subject:"Re\: Replacement for PK11_GetLowLevelKeyIDForCert etc"

Re: Replacement for PK11_GetLowLevelKeyIDForCert etc

2016-06-27 Thread Robert Relyea


On 06/24/2016 06:29 PM, Andrew Cagney wrote:

Hi, according to the NSS documentation, the functions for getting
CKAIDs are deprecated vis:

/**
  * New functions which are already deprecated
  **/
SECItem *
PK11_GetLowLevelKeyIDForCert(PK11SlotInfo *slot,
 CERTCertificate *cert, void *pwarg);
SECItem *
PK11_GetLowLevelKeyIDForPrivateKey(SECKEYPrivateKey *key);

I'm just wondering what I should be using instead?
What are you after? They are deprecated mostly because they provide 
access to low level PKCS #11 values.

 If you are after the actual PKCS #11 CKA_ID attribute then you could use:

PK11_ReadRawAttribute() for the key. Unfortunately useing 
PK11_ReadRawAttribute() for cert doesn't work yet, but could be added.


bob



Andrew

PS: What does CKA actually stand for :-)

CryptoKi Attribute All PKCS #11 attributes start with CKA_ .




smime.p7s
Description: S/MIME Cryptographic Signature
-- 
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto

Re: Replacement for PK11_GetLowLevelKeyIDForCert etc

2016-06-25 Thread Manuel Dejonghe

On Sat, Jun 25, 2016 at 3:29 AM, Andrew Cagney  wrote:
> PS: What does CKA actually stand for :-)

CryptoKiAttribute ?
-- 
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto

Re: Replacement for PK11_GetLowLevelKeyIDForCert etc

Re: Replacement for PK11_GetLowLevelKeyIDForCert etc

2 matches

Site Navigation

Mail list logo

Footer information