On 06/24/2016 06:29 PM, Andrew Cagney wrote:
Hi, according to the NSS documentation, the functions for getting
CKAIDs are deprecated vis:
/**
* New functions which are already deprecated
**/
SECItem *
PK11_GetLowLevelKeyIDForCert(PK11SlotInfo *slot,
CERTCertificate *cert, void *pwarg);
SECItem *
PK11_GetLowLevelKeyIDForPrivateKey(SECKEYPrivateKey *key);
I'm just wondering what I should be using instead?
What are you after? They are deprecated mostly because they provide
access to low level PKCS #11 values.
If you are after the actual PKCS #11 CKA_ID attribute then you could use:
PK11_ReadRawAttribute() for the key. Unfortunately useing
PK11_ReadRawAttribute() for cert doesn't work yet, but could be added.
bob
Andrew
PS: What does CKA actually stand for :-)
CryptoKi Attribute All PKCS #11 attributes start with CKA_ .
smime.p7s
Description: S/MIME Cryptographic Signature
--
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto