Take into account that this method (at least in jss3) won't return null on the
absence of a private key for a given certificate but it will throw an
exception, so you have to handle exceptions as program logic, something like
...
List certificatesWithMatchingPrivKey = ...;
try {
Today I have realized that a buggy PKCS#11 module for a cryptographic token I'm
working with is returning a wrong private key for a given certificate, thus
when calling org.mozilla.jss.CryptoManager#findPrivKeyByCert for 'cert 1' the
private key for 'cert 2' is returned, then my software
If you take a look at the source code for
org.mozilla.jss.provider.java.security.JSSSignatureSpi
you can see how does JSS use private key for signing, basically:
CryptoToken owningToken = privKeyByCert.getOwningToken();
Signature signatureContext =
the signature
and make the execution fail. Although I'm thinking about the performance issues
that this could bring.
On Wednesday, April 10, 2013 9:45:27 PM UTC-5, Jaime Hablutzel Egoavil wrote:
Today I have realized that a buggy PKCS#11 module for a cryptographic token
I'm working with is returning
Hi, I have a hardware token accesible via PKCS#11 which is storing private
keys and certificate like this :
certificate A, CKA_ID: 1234
certificate B, CKA_ID: 1234
priv key for certificate A, CKA_ID: 1234
priv key for certificate B, CKA_ID: 1234
Well, then I get 'certificate A' and
call
timeframe for fixing them. Meanwhile, the
org.mozilla.jss.crypto.CryptoStore class can be used for some of this
functionality.
On Fri, Apr 12, 2013 at 4:54 AM, helpcrypto helpcrypto helpcry...@gmail.com
wrote:
On Thu, Apr 11, 2013 at 11:59 PM, Jaime Hablutzel Egoavil
hablutz
...@gmail.com wrote:
On Fri, Apr 12, 2013 at 7:33 PM, Jaime Hablutzel Egoavil
hablutz...@gmail.com wrote:
Thanks for your answer, but does the Keystore implementation support
hardware tokens like smart card??,
It does, if you have a pkcs#11 library for your card.
https
use JSS, you can
easily get lists of modules and tokens that are configured in the NSS DB
and freely access all of it.
On Fri, Apr 19, 2013 at 8:57 AM, helpcrypto helpcrypto helpcry...@gmail.com
wrote:
On Tue, Apr 16, 2013 at 7:27 PM, Jaime Hablutzel Egoavil
hablutz...@gmail.com wrote
8 matches
Mail list logo