Ian Harvey wrote:
>
>
> Also, I found an old post in the ssl-users archive from Tom Weinstein at
> Netscape to the effect that "We change the .db format so often we don't want
> to document it, but we'll provide a key export utility". I've never found
> such a thing in NES 3.x - does this actually exist?
>
I don't know of any such thing unless its the NSS stuff which is US
only.
There is probably another reason why it isn't documented: this would be
against US crypto law!
> Has anyone already decoded the format, or is working on it? If not, I'm
> going to have to start taking the code to bits...
>
Yes I have decoded the format but I haven't got round to documenting it
yet. The key database format of those versions I've tested is similar to
Communicator 4.0 except it used 128 bit RC4 and a different key
derivation algorithm.
The certificate database is a less elaborate version of the Communicator
4.0 version.
Steve.
--
Dr Stephen N. Henson. http://www.drh-consultancy.demon.co.uk/
Personal Email: [EMAIL PROTECTED]
Senior crypto engineer, Celo Communications: http://www.celocom.com/
Core developer of the OpenSSL project: http://www.openssl.org/
Business Email: [EMAIL PROTECTED] PGP key: via homepage.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
