMS - I am now totally confused by this stanards and RFCs) signature generated by this Mozilla code. Finally this is why standards are established to ensure cross platform portability of data. And it seems that MS Crypto API produces different PKCS7 signature than Mozilla.
So, we posted questions to this newsgroup trying to at least determine what standard are the digital signatures generated by mozilla adhering to, and also looking for some general guidence on the matter.
If you know a better place for such kind of share it with us.
I see lots of people trying to do strange things with mozilla crypto (e.g. signing something with JSS used in an applet, which in order to work with cert7.db requires UniversalXPConnect priviledge).
I think that nowadays signing some text, or even a file in HTML forms (or XML forms) should be a function native to the browser.
This is why I beleive this is right place for such discussions here.
Finally in one of the earlier posts here we included a complete sample which solves our problem (a page which signs some text, and Java code to verify the signature on the server side). Maybe whenever crypto.signText is reimplemented again in Mozilla we'll update the sample to include this component.
Regards, Mihail Daskalov
Nelson Bolyard wrote:
Luis Fernando Pardo wrote:
Secclab generates a CMS message not a PKCS7. I do not know if Bouncy Castle has a method to verify CMS messages.
This message and thread are off-topic for this news group.
secclab is a mozdev project, not a mozilla project. It does not make use of any of the crypto in mozilla, AFAIK.
The place to discuss secclab AFAIK is news://news.mozdev.org:119/public.mozdev.secclab
It will ask you for an account name and password. You can find that information at http://www.mozdev.org/mailing-lists.html
Of course, since mozilla already generates/accepts CMS messages, one might ask why you're not using the code already in mozilla.
_______________________________________________ mozilla-crypto mailing list [EMAIL PROTECTED] http://mail.mozilla.org/listinfo/mozilla-crypto
