Hi again,
On Wednesday, November 14, 2012 07:29:30 PM Kai Engert wrote:
> I haven't worked on the lowlevel code myself yet, so I'm not sure how
> exactly it works.
>
> But I just had a look at PSM code nsSDR.cpp, and I'm learning that
> "secret decoder ring" appears to be a functionality provide
Hi,
> In general, bare keys are not very useful in NSS. Keys are generated
> with certificates.
>
> Unfortunately TB doesn't have a very good way to get certificates
> itself. The easiest thing is to get a certificate using Firefox and
> export it to a .pk12 file, then import it with thunderbird.
On 11/14/2012 11:33 AM, Gustavo Homem wrote:
Hi,
There is another NSS tool named "sdrtest". Maybe that tool can help
you?
After preparing a fresh database, I ran:
sdrtest -t foo -d /tmp/sdr/ -o /tmp/bar
Afterwards symkeyutil listed a key, I'd hope that key has the correct
type, could you test
Hi,
> There is another NSS tool named "sdrtest". Maybe that tool can help
> you?
>
> After preparing a fresh database, I ran:
> sdrtest -t foo -d /tmp/sdr/ -o /tmp/bar
>
> Afterwards symkeyutil listed a key, I'd hope that key has the correct
> type, could you test?
It *does* work and doesn't ne
I haven't worked on the lowlevel code myself yet, so I'm not sure how
exactly it works.
But I just had a look at PSM code nsSDR.cpp, and I'm learning that
"secret decoder ring" appears to be a functionality provided by NSS,
because I see functions with prefix PK11SDR
There is another NSS tool nam
Hi Kai,
Here goes some feedback from symkeytuil.
> Use "symkeyutil -d directory -L" to see a list of keys contained in a
> NSS DB.
>
> -H for help
>
> -K to generate a new key. Look at the Mozilla and the list output to
> deduce what parameters you need.
>
1) Test with a key3.db initialized b
> On Wed, 2012-11-14 at 15:15 +, Gustavo Homem wrote:
> > So I need to find out how to call libnss se actually generate a key
> > for key3.db. But I'm half amazed that it isn't possible via
> > certutil or other CLI interface.
>
> We'll see, maybe it is, but first we need to identify exactly
On Wed, 2012-11-14 at 15:15 +, Gustavo Homem wrote:
> So I need to find out how to call libnss se actually generate a key for
> key3.db. But I'm half amazed that it isn't possible via certutil or other CLI
> interface.
We'll see, maybe it is, but first we need to identify exactly what you
w
Hello Kai,
Thanks a lot for your answer. I think I might not have been clear enough.
Please see below.
>
> this simply prepares an empty database that you need for future
> operations.
Right.
>
> > However this initalization does not add to this file a private key
> > to encrypt the usernames
On Wed, 2012-11-14 at 14:21 +, Gustavo Homem wrote:
> Hi,
>
> I am able to progamatically create key3.db from a script, using
>
> certutil -N -d ...
Hi Gustavo,
this simply prepares an empty database that you need for future
operations.
> However this initalization does not add to this fi
Hi,
I am able to progamatically create key3.db from a script, using
certutil -N -d ...
However this initalization does not add to this file a private key to encrypt
the usernames and passwords that will be present on signons.sqlite. I confirmed
this by comparing the output of db_dump185 on two
11 matches
Mail list logo