just not understand the RFC definition of a CSR?
Thanks,
John
--
John Dennis jden...@redhat.com
Looking to carve out IT costs?
www.redhat.com/carveoutcosts/
--
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
think of a mechanism that couldn't be
compromised and/or wouldn't require user intervention. Anybody else have
better ideas?
--
John Dennis jden...@redhat.com
Looking to carve out IT costs?
www.redhat.com/carveoutcosts/
--
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https
this
gdb command (or put it in a .gdbinit file):
set breakpoint pending on
You should break in the debugger with full source code when an error is
set, you can then look around to see why.
--
John Dennis jden...@redhat.com
Looking to carve out IT costs?
www.redhat.com/carveoutcosts/
--
dev-tech
!
John
--
John Dennis jden...@redhat.com
Looking to carve out IT costs?
www.redhat.com/carveoutcosts/
--
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
building blocks to produce a comprehensive solution to
some cryptographic problem.
HTH,
John
--
John Dennis jden...@redhat.com
Looking to carve out IT costs?
www.redhat.com/carveoutcosts/
--
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech
data with AES cbc or ecb, i found nothing about that
if you have any idea, please post it here
Have a look at:
PK11_ImportSymKey
PK11_CreateContextBySymKey
PK11_CipherOp
PK11_DigestFinal
--
John Dennis jden...@redhat.com
Looking to carve out IT costs?
www.redhat.com/carveoutcosts/
--
dev-tech
how to do this:
http://www.mozilla.org/projects/security/pki/nss/tech-notes/tn5.html
http://www.mozilla.org/projects/security/pki/nss/sample-code/sample2.html
--
John Dennis jden...@redhat.com
Looking to carve out IT costs?
www.redhat.com/carveoutcosts/
--
dev-tech-crypto mailing list
dev-tech
is written in C. The source can be obtained here:
ftp://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/
--
John Dennis jden...@redhat.com
Looking to carve out IT costs?
www.redhat.com/carveoutcosts/
--
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org
that helps and gets you started,
John
--
John Dennis jden...@redhat.com
Looking to carve out IT costs?
www.redhat.com/carveoutcosts/
--
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
behind the
official version we haven't yet pushed these fixes upstream, another
problem which we need to rectify.
--
John Dennis jden...@redhat.com
Looking to carve out IT costs?
www.redhat.com/carveoutcosts/
--
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https
On 08/09/2011 04:10 AM, florent ainardi wrote:
i have a little problem when i try to compil my program
nss and nspr are installed on my system
when i launch gcc with the following syntax
gcc -g test.c -otest -I/usr/include/nss -I/usr/include/nspr
i have the following error
of the clear downsides of using private
versions of NSS independent of the global system environment. Would
truly like to avoid that experience again.
--
John Dennis jden...@redhat.com
Looking to carve out IT costs?
www.redhat.com/carveoutcosts/
--
dev-tech-crypto mailing list
dev-tech-crypto
bogus error code from the dim past (because errors are never
cleared).
Filed bug as: https://bugzilla.mozilla.org/show_bug.cgi?id=816488
--
John Dennis jden...@redhat.com
Looking to carve out IT costs?
www.redhat.com/carveoutcosts/
--
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
the foresight to implement
pluggable crypto, and I'm only aware of a handful of those, usually
they've hitched their horse to one implementation.
--
John Dennis jden...@redhat.com
Looking to carve out IT costs?
www.redhat.com/carveoutcosts/
--
dev-tech-crypto mailing list
dev-tech-crypto
On 02/14/2013 03:19 PM, Ryan Sleevi wrote:
On Thu, February 14, 2013 11:55 am, John Dennis wrote:
Surely you're not suggesting that arbitrary web applications be able to
use JavaScript to swap out the crypto library used by the browser?
Absolutely not from JavaScript. But as a browser
On 06/20/2013 01:20 PM, Johan Dahlin wrote:
[Sorry if this appears twice, the first copy got stuck in the moderation
queue]
I'm investigating the use of smart card readers for my application[1],
which is also free software.
As part of the brazilian eletronic legislation I need to be able
On 07/31/2013 09:47 AM, Rajesh Kareti wrote:
Hi,
I need some help in setting up the NSS Cryptographic module for doing
Encryption and Decryption. Could any one help me in doing that.
Thanks you,
Raj
Raj, please do not hijack threads, your question has nothing to do with
importing a
I'm trying to debug a validation failure when using
CERT_VerifyCertificate(). The cert being validated is a SSL Server Cert,
it is signed by a root cert. I have confirmed the server cert validates
using CERT_VerifyCertificate() in a stand alone program an the root cert
imported and trusted into an
On 09/19/2014 10:43 AM, Sterling Sahaydak wrote:
I was told by the Chief Architect, OpenLDAP the following:
This has nothing to do with OpenLDAP. Your build is using the MozNSS
crypto library, ask them for help.
So, here is my setup -
I've recently updated both my openldap servers
On 10/21/2014 09:02 PM, Julien Vehent wrote:
NSS is very rarely used in servers.
Not true. Red Hat ships many products with NSS server configurations.
--
John
--
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
On 12/16/2014 02:59 AM, D. Hugh Redelmeier wrote:
I'm sure that this is a dumb / naive set of questions. Just the sort
of thing that should be met with the response Read The Fine Manual.
Could you point me towards it?
Thanks.
Current NSS documentation can be found here:
On 01/14/2015 02:59 PM, Robert Daniels wrote:
John,
Some additional observations.
If I debug with a breakpoint over the password callback, it's never
called when invoking pkcs12_export, however it is invoked when
calling find_key_by_any_cert.
