Re: Announcing Mozilla::PKIX, a New Certificate Verification Library
Since updating to 31, I have not been able to log into a self signed web page: Secure Connection Failed An error occurred during a connection to taiserver:444. Certificate key usage inadequate for attempted operation. (Error code: sec_error_inadequate_key_usage) How do I get this corrected? Mike -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
Adding local cryptographic algorithms to NSS library.
I want to add support of local cryptography algorithm into firefox. And I want to ask some questions: 1) I must modify only NSS module, or some firefox functions/definitions too? 2) Where I can find some manual, how I can add algorithm into NSS and which files I must modify? regards. Andrey. -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
Re: Announcing Mozilla::PKIX, a New Certificate Verification Library
On Tue, Aug 5, 2014 at 9:51 AM, mjle...@gmail.com wrote: Since updating to 31, I have not been able to log into a self signed web page: Secure Connection Failed An error occurred during a connection to taiserver:444. Certificate key usage inadequate for attempted operation. (Error code: sec_error_inadequate_key_usage) How do I get this corrected? Please file a bug at https://bugzilla.mozilla.org/enter_bug.cgi?product=Corecomponent=Security:%20PSM (Product: Core, Component: PSM) and attach the certificate in question to the bug report. Cheers, Brian -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
Re: Adding local cryptographic algorithms to NSS library.
On 08/04/2014 05:43 AM, Andrey Askerko wrote: I want to add support of local cryptography algorithm into firefox. And I want to ask some questions: 1) I must modify only NSS module, or some firefox functions/definitions too? 2) Where I can find some manual, how I can add algorithm into NSS and which files I must modify? regards. Andrey. How do you want to use the cryptographic algorithms? NSS can accept new algorithms through a PKCS #11 module (no need to modify the built-in softoken) dynamically, but we have not put in any features to allow, say, new SSL ciphers without modifying NSS itself. However if you are trying to access the algorithms through the new webcrypto interface, it may be possible to access without modifications. I don't know how the webcrypto interface is implemented in PSM. The big question is how is the webcrypto cipher specification mapped to PKCS #11 mechanism. For access using CMS/Smime, you simply need to dynamically add a new oid, but since you are talking about firefox, I presume you aren't interested in CMS. bob smime.p7s Description: S/MIME Cryptographic Signature -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto