NSS Shared DB: Difference between revisions

Jump to navigation Jump to search

NSS Shared DB (view source)

Revision as of 17:46, 8 August 2007

200 bytes removed ,  8 August 2007
→‎Special coding for MACed entries
Line 269: Line 269:
attribute data is cleared and CKR_SIGNATURE_INVALID is returned.
attribute data is cleared and CKR_SIGNATURE_INVALID is returned.


Integrity checks are PBMAC1 data structures defined in pkcs5. Since pkcs5 v1
MACS are PBMAC1 data structures defined in pkcs5 2.0. Since pkcs5 v1
had not integrity checks and pkcs12 has not definition for storing purely mac
does not have integrity checks and pkcs12 has not definition for storing  
data,the shared DB integrity checks uses pkcs5 v2 to store that pbe and mac
purely mac data,the shared DB integrity checks uses pkcs5 v2 to store that  
data. This patch turns on pkcs5 v2 as a result. The PBMAC1 is using SHA256 for
pbe and mac data.
a MAC operation. The hmac data is formed by taking an hmac over the objectId,
attribute type, and data value of the attribute.


===== Database coherency issues =====
===== Database coherency issues =====
Relyea
439

edits

Retrieved from "https://wiki.mozilla.org/Special:MobileDiff/64931"

Navigation menu