Hello everyone,
We've developed a pkcs#11 module for our smartcard terminal and
smartcard application. The smartcard contains 5 certificates (and
corresponding private keys), so we implemented 5 slots. We wanted to select
one certificate for signing. Everything worked fine when selecting (and when
siging if the the certificate's subjects were different), BUT when two or
more certificates have exactly the same subject (the CA may be different),
Mozilla is not able to sign with the selected certificate (instead it uses
the first one with the same subject displayed in the selection combo). If we
set the slot names to be identical, it displays only one certificate (from
the ones with the identical subject).
We've imported two certificates with same subject in the Mozilla
Software security device. They both appear in the Certificate Manager, but
when trying to select one of them for the digital signature, we've observed
that only one appears. At this point it seems to be a Mozilla issue. Does
anyone know how to override this ? Or if it's a Mozilla issue, when (or if)
it will be fixed ?
We've tested with Mozilla 1.6 , 1.7 (releases) and Netscape 7.1, and the
functionality is identical.
We even declared the slots as software slots (we normally set the flag
CKF_HW_SLOT), in order to observe all the calls that Mozilla normally makes.
At some point Mozilla searches (C_findObjects) a certificate by using only
the subject (which we know it's not unique), so it seems that our problem is
related to this kind of search (it will be more convenient if the find will
search by an unique atribute (like ca&serial number) instead of subject).
Thanks,
Ionut
_______________________________________________
mozilla-crypto mailing list
[EMAIL PROTECTED]
http://mail.mozilla.org/listinfo/mozilla-crypto