Hmmm ... that seems odd. It's NSS that
On 01/15/2015 02:35 PM, Robert Daniels wrote:
Ok, I tested this on the latest 0.16 and it works.
Thanks again for the help.
Fabulous, thanks for the feedback.
--
John
--
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
On 01/14/2015 09:58 AM, Robert Daniels wrote:
Trying as you suggested today, but ran into some other thing which is
puzzling.
When I call cert = find_cert_from_nickname(nn, pwd) I successfully pull the
server cert.
I then call find_key_by_any_cert(cert, certpassword) I get an object back
On 01/15/2015 07:50 AM, Robert Daniels wrote:
We are using python-nss 0.12. I will pull the newest and see if that
fixes the problem.
Current version is 0.16.0.
Not sure where you're pulling it from, the Mozilla site
On 01/09/2015 08:07 AM, Roger Dunn wrote:
I need to enumerate the certs in my local store, and in my testing,
only user certs can be enumerated using the get_cert_nicknames api.
It also appears to be the only exposed api for listing certs in the
db. I'm using the ver 0.12 version of
On 01/13/2015 09:58 AM, Robert Daniels wrote:
I also need to serialize private keys in the same fashion. Any hints greatly
appreciated.
By design NSS prohibits access to private keys therefore you cannot
serialize private keys.
However, you can export a cert/key pair in PKCS12 format. See
On 01/12/2015 08:50 AM, robertdaniels2...@gmail.com wrote:
I'm loading certs via python-nss, and need to serialize the format as
x509 PEM output. I'm using a mix of python-nss and openssl.
crypto.dump_certificate does not take a nss.Certificate parameter, so
looking for what is the best
FYI
Forwarded Message
Subject:[members] The PKCS 11 OASIS Standards are published
Date: Tue, 21 Apr 2015 12:30:56 -0400
From: Chet Ensign chet.ens...@oasis-open.org
To: tc-annou...@lists.oasis-open.org, memb...@lists.oasis-open.org,
pkc...@lists.oasis-open.org
On 08/05/2015 02:37 PM, Opa114 wrote:
Am Dienstag, 14. Juli 2015 14:45:20 UTC+2 schrieb Opa114:
Hi,
when will be a new release of JSS come out? The last Version is very old and
did not support some features of latest NSS, which are very important for me.
And the JSS should be improved,
On 11/10/2015 04:38 PM, Opa114 wrote:
Hi,
can someone explain me how i use NSS and NSPR in my C++ Project? I'm
new to C++ and want use in project the NSS libraries, so i thought i
could include the header files i need, but did not work, so what's
the right way?
2 things:
When you ask a
On 10/30/2015 06:23 AM, JBarry wrote:
Good Morning,
I'll apologize in advance if this question has already been asked/answered
(I did look and found nothing that helped me out) or if the question seems
trivial. I am a college intern currently working with NSS for the first
time, so please
On 10/30/2015 10:05 AM, John Dennis wrote:
On 10/30/2015 06:23 AM, JBarry wrote:
Good Morning,
I'll apologize in advance if this question has already been
asked/answered
(I did look and found nothing that helped me out) or if the question
seems
trivial. I am a college intern currently working
One of the problems I have with the argument Ryan presents concerning
API contracts and breakage is that "API contract" Ryan talks about is to
the best of my knowledge undocumented, it's a API "convention" observed
by a select group of developers "in the know". I don't see anything
about a
On 03/17/2016 10:52 AM, Ryan Sleevi wrote:
On a technical front, Chrome and Firefox, as browsers, have been
removing support for the notion of generic URIs, and investing in
aligning on the URL spec - that is, making a conscious decision NOT
to use URIs as URIs.
Could you clarify this
On 02/23/2017 11:04 AM, Paul Wouters wrote:
Hi,
I'm looking at the best way to get a list of SubjectAltNames of a
CERTCertificate.
Anyone have a pointer (haha) for me ?
CERT_DecodeAltNameExtension
See secu_PrintAltNameExtension() in cmd/lib/secutil.c or
cert_VerifySubjectAltName() in
On 02/23/2017 09:00 AM, Miklos Vajna wrote:
Hi,
[ I ran into this problem as a follow-up of the previous ECDSA question
I asked earlier, but I assume this problem is independent. ]
I'm trying to use CERT_AsciiToName() to get the DER-encoded equivalent
of a string from an XML signature. The
On 02/23/2017 11:14 AM, John Dennis wrote:
On 02/23/2017 11:04 AM, Paul Wouters wrote:
Hi,
I'm looking at the best way to get a list of SubjectAltNames of a
CERTCertificate.
Anyone have a pointer (haha) for me ?
CERT_DecodeAltNameExtension
See secu_PrintAltNameExtension() in cmd/lib
Argh ... looks like the mailing list scrubbed 2 of my attachments.
Here is the python code (not as an attachment), hope the mailer does not
mangle it.
import sys
import nss.nss as nss
from nss.error import NSPRError
# Perform basic configuration and setup
nss.nss_init_nodb()
# Get the cert
On 01/11/2017 03:21 AM, Opa114 wrote:
Am Mittwoch, 11. Januar 2017 00:45:45 UTC+1 schrieb Robert Relyea:
On 01/10/2017 02:07 PM, Opa114 wrote:
Am Dienstag, 10. Januar 2017 22:24:10 UTC+1 schrieb Robert Relyea:
On 01/10/2017 10:18 AM, Opa114 wrote:
thanks, but these facts i know.
I don't want
On 03/18/2017 02:36 AM, arequip...@gmail.com wrote:
I am trying to create a simple program that does some basic
management of an NSS database (add/update/remove) certificates, and
I'm having a terrible time finding documentation for even basic
stuff. (E.g. how do I iterate through a
41 matches
Mail list logo